Postfix Email antivirus scanning with ClamAV on Linux

Download the antivirus components:

 yum install clamav-daemon clamav-freshclam clamsmtp

Add the following to the end of your “/etc/postfix/main.cf” file:

 content_filter = scan:[127.0.0.1]:10025

Make your “/etc/clamsmtpd.conf” file look like this:

 OutAddress: localhost:10026
 ClamAddress: /var/run/clamav/clamd.ctl
 User: clamav

Make your “/etc/clamav/clamd.conf” file look like this:

 LogFile /var/log/clamav/clamd.log
 LogTime yes
 PidFile /var/run/clamav/clamd.pid
 LocalSocket /var/run/clamav/clamd.ctl
 User clamav
 AllowSupplementaryGroups yes
 ScanMail yes

At the following to the end of your “/etc/postfix/master.cf” file:

 scan      unix  -       -       n       -       16      smtp
        -o smtp_send_xforward_command=yes
        -o smtp_enforce_tls=no
 127.0.0.1:10026 inet  n -       n       -       16      smtpd
        -o content_filter=
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_helo_restrictions=
        -o smtpd_client_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks_style=host
        -o smtpd_authorized_xforward_hosts=127.0.0.0/8

Restart Postfix and Clam and you should now be able to test it with the test (harmless) virus found here. The test virus can be downloaded and used for testing by adding the virus as an attachment to your email.

 /etc/init.d/clamav-daemon restart
 /etc/init.d/clamsmtp restart
 /etc/init.d/postfix restart

Don’t forget to occasionally update your virus definitions with the following command. Perhaps add it to your crontab:

 freshclam

Leave a Reply

Your email address will not be published.

*