Mailing List Archive

[clamav-users] Clam AV installation with Postfix in RHEL
Hello Team,

Apoteket is using Postfix for email relay and has activated spam assassin. It intends to use Clam AV for virus and malware scanning of emails relayed by Postfix. We have documentation for installation but not on interoperability with Postfix. https://www.clamav.net/documents/installation-on-redhat-and-centos-linux-distributions. Please assist with documentation on how clam AV may be configured to work with Postfix email relay.

Thanks & regards
Anindya Banerjee
Apoteket AB
+91 9836106549
Re: [clamav-users] Clam AV installation with Postfix in RHEL [ In reply to ]
Hi there,

On Mon, 17 May 2021, Anindya Banerjee-konsult wrote:

> Apoteket is using Postfix for email relay and has activated spam
> assassin. It intends to use Clam AV for virus and malware scanning
> of emails relayed by Postfix. We have documentation for installation
> but not on interoperability with Postfix. Please assist with
> documentation on how clam AV may be configured to work with Postfix
> email relay.

Postfix supports the 'milter' interface, so you can use clamd with
clamav-milter to talk directly to Postfix. There should be adequate
documentation for Postfix with your distro and you can find plenty of
documentation for the Postfix milter interface with a search engine.

There is documentation in the 'man' pages for clamav-milter and clamd,
try these for example:

man clamav-milter
man clamav-milter.conf
man clamd
man clamd.conf

See also for example

https://www.clamav.net/documents/configuration#clamav-milter

if you are building ClamAV from the sources.

The milter interface can be a little confusing, but basically the MTA
(Postfix) and the filter (clamav-milter+clamd) talk to each other by
means of a Unix socket or a TCP socket. The choice of which type of
socket depends on your setup. If ClamAV and the MTA are on the same
machine they can use either type of socket, but if you have a separate
machine running clamd (for example to serve more han one MTA) then you
will need to use TCP sockets. To get the MTA and milter to talk to
each other it is necessary to configure them both to use the same type
of socket and the same socket parameters (either the socket name, for
Unix sockets, or the TCP address and port, for TCP sockets). The OS
permissions for Unix sockets must of course allow the communications,
and for TCP sockets you may need to check (a) that those devices which
should have access to the socket have it and (b) that no devices which
should not have access to the socket do. Once you have the sockets
configured for both MTA and ClamAV, and you've started all three (the
clamd daemon, the clamav-milter daemon, and the MTA) then they'll just
chat to each other as they need to. You can configure things like the
database updates (freshclam, another daemon), the scanning parameters,
addition of headers to the scanned mail etc. later on, after you have
made sure the MTA/filter communication is working.

I use Sendmail, not Postfix, but the principles are just the same even
if the configuration files are totally different. I do not, however,
use clamav-milter, I use my own milter. My experience of using clamd
with Sendmail via a milter is that clamd runs very reliably when used
in that way. I find some of the third-party databases very useful for
spam filtering, there are mentions of them in the List archives.

There are alternatives if you are using SpamAssassin. It's quite a
long time since I used SpamAssassin so I don't know the best documents
for you to look at. This should give you some ideas:

https://wiki.debian.org/DebianSpamAssassin

--

73,
Ged.


_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml