LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 05-18-2011, 06:54 AM   #1
KarolisK
LQ Newbie
 
Registered: May 2011
Posts: 12

Rep: Reputation: 0
Postfix+ClamAV+Spamassassin


Postfix was working well ON DEBIAN 6.0.1 untill I didn't make some changes in config file.
I did install a clamAV for my postfix:
Code:
apt-get install clamav clamav-freshclam clamsmtp
ClamAV config file:
Code:
: 
root@karolis:/home/karolis# cat /etc/clamsmtpd.conf 
# ------------------------------------------------------------------------------
#                        SAMPLE CLAMSMTPD CONFIG FILE
# ------------------------------------------------------------------------------
# 
# - Comments are a line that starts with a #
# - All the options are found below with their defaults commented out
# The address to send scanned mail to. 
# This option is required unless TransparentProxy is enabled
OutAddress: 10026
# The maximum number of connection allowed at once.
# Be sure that clamd can also handle this many connections
#MaxConnections: 64
# Amount of time (in seconds) to wait on network IO
#TimeOut: 180
# Address to listen on (defaults to all local addresses on port 10025)
Listen: 127.0.0.1:10025
# The address clamd is listening on
ClamAddress: /var/run/clamav/clamd.ctl
# A header to add to all scanned email
#Header: X-AV-Checked: ClamAV using ClamSMTP
# Directory for temporary files
TempDirectory: /var/spool/clamsmtp
# PidFile: location of PID file
PidFile: /var/run/clamsmtp/clamsmtpd.pid
# Whether or not to bounce email (default is to silently drop)
#Bounce: off
# Whether or not to keep virus files 
#Quarantine: off
# Enable transparent proxy support 
#TransparentProxy: off
# User to run as
User: clamsmtp
# Virus actions: There's an option to run a script every time a 
# virus is found. Read the man page for clamsmtpd.conf for details.
ClamAV does not give any errors and it's working well.
When i wrote a few lines to postfix config file to enable clamAV and it was still working well! But after I wrote a few lines to this config for the reason to enable my spamassassin it gives me an error: Could not connect to mydomain.com Connection refused.
And now i see that postfix is not started
mail.log says:
Code:
May 18 05:30:22 imone postfix/master[2381]: fatal: /etc/postfix/master.cf: line 112: bad transport type: smtp_send_xforward_command=yes

I was following these tutorials to set up clamav and spamassassin, and now postfix server can not start:
http://www.ghacks.net/2009/10/25/add-an ... th-clamav/
http://www.ghacks.net/2009/10/26/stop-s ... massassin/

postifx master.cf config file:
Code:
root@karolis:/home/karolis# cat /etc/postfix/master.cf 
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd -o content_filter=spamassassin
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
   -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix   -   n   n   -   2   pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
# AV scan filter (used by content_filter)
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
# For injecting mail back into postfix from the filter
127.0.0.1:10026 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
spamassassin
unix - n n - - pipe
flags=R
user=spamd
argv=/usr/bin/spamc
-e /usr/sbin/sendmail
-oi -f ${sender} ${recipien
postfix main.cf config:
Code:
root@karolis:/home/karolis# cat /etc/postfix/main.cf 
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = imone.lt
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = imone.lt
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
content_filter = scan:127.0.0.1:10025
receive_override_options = no_address_mapp

spamassassin local.cf config:
Code:
root@karolis:/home/karolis# cat /etc/spamassassin/local.cf 
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
###########################################################################

#   Add *****SPAM***** to the Subject header of spam e-mails
#
rewrite_header Subject *****SPAM*****


#   Save spam messages as a message/rfc822 MIME attachment instead of
#   modifying the original message (0: off, 2: use text/plain instead)
#
report_safe 1


#   Set which networks or hosts are considered 'trusted' by your mail
#   server (i.e. not spammers)
#
# trusted_networks 212.17.35.


#   Set file-locking method (flock is not safe over NFS, but is faster)
#
# lock_method flock


#   Set the threshold at which a message is considered spam (default: 5.0)
#
required_score 3.5


#   Use Bayesian classifier (default: 1)
#
# use_bayes 1


#   Bayesian classifier auto-learning (default: 1)
#
# bayes_auto_learn 1


#   Set headers which may provide inappropriate cues to the Bayesian
#   classifier
#
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status


#   Some shortcircuiting, if the plugin is enabled
# 
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
#   default: strongly-whitelisted mails are *really* whitelisted now, if the
#   shortcircuiting plugin is active, causing early exit to save CPU load.
#   Uncomment to turn this on
#
# shortcircuit USER_IN_WHITELIST       on
# shortcircuit USER_IN_DEF_WHITELIST   on
# shortcircuit USER_IN_ALL_SPAM_TO     on
# shortcircuit SUBJECT_IN_WHITELIST    on

#   the opposite; blacklisted mails can also save CPU
#
# shortcircuit USER_IN_BLACKLIST       on
# shortcircuit USER_IN_BLACKLIST_TO    on
# shortcircuit SUBJECT_IN_BLACKLIST    on

#   if you have taken the time to correctly specify your "trusted_networks",
#   this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED             on

#   and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99                spam
# shortcircuit BAYES_00                ham

endif # Mail::SpamAssassin::Plugin::Shortcircui
Everything was working well untill I did not setup a spamassassin settings in postfix config file, but error talks about clamav settings!
Suggestions?
Thank you so much!

Last edited by KarolisK; 05-18-2011 at 10:19 AM.
 
Old 05-19-2011, 05:39 AM   #2
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
It looks like Postfix doesn't like the command: smtp_send_xforward_command. According to the Postfix documentation (here) the command is valid in Postfix 2.1 or later.

The only thing I see in your main.cf is that your options (-o smtp_send_xforward_command=yes and the following lines) is that they do not start with whitespace. Given that Postfix thinks that smtp_send_xforward_command is being used as a transport type, and not an option, tells me that it isn't seeing the line as a continuation of the transport command on the line above. Consequently, I would try putting a tab or space in front of these and restart Postfix. I am not sure of the syntax of master.cf but I would also recommend double checking that too.
 
Old 05-23-2011, 02:48 PM   #3
KarolisK
LQ Newbie
 
Registered: May 2011
Posts: 12

Original Poster
Rep: Reputation: 0
I removed this one
Code:
-o content_filter=spamassassin
from master.cf config in 11 line and this one
Code:
spamassassin
unix - n n - - pipe
flags=R
user=spamd
argv=/usr/bin/spamc
-e /usr/sbin/sendmail
-oi -f ${sender} ${recipien
from the bottom of this file too.
And I made a white space (with tab) how you said before all -o functions.
Now it works how I want! thanks a lot!
 
Old 05-23-2011, 04:42 PM   #4
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
I am glad that you got it working. If you haven't yet, be sure to test that spamassassin is working by sending a message with the GTUBE string. There will be copies of it either in the spamassassin doc folders or just Google for the term GTUBE. With this string, the message should be flagged with a score of about 1000 and handles accordingly.
 
Old 05-24-2011, 08:58 AM   #5
KarolisK
LQ Newbie
 
Registered: May 2011
Posts: 12

Original Poster
Rep: Reputation: 0
Mail server is working only in my network yet, but how I understand I need to send an mail with GTUBE string which is a:
Code:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
So I send it and spamassassin says that spam detected with 999 points so it's working well?
Thanks!
 
Old 05-24-2011, 12:37 PM   #6
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Yes, that indicates that spamassassin is working and is scanning your mail. For most of your mail, you probably won't even see any SA (spamassassin) headers inserted, so this is a good way to test that it is functioning. There are a couple of parameters that you may need or want to tweak as you gain run time with SA. These are the detect and kill levels which are the score points at which SA will take action: inserting spam headers and rejecting or discarding the message. My advice would be to set the action to discard. This will cause the mail to go to your quarantine directory. You don't want to set it to bounce as this only adds to the spam problem and undoubtedly hits the wrong target. If you set an address for spam admin, you will get notification that messages have been placed in there, which is annoying after a while but good at first. Another option would be to set up a filter in your MUA (thunderbird, evolution, outlook, etc) that puts them in a spam folder when a tag has been added to the headers. You may also want to save spam messages that make it through the filter and then introduce them to SA using the sa learn script to teach it that they are spam.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
postfix (spamassassin+clamav+ amavis) alphatest Linux - Software 2 12-21-2010 09:17 AM
[SOLVED] Postfix/ClamAV/SQLGrey/SpamAssassin boot sequence Mogget Linux - Server 1 03-22-2009 10:19 PM
LXer: ClamAv and Spamassassin on CentOS 5 Postfix LXer Syndicated Linux News 0 01-19-2009 01:41 PM
Help ... Postfix, Spamassassin, MailScanner, ClamAV installation guide adna Slackware - Installation 2 04-04-2008 06:02 AM
postfix + amavisd + clamav + spamassassin problem leiw Linux - Server 2 03-31-2008 06:38 AM


All times are GMT -5. The time now is 11:44 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration