How to Install Spamassasin, ClamAV, Amavis on Ubuntu / Debian Squeeze

The purpose of this installation is to filter spam email and virus on Postfix mail agent. Here I already installed Postfix in the server, because it is included in EHCP installation.

1. Install the packages

$ sudo apt-get install amavisd-new spamassassin clamav-daemon

2. Install the optional packages for better spam detection

$ sudo apt-get install libnet-dns-perl libmail-spf-perl pyzor razor

libmail-spf-query-perl package is not available in Debian, therefore I change to libmail-spf-perl.

3. Install these optional packages to enable better scanning of attached archive files

$ sudo apt-get install arj bzip2 cabextract cpio file gzip lha nomarch pax rar unrar unzip zip

I remove zoo and unzoo from the command line packages because Debian can’t find the source.

4. ClamAV configuration

Add clamav user to the amavis group and vice versa in order for ClamAv to have access to scan files.

$ sudo adduser clamav amavis
$ sudo adduser amavis clamav

5. Spamassassin configuration

Edit /etc/default/spamassassin to activate the Spamassassin daemon.

$ sudo nano /etc/default/spamassassin

Find the lines ENABLED=0 and CRON=0, and update to the following:

ENABLED=1
CRON=1

Start spamassassin:

$ sudo /etc/init.d/spamassassin start

6. Amavis configuration

Activate spam and antivirus detection in Amavis by editing /etc/amavis/conf.d/15-content_filter_mode.

$ sudo nano /etc/amavis/conf.d/15-content_filter_mode

Uncomment the following lines:

@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

Restart Amavis:

$ sudo /etc/init.d/amavis restart

7. Postfix integration

Edit configuration file /etc/postfix/main.cf:

$ sudo nano /etc/postfix/main.cf

Add this line into the file:

content_filter = amavis:[127.0.0.1]:10024

Edit /etc/postfix/master.cf

$ sudo nano /etc/postfix/master.cf

and add the following lines to the end of the file: (add 3 blank spaces in front of ‘-0’)

amavis     unix    -       -       -       -       2       smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet    n       -       -       -       -       smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

Find pickup line (Ctrl-W in nano), and add these lines below the pickup line: (add 3 blank spaces in front of ‘-0’)

-o content_filter=
-o receive_override_options=no_header_body_checks

This will prevent messages that are generated to report on spam from being classified as spam.

Reload Postfix:

$ sudo /etc/init.d/postfix reload

Restart ClamAv:

$ sudo /etc/init.d/clamav-daemon restart

8. Test Amavis

$ telnet localhost 10024
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready

Press Ctrl-] to exit.

9. Check on your /var/log/mail.log that everything goes well. If you see an error message similar to the following:

amavis[30807]: (30807-01) (!!) ask_av (ClamAV-clamd) FAILED – unexpected result: /var/lib/amavis/tmp/amavis-20070615T125025-30807/parts: lstat() failed. ERROR\n

fix it by restart all the services:

$ sudo /etc/init.d/postfix restart
$ sudo /etc/init.d/spamassassin restart
$ sudo /etc/init.d/clamav-daemon restart
$ sudo /etc/init.d/amavis restart

10. Done