Add antivirus to Postfix with ClamAV
By now you have your Postfix mail server up and running (see "Install Postfix for reliable email delievery"). You even have relaying working (see "Mail relaying made simple with Postfix"). But one of the most important features you can add to a mail server is an system to prevent viruses from being passed to users. Naturally, the Linux fan will say "But Linux isn't affected by viruses!". Although that may, for the most part, be true, this is a mail SERVER which could be serving up mail to Windows users. And Windows machines ARE effected by viruses. To that end, anti-virus measures are a necessity on a Linux email server.
One of the best anti-virus systems for a Postfix server is ClamAV. This anti-virus tool kit is open sourced and can be used on all UNIX-like operating systems. It's easy to install and effective. In this article we will be following our series started way back in the Installing Ubuntu Server 9.04 article. Of course we will be installing ClamAV on a Ubuntu server running LAMP and Postfix. With that in mind, let's get busy!
The first thing to take care of is the installation of ClamAV. There are a number of tools you will need to install. Open up a terminal window and issue the command:
sudo apt-get install clamav clamav-freshclam clamsmtp
The above command should also pick up all of the necessary dependencies. The installation will also start the clamav daemon. You will restart that momentarily
Once installed you have some configurations to take care of. There are three files you are going to have to edit:
The first file to configure is the clamsmtpd.conf file. The configuration in this file is simple. Look for the lines:
Change them to:
That's it for the clamsmtpd.conf file. Now let's move on to the heavier configurations.
Open up the /etc/postfix/main.cf file. Scroll down to the bottom of this file and add the following:
content_filter = scan:127.0.0.1:10025
receive_override_options = no_address_mappings
Save that file and now move on over to the /etc/postfix/master.cf file. Again, scroll down to the bottom of this file and add the following:
# AV scan filter (used by content_filter)
scan unix - - n - 16 smtp
# For injecting mail back into postfix from the filter
127.0.0.1:10026 inet n - n - 16 smtpd
Save that file.
The first thing you need to do is restart Postfix with the command:
sudo /etc/init.d/postfix restart
Once that has restarted you need to restart clamsmtpd with the command:
sudo /etc/init.d/clamsmtpd restart
Now, if nothing has gone horribly wrong, you should have a virus protected Postfix mail server.
You should never go without updating your virus signatures. This is critical for keeping your mail server virus-free as new viruses are created or old viruses mutate. Fortunately ClamAV has its own tool for this. You will need to go back to that terminal window and issue the command:
Which will update the signatures.
You might even add the freshclam command into the root users crontab for regular signature updates.
Your Postfix mail server is getting better and stronger each day. Adding anti-virus is a critical step in the grand scheme of Postfix things. In our next addition to the Postfix series, we will add Spamassassin for anti-spam measures.Advertisement