Trace: install_additional_packages_using_opkg maximize_available_sdram_for_ok6410 oe_quick_config_for_ok6410 setup_lazarus_for_cross_compile setup_the_oe_environment setup_the_ubi_rootfs_image use_rootfs_on_nfs pki private amavisd-new_basic_setup
Table of Contents

Amavisd-new basic setup

Updated for version 2.6.4.

Setup user and folders

Create user to run the daemon 

useradd -d /var/amavis amavis

Setup folders: 

# working folder:
mkdir /var/amavis/tmp   
chown -R amavis.amavis /var/amavis/

# quarantine folder:
mkdir /u/virusmails
chown amavis /u/virusmails

Install program and config files: 

# cd /source-of-amavisd
cp amavisd /usr/sbin/
chown root:root /usr/sbin/amavisd
chmod 755  /usr/sbin/amavisd

cp amavisd.conf /etc/
chown root /etc/amavisd.conf
chmod 644  /etc/amavisd.conf 

cp amavisd_init.sh /etc/rc.d/init.d/amavisd
chown root:root /etc/rc.d/init.d/amavisd
chmod 755 /etc/rc.d/init.d/amavisd
chkconfig --add amavisd

Edit the init script /etc/rc.d/init.d/amavisd to add these lines to disable Unicode for better performance: 

LANG=C; LC_ALL=C
export LANG LC_ALL

Install required modules

Update the required perl modules using cpan: 

install Archive::Zip Compress::Zlib Compress::Raw::Zlib Convert::TNEF Convert::UUlib 
install MIME::Base64 MIME::Parser Mail::Internet Net::Server Digest::MD5    
install IO::Stringy Time::HiRes Unix::Syslog BerkeleyDB Mail::DKIM

Most customized settings

These are the settings we normally change for a basic setup: 

$bypass_decode_parts = 1;  
$max_servers = 5;            
$daemon_user  = 'amavis';     
$daemon_group = 'amavis';     
$QUARANTINEDIR = '/u/virusmails';  

$mydomain = 'example.com'; 

@local_domains_maps = ( [".$mydomain", ".virtual.com"] );  # list of all local domains

@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
                  10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );

$policy_bank{'MYNETS'} = {   # mail originating from @mynetworks
  originating => 1,  # is true in MYNETS by default, but let's make it explicit
  terminate_dsn_on_notify_success => 0,  
  bypass_spam_checks_maps   => [1],  
  bypass_banned_checks_maps => [1],
  bypass_header_checks_maps => [1],  
};

# setup a policy for input from port 10026, trusted authenticated sources:
$interface_policy{'10026'} = 'AUTH_CHANNEL';
$policy_bank{'AUTH_CHANNEL'} = {
   originating => 1,
   terminate_dsn_on_notify_success => 0,
   bypass_spam_checks_maps   => [1],  # don't spam-check this mail
   bypass_banned_checks_maps => [1],  # don't banned-check this mail
   bypass_header_checks_maps => [1],  # don't header-check this mail
};   

$inet_socket_port = [10024, 10026];

$enable_db = 0; 

$sa_tag_level_deflt  = 1.0;  
$sa_tag2_level_deflt = 6.5;  
$sa_kill_level_deflt = 12.0;  
$sa_dsn_cutoff_level = 12.0;   
$sa_crediblefrom_dsn_cutoff_level = 12; 
$sa_quarantine_cutoff_level = 12; 

$virus_admin = undef;  

$sa_spam_subject_tag = '[SPAM] ';  

$myhostname = 'mail.example.com';  

$notify_method  = 'smtp:[127.0.0.1]:10025'; 
$forward_method = 'smtp:[127.0.0.1]:10025'; 

$final_spam_destiny = D_DISCARD;   

# If you want to disable quarantine, undefine these by:
$banned_files_quarantine_method = undef;
$bad_header_quarantine_method = undef;
$spam_quarantine_method = undef;

# ### http://www.clamav.net/
 ['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

Test

Test run: 

/usr/sbin/amavisd debug

Setup to work with postfix

Add these to master.cf: 

smtp-amavis unix -      -       n       -       5  lmtp
    -o smtp_data_done_timeout=1200
    -o lmtp_send_xforward_command=yes
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20

127.0.0.1:10025 inet n	-	n	-	-  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks_style=host
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

# non standard port MSA:
8025 inet  n       -       n       -       -       smtpd
	-o smtpd_sasl_auth_enable=yes
	-o smtpd_client_restrictions=permit_sasl_authenticated,reject
	-o content_filter=smtp-amavis:[127.0.0.1]:10026
	-o smtpd_tls_security_level=none
	-o receive_override_options=no_address_mappings

And modify smtp and pickup to prevent spam checking: 

smtp      inet  n       -       n       -       -       smtpd
    -o receive_override_options=no_address_mappings

pickup    fifo  n       -       n       60      1       pickup
  -o content_filter=smtp-amavis:[127.0.0.1]:10026
  -o receive_override_options=no_address_mappings

Add these to main.cf: 

content_filter = smtp-amavis:[127.0.0.1]:10024

# set max_use if using lmtp instead of smtp (must be the same value as in master.cf):
max_use = 20
tips/amavisd-new_basic_setup.txt · Last modified: 2010-03-25 14:38 by admin
Back to top
GNU Free Documentation License 1.3
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0