Hi there, On Mon, 17 May 2021, Anindya Banerjee-konsult wrote:
Apoteket is using Postfix for email relay and has activated spam assassin. It intends to use Clam AV for virus and malware scanning of emails relayed by Postfix. We have documentation for installation but not on interoperability with Postfix. Please assist with documentation on how clam AV may be configured to work with Postfix email relay.
Postfix supports the 'milter' interface, so you can use clamd with clamav-milter to talk directly to Postfix. There should be adequate documentation for Postfix with your distro and you can find plenty of documentation for the Postfix milter interface with a search engine. There is documentation in the 'man' pages for clamav-milter and clamd, try these for example: man clamav-milter man clamav-milter.conf man clamd man clamd.conf See also for example https://www.clamav.net/documents/configuration#clamav-milter if you are building ClamAV from the sources. The milter interface can be a little confusing, but basically the MTA (Postfix) and the filter (clamav-milter+clamd) talk to each other by means of a Unix socket or a TCP socket. The choice of which type of socket depends on your setup. If ClamAV and the MTA are on the same machine they can use either type of socket, but if you have a separate machine running clamd (for example to serve more han one MTA) then you will need to use TCP sockets. To get the MTA and milter to talk to each other it is necessary to configure them both to use the same type of socket and the same socket parameters (either the socket name, for Unix sockets, or the TCP address and port, for TCP sockets). The OS permissions for Unix sockets must of course allow the communications, and for TCP sockets you may need to check (a) that those devices which should have access to the socket have it and (b) that no devices which should not have access to the socket do. Once you have the sockets configured for both MTA and ClamAV, and you've started all three (the clamd daemon, the clamav-milter daemon, and the MTA) then they'll just chat to each other as they need to. You can configure things like the database updates (freshclam, another daemon), the scanning parameters, addition of headers to the scanned mail etc. later on, after you have made sure the MTA/filter communication is working. I use Sendmail, not Postfix, but the principles are just the same even if the configuration files are totally different. I do not, however, use clamav-milter, I use my own milter. My experience of using clamd with Sendmail via a milter is that clamd runs very reliably when used in that way. I find some of the third-party databases very useful for spam filtering, there are mentions of them in the List archives. There are alternatives if you are using SpamAssassin. It's quite a long time since I used SpamAssassin so I don't know the best documents for you to look at. This should give you some ideas: https://wiki.debian.org/DebianSpamAssassin -- 73, Ged. _______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
