Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - emtty

Pages: [1]
1
CentOS-WebPanel Bugs / Spam / Virus Filtering
« on: August 18, 2015, 03:30:33 AM »
Out-of-the-box, there are a few issues with Amavisd and Clamav default setup.

Amavisd is not adding X-SPAM headers to any domains other than default:

@local_domains_maps = ( [".$mydomain"] );

Suggest to add the following to /etc/amavisd.conf during "Postfix Configuration Rebuild" when AntiVirus/AntiSpam is enabled so all mail domains have X-spam headers added:

@lookup_sql_dsn = (
    ['DBI:mysql:database=postfix;host=127.0.0.1;port=3306', 'postfix', 'postfix_password']
);

$sql_select_policy =  'SELECT "Y" AS local FROM domain WHERE CONCAT("@", domain) IN (%k)';

and install required modules:

yum -y install perl-DBI perl-DBD-MySQL

Clamd is running as the wrong user ('clam') and cannot access /var/amavis/tmp/, so Amavis falls back to backup scanner (clamscan):

Aug 17 14:04:39 a amavis[19181]: (19181-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output="/var/amavis/tmp/amavis-20150817T140439-19181-kCt7U2oy/parts: lstat() failed: Permission denied. ERROR\n"
Aug 17 14:04:39 a amavis[19181]: (19181-01) (!)ClamAV-clamd av-scanner FAILED: CODE(0x2706420) unexpected , output="/var/amavis/tmp/amavis-20150817T140439-19181-kCt7U2oy/parts: lstat() failed: Permission denied. ERROR\n" at (eval 115) line 897.
Aug 17 14:04:39 a amavis[19181]: (19181-01) (!)WARN: all primary virus scanners failed, considering backups

so 'clamscan' still satisfies virus scanning, but then why run Clamd?  First, need to change 'User' mapping in /etc/clamd.conf:

User clamav

and directory permissions:

chown clamav:clamav -R /var/run/clamav/
chown clamav:clamav -R /var/lib/clamav/
chown clamav:clamav -R /var/log/clamav/

set clamav user's home directory (default /var/clamav):

usermod -d /var/lib/clamav -m clamav

and update /etc/freshclam.conf:

DatabaseDirectory /var/lib/clamav

Now freshclam can update correct database files and Clamd works correctly with Amavis.  Recommend developers add the above to "Postfix Configuration Rebuild" process.

Finally, there is no need to run Spamd for Amavis and waste resources.  Amavis loads SpamAssassin perl module and works fine w/o Spamd running.


Pages: [1]