ClamAV Postfix Integration auf CentOS

How to ClamAV Postfix Integration on CentOS

ClamAV is an open source (GPL) anti-virus toolkit for UNIX/Linux

Especially for e-mail scanning on mail gateways. It offers a number of utilities, including a flexible and scalable multi-threaded daemon, as well as a command line scanner as an advanced tool for automatic database updates. The core of the package provides an anti-virus engine in the form of a shared library.

This article describes the integration of ClamAV on a CentOS 6 Mail Gateway (MTA) with Postfix.

First, the ClamAV daemon from the EPL repo is installed on the MTA.

After installation, the ClamAV-SMTP daemon is configured to remove the comment character (uncomment) from the listed lines.

vi /etc/clamsmtpd.conf

Now the services can be started.

Download the antivirus DB with freshclam.

Start the ClamAV Daemon

Enable automatic system startup.

Postfix content-filter integration takes place in main.cf, via port 10025 to ClamAV, from master.cf via port 10026 the return transport to Postfix.

vi /etc/postfix/main.cf

vi /etc/postfix/master.ch

Postfix must now be restarted.

With netstat, the daemon readiness can be checked.

ClamAV can be checked with telnet, if everything works should the following result be output.

The mail protocol should also be consulted.

The Internet Envelope appears in the E-mail Internet Headers (SMTP Envelope).

SMTP Internet Headers

Troubleshooting

If mail is no longer received, the following error is likely to be found in maillog:

clamsmtpd: 100006: CLAMAV: couldn’t connect to: /var/run/clamd.clamsmtp/clamd.sock: No such file or directory
clamsmtpd: 100004: SERVER: couldn’t connect to: 127.0.0.1:10026: Transport endpoint is not connected

The clamd deamon is no longer active. To restart the clamav services, they can be stopped in the console and restarted in the loop:

After clamd and clamsmtpd is started, the active ports can be checked as follows:

Furthermore, mails could still be in the queue, these could be removed with the command mailq and postqueue processed.


Source: https://www.clamav.net/

Leave a Reply

Your email address will not be published. Required fields are marked *