How to Add Antivirus and Spam Protection to Postfix Mail Server with ClamAV and SpamAssassin
If you run an email server, the last thing you want is to be sending, receiving and delivering viruses and spam. One of the common ways to ensure that your system is running smoothly is to implement antivirus and spam protection. In this tutorial, we will walk you through how to add ‘ClamAV’ antivirus and ‘SpamAssassin’ spam protection to ‘Postfix Mail Server.’
What is ClamAV?
ClamAV is an open source antivirus engine that can detect most viruses, malware, and malicious activities. It is designed to work seamlessly with email server setups such as ‘Postfix Mail Server.’ ClamAV uses a signature-based detection mechanism that searches for known viruses and malware. It is incredibly lightweight and can scale to handle very high email volumes.
What is SpamAssassin?
SpamAssassin is an open-source spam filter that utilizes a range of advanced techniques to identify and filter spam emails. It uses a scoring system that enables it to identify spam emails and mark them accordingly. The higher the score, the more likely it is a spam message. It is one of the most popular and effective spam filter systems on the market.
Install ClamAV and SpamAssassin
Before you can proceed, you need to make sure that your system is up to date. Open the terminal and run the following command:
sudo apt-get update && sudo apt-get upgrade
sudo apt-get install clamav clamav-daemon spamassassin
The above command installs the latest version of ClamAV, the ClamAV daemon, and SpamAssassin.
Configure ClamAV
To configure ClamAV to work with ‘Postfix Mail Server,’ you need to modify the configuration files. These files are located in /etc/clamav/
. The two files you need to modify are clamd.conf
and freshclam.conf
.
Step 1: Open the clamd.conf
file using your preferred text editor:
sudo nano /etc/clamav/clamd.conf
Step 2: Modify the file as shown below:
#Remove the "#" symbol from the following line
LogSyslog yes
#Replace the contents of the following quoted line with:
TCPAddr 127.0.0.1
Save the file and exit.
Step 3: Next, you need to modify the freshclam.conf
file:
sudo nano /etc/clamav/freshclam.conf
Step 4: Modify the configuration file as shown below:
#Find and uncomment the following line if it exists
Example
#Replace the contents of the following line with:
DNSDatabaseInfo current.cvd.clamav.net
Save the file and exit.
Step 5: Reload the ClamAV service:
sudo systemctl reload clamav-freshclam.service
sudo systemctl reload clamav-daemon.service
That’s it for ClamAV! Next, we will configure SpamAssassin.
Configure SpamAssassin
To configure SpamAssassin, you need to modify its configuration file. The configuration file is located in /etc/spamassassin/local.cf
Step 1: Open the local.cf
file:
sudo nano /etc/spamassassin/local.cf
Step 2: Modify the configuration file as shown below:
#Change the rule scores by uncommenting the following line
#score NAME_OF_RULE -1.0
#Change the score of the following rules as shown here:
score RCVD_IN_PBL 3.0
score RCVD_IN_SBL 3.0
score RCVD_IN_XBL 3.0
Save the file and exit.
Step 3: Next, you need to update the SpamAssassin rules:
sudo sa-update
SpamAssassin will download the latest rules from the internet.
Step 4: Reload the SpamAssassin service:
sudo systemctl reload spamassassin.service
Integrate ClamAV and SpamAssassin with Postfix Mail Server
Now that ClamAV and SpamAssassin are set up, you need to integrate them with ‘Postfix Mail Server.’ To do this, you need to modify the Postfix configuration file. The configuration file is located in /etc/postfix/main.cf
.
Step 1: Open the main.cf
file:
sudo nano /etc/postfix/main.cf
Step 2: Modify the file as shown below:
#Add the following lines at the end of the file
#Enable the Amavisd-new content filter
content_filter=smtp-amavis:[127.0.0.1]:10024
#Configure the Amavisd-new service
receive_override_options=no_address_mappings
smtpd_relay_restrictions = permit_mynetworks,
permit_sasl_authenticated,
defer_unauth_destination
#Enable spam checks
header_checks = regexp:/etc/postfix/header_checks
Save the file and exit.
Step 3: Create a file named header_checks
:
sudo nano /etc/postfix/header_checks
Step 4: Add the following lines to the header_checks
file:
/^Received:/ HOLD
/^X-DA-Processed:/ HOLD
/^X-DA-Spam:/ HOLD
/^X-AntiVirus:/ HOLD
/^X-Spam-Status:/ HOLD
/^X-Spam-Flag:/ HOLD
Save the file and exit.
Step 5: Reload the Postfix service:
sudo systemctl reload postfix.service
That’s it! ClamAV and SpamAssassin have been integrated with ‘Postfix Mail Server,’ and you should now have effective antivirus and spam protection.
Conclusion
Adding antivirus and spam protection to ‘Postfix Mail Server’ is a critical step towards protecting your email infrastructure from malicious attacks. ClamAV and SpamAssassin are powerful open-source tools that can help you achieve this. By following the steps in this tutorial, you can easily configure ClamAV and SpamAssassin to work seamlessly with ‘Postfix Mail Server.’