Interfacing between Postfix, Amavis-new, Clamav and Spamassassin

ANANT S ATHAVALE asa at isac.gov.in
Wed Sep 5 10:39:13 CEST 2012


Dear Jayanta,

    Instead of going through your setup details, I prefer, you should
download latest version of amavisd-new and read the documents.  There is
one document specifically for Postfix.  Just follow the steps.  It will
work.

    Regards,
    Anant.

    ----- Message from Jayanta Ghosh <jayanta.ghosh at rp-sg.in> ---------
       Date: Wed, 5 Sep 2012 13:03:49 +0530
       From: Jayanta Ghosh <jayanta.ghosh at rp-sg.in>
    Subject: Interfacing between Postfix, Amavis-new, Clamav and Spamassassin
         To: amavis-users at amavis.org
> Dear List,
>  
>             I am not surewhether this is the right forum to discuss  
> this issue. But I have few queries regarding the interfacing between  
> the Postfix, Amavis-new, Clamav and Spamassassin. If this is not the  
> right forum to discuss this issue then please excuse me.
>
>
> I have configured a mail server on RHEL 6.1(64 Bit) with the  
> following components:-
>
> 1.Postfix
>
> 2.Courier-authlib
>
> 3.Courier-imap
>
> 4.MySql
>
> 5.Maildrop
>
> 6.Spamassassin
>
> 7. Clamav
>
> 8. Amavis-new
>
>  
>
> The basic functionality of the mail server is in place. I have  
> configured the server in such a way so that after the mail is being  
> received by the postfix, then it is handed over to Spamassassin for  
> spam detection. The Spamassassin returns the mail back to the  
> postfix after scanning. The postfix then transfers the mail to  
> Amavis for virus detection. The Amavis returns the mail back to  
> postfix after the scanning is over. Finally, the postfix gives the  
> mail to maildrop for delivery . The postfix  configuration files  
> (i.e main.cf and master.cf)are attached herein.
>
>  
>
> But I have gone through few documents where it was mentioned that  
> Amavis-new acts like an interface between Postfix and Spamassassin ,  
> Clamav. The flow of the mail should be such where Postfix gives the  
> mail to Amavis which in turn sends the mail to both Spamassassin and  
> Clamav. After the scanning is over Amavis  returns the mail back to  
> Postfix.This flow of email is not matching with our configuration.
>
>  
>
> Is there any problem with my configuration or it can be deployed in  
> production environment.
>
>  
>
> Kindly, refer below the details of mail transaction which will give  
> a clear picture about our configuration.
>
>  
>
>  Sep  3 14:22:52 dctest1 postfix/smtpd[17664]: connect from  
> unknown[10.50.81.45]
>
> Sep  3 14:22:52 dctest1 authdaemond: received auth request,  
> service=smtp, authtype=login
>
> Sep  3 14:22:52 dctest1 authdaemond: authmysql: trying this module
>
> Sep  3 14:22:52 dctest1 authdaemond: SQL query: SELECT email, "",  
> clear, uid, gid, homedir, maildir, quota, "", "" FROM postfix_users  
> WHERE email = 'jayanta.ghosh at rpsg.in'  AND (access='y')
>
> Sep  3 14:22:52 dctest1 authdaemond: authmysql: sysusername=<null>,  
> sysuserid=502, sysgroupid=503, homedir=/home/jayanta.ghosh/Maildir/,  
> address=jayanta.ghosh at rpsg.in, fullname=<null>,  
> maildir=/home/jayanta.ghosh/Maildir/, quota=209715200, options=<null>
>
> Sep  3 14:22:52 dctest1 authdaemond: authmysql: clearpasswd=cesc,  
> passwd=<null>
>
> Sep  3 14:22:52 dctest1 authdaemond: Authenticated:  
> sysusername=<null>, sysuserid=502, sysgroupid=503,  
> homedir=/home/jayanta.ghosh/Maildir/, address=jayanta.ghosh at rpsg.in,  
> fullname=<null>, maildir=/home/jayanta.ghosh/Maildir/,  
> quota=209715200, options=<null>
>
> Sep  3 14:22:52 dctest1 authdaemond: Authenticated:  
> clearpasswd=cesc, passwd=<null>
>
> Sep  3 14:22:52 dctest1 postfix/smtpd[17664]: C4551D008A:  
> client=unknown[10.50.81.45], sasl_method=LOGIN,  
> sasl_username=jayanta.ghosh at rpsg.in
>
> Sep  3 14:22:52 dctest1 postfix/cleanup[17671]: C4551D008A:  
> message-id=<EC0E1A1683AD4284825799D639BD4AE1 at JayantaGhosh>
>
> Sep  3 14:22:52 dctest1 postfix/qmgr[8009]: C4551D008A:  
> from=<jayanta.ghosh at rpsg.in>, size=1348, nrcpt=1 (queue active)
>
> Sep  3 14:22:52 dctest1 postfix/smtpd[17664]: disconnect from  
> unknown[10.50.81.45]
>
> Sep  3 14:22:52 dctest1 spamd[8987]: spamd: connection from  
> localhost.localdomain [127.0.0.1] at port 41998
>
> Sep  3 14:22:52 dctest1 spamd[8987]: spamd: setuid to spamuser succeeded
>
> Sep  3 14:22:52 dctest1 spamd[8987]: spamd: processing message  
> <EC0E1A1683AD4284825799D639BD4AE1 at JayantaGhosh> for spamuser:504
>
> Sep  3 14:22:55 dctest1 spamd[8987]: spamd: clean message (-1.0/5.0)  
> for spamuser:504 in 2.5 seconds, 1346 bytes.
>
> Sep  3 14:22:55 dctest1 spamd[8987]: spamd: result: . 0 -  
> ALL_TRUSTED,HTML_MESSAGE,TVD_SPACE_RATIO  
> scantime=2.5,size=1346,user=spamuser,uid=504,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=41998,mid=<EC0E1A1683AD4284825799D639BD4AE1 at JayantaGhosh>,autolearn=ham
>
> Sep  3 14:22:55 dctest1 postfix/pickup[17220]: 6F649D008C: uid=504  
> from=<jayanta.ghosh at rpsg.in>
>
> Sep  3 14:22:55 dctest1 postfix/cleanup[17671]: 6F649D008C:  
> message-id=<EC0E1A1683AD4284825799D639BD4AE1 at JayantaGhosh>
>
> Sep  3 14:22:55 dctest1 postfix/pipe[17672]: C4551D008A:  
> to=<jayanta.ghosh at rpsg.in>, relay=spamassassin, delay=2.7,  
> delays=0.12/0.01/0/2.5, dsn=2.0.0, status=sent (delivered via  
> spamassassin service)
>
> Sep  3 14:22:55 dctest1 postfix/qmgr[8009]: C4551D008A: removed
>
> Sep  3 14:22:55 dctest1 postfix/qmgr[8009]: 6F649D008C:  
> from=<jayanta.ghosh at rpsg.in>, size=1680, nrcpt=1 (queue active)
>
> Sep  3 14:22:55 dctest1 spamd[8980]: prefork: child states: II
>
> Sep  3 14:22:55 dctest1 amavis[6217]: (06217-13) (!!)WARN: all  
> primary virus scanners failed, considering backups
>
> Sep  3 14:22:57 dctest1 postfix/smtpd[17679]: connect from unknown[127.0.0.1]
>
> Sep  3 14:22:57 dctest1 postfix/smtpd[17679]: EE0DFD008A:  
> client=unknown[127.0.0.1]
>
> Sep  3 14:22:57 dctest1 postfix/cleanup[17671]: EE0DFD008A:  
> message-id=<VAb2tpskwyuuMR at dctest1.cesc.co.in>
>
> Sep  3 14:22:57 dctest1 postfix/qmgr[8009]: EE0DFD008A:  
> from=<virusalert at localhost.rpsg.in>, size=3100, nrcpt=1 (queue active)
>
> Sep  3 14:22:57 dctest1 postfix/smtpd[17679]: disconnect from  
> unknown[127.0.0.1]
>
> Sep  3 14:22:57 dctest1 amavis[6217]: (06217-13) Blocked INFECTED  
> (Eicar-Test-Signature), [10.50.81.45] <jayanta.ghosh at rpsg.in> ->  
> <jayanta.ghosh at rpsg.in>, quarantine: virus-b2tpskwyuuMR, Message-ID:  
> <EC0E1A1683AD4284825799D639BD4AE1 at JayantaGhosh>, mail_id:  
> b2tpskwyuuMR, Hits: -, size: 1680, 2531 ms
>
> Sep  3 14:22:58 dctest1 authdaemond: received userid lookup  
> request:virusalert at localhost.rpsg.in
>
>  
>
> Please help. 
>
>  
>
> Regards,
>
> Jayanta Ghosh
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

----- End message from Jayanta Ghosh <jayanta.ghosh at rp-sg.in> -----

 

     ANANT ATHAVALE
     COMPUTER & INFORMATION GROUP
------------------------------------------------------------------------------
Confidentiality Notice: This e-mail message, including any attachments, is for
the sole use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.
------------------------------------------------------------------------------

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20120905/31863253/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/bmp
Size: 7386 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20120905/31863253/attachment.bin>


More information about the amavis-users mailing list