Month: July 2011

MailScanner, Postfix, ClamAV and SpamAssassin Setup RHEL/CentOS 5/6

Posted on by Andy

Hello,

this howto only describes how to configure MailScanner on a CentOS 5 machine. The requirements like Postfix (CentOS repository), ClamAV (EPEL repository) and Spamassassin (CentOS repository) have to be installed and working before you continue.

First download MailScanner from their website (www.mailscanner.info), extract the .tar.gz and execute the install.sh. The script starts now and compiles all needed rpm packages (rpm-build package is needed and has to be installed before with yum). Wait 15 minutes and Mailscanner is installed.

Now let's configure it:

– edit the file /etc/MailScanner/MailScanner.conf and set following values 

%org-name% = your organization name
%org-long-name% = your full organization name
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
Incoming Work Group = clam
Incoming Work Permissions = 0640
MTA = postfix
Virus Scanners = clamd
Clamd Socket = /var/run/clamav/clamd.sock
Use SpamAssassin = yes
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

– then go and create the folder /var/spool/MailScanner/Spamassassin 

# mkdir /var/spool/MailScanner/spamassassin

– change permissions  to owner postfix and group clamav and restrict access to others 

# chown -R postfix:clamav /var/spool/MailScanner/incoming
# chmod -R 770 /var/spool/MailScanner/incoming
# chown -R postfix:clamav /var/spool/MailScanner/quarantine
# chmod -R 770 /var/spool/MailScanner/quarantine
# chown -R postfix:clamav /var/spool/MailScanner/spamassassin
# chmod -R 770 /var/spool/MailScanner/spamassassin

– MailScanner looks for freshclam in a different location than installed so create a symbolic link to it 

# ln -s /usr/bin/freshclam /usr/local/bin/freshclam

ok, MailScanner should now be installed and configured now, let's integrate postfix:

– edit the /etc/postfix/main.cf and uncomment the line 

header_checks = regexp:/etc/postfix/header_checks

add the next line to that file 

/^Received:/ HOLD

That's it… the postfix service should be started through MailScanner so disable or enable following services: 

# chkconfig postfix off
# chkconfig MailScanner on
# chkconfig spamassassin on
# chkconfig clamd on

UPDATE: If you are using perl 5.10.1 it can be that Mailscanner exits with errors in an endless loop causing high cpu usage and no message delivery or keeps sending messages about problem messages. In that case open /usr/sbin/MailScanner and add the -U parameter to the first line (allow unsafe operations).

source: http://www.linuxmail.info/mailscanner-postfix-clamav-spamassassin-howto-centos-5/