Antivirus and anti-spam with clamav, spamassassin, amavisd-new and fetchmail

HCL Domino Domino Forum
1

Hi,

I recently installed an antivirus and anti-spam solution for a customer who uses Domino and fetchmail to get his multi-drop box.

Basically the setup was:

Provider → pop3 → fetchmail → port 25 on localhost → domino picks it up.

It ended up with:

Provider → pop3 → fetchmail → port 10024 on localhost → amavisd-new picks it up and scans it with clamd and spamassassin → port 25 on localhost → domino picks it up.

I didn’t have to change anything on the Domino part! The only drawback is that this way, only inbound e-mail gets scanned, but that’s what this customer was satisfied with. For both-way scanning you could use Postfix with amavisd on the same box, but then you have to fiddle with Domino to deliver it to Postfix, and have Domino listen on another port than 25. Or use a different box altogether, which is probably better for high-volume places… or slow servers :slight_smile:

I had to install:

  • amavisd-new (open source)

  • clamav anti-virus (open source)

  • a bunch of perl modules for amavisd-new

  • some extra extraction software like lha, unarj, tnef, etc. What you need is in the readme from amavisd-new.

The important parts in the amavisd.conf file for this setup were:

$inet_socket_port = 10024; (listen on this port for fetchmail’s output)

$forward_method = ‘smtp:127.0.0.1:25’; (where Domino is listening)

Between "@av_scanner = ( " and “)”

I uncommented the four lines about Clam Antivirus deamon (clamd) and commented out the rest.

Between "@av_scanners_backup = ( " and “)”

I uncommented the three lines about Clam Antivirus scanner (standalone) and commented out the rest.

I made sure that both amavisd and clamd run as user amavis and the dirs used by these programs were writable by amavis.amavis

I didn’t change anything in the .fetchmailrc file, only started fetchmail with:

fetchmail --smtphost 127.0.0.1/10024

so that it delivers what it gets from the provider to localhost port 10024, where amavisd is listening.

I got this working with RH7.3 and RH9, so it very likely also works with RH Enterprise 2.1 and 3.0. Domino release was 5, but I think it would work with any release. As both fetchmail and amavisd can send their mail to any other address/port, this setup is very versatile, for all kinds of MTAs and mail servers.

I have found Clamav to be an excellent scanner, very fast updates and very stable.

Amavisd-new rocks as well and it can use all kinds of virus scanners so you don’t need clamav if you already have something else. Just check out the conf file, it’s easy. I’m not sure if I have to tell anything about SpamAssassin, it’s very strong and very versatile. Check out all the stuff at:

http://www.ijs.si/software/amavisd/

http://www.clamav.net

Good luck, please e-mail me if I can help you with any questions at g.roest at linvision.com

greetings,

Gerben