You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Jayanta Ghosh <ja...@rp-sg.in> on 2012/09/05 09:29:12 UTC
Interfacing between Postfix, Amavis-new, Clamav and Spamassassin
Dear List,
I am not sure whether this is the right forum to discuss this issue. But I have few queries regarding the interfacing between the Postfix, Amavis-new, Clamav and Spamassassin. If this is not the right forum to discuss this issue then please excuse me.
I have configured a mail server on RHEL 6.1(64 Bit) with the following components:-
1. Postfix
2. Courier-authlib
3. Courier-imap
4. MySql
5. Maildrop
6. Spamassassin
7. Clamav
8. Amavis-new
The basic functionality of the mail server is in place. I have configured the server in such a way so that after the mail is being received by the postfix, then it is handed over to Spamassassin for spam detection. The Spamassassin returns the mail back to the postfix after scanning. The postfix then transfers the mail to Amavis for virus detection. The Amavis returns the mail back to postfix after the scanning is over. Finally, the postfix gives the mail to maildrop for delivery . The postfix configuration files (i.e main.cf and master.cf)are attached herein.
But I have gone through few documents where it was mentioned that Amavis-new acts like an interface between Postfix and Spamassassin , Clamav. The flow of the mail should be such where Postfix gives the mail to Amavis which in turn sends the mail to both Spamassassin and Clamav. After the scanning is over Amavis returns the mail back to Postfix.This flow of email is not matching with our configuration.
Is there any problem with my configuration or it can be deployed in production environment.
Kindly, refer below the details of mail transaction which will give a clear picture about our configuration.
Sep 3 14:22:52 dctest1 postfix/smtpd[17664]: connect from unknown[10.50.81.45]
Sep 3 14:22:52 dctest1 authdaemond: received auth request, service=smtp, authtype=login
Sep 3 14:22:52 dctest1 authdaemond: authmysql: trying this module
Sep 3 14:22:52 dctest1 authdaemond: SQL query: SELECT email, "", clear, uid, gid, homedir, maildir, quota, "", "" FROM postfix_users WHERE email = 'jayanta.ghosh@rpsg.in' AND (access='y')
Sep 3 14:22:52 dctest1 authdaemond: authmysql: sysusername=<null>, sysuserid=502, sysgroupid=503, homedir=/home/jayanta.ghosh/Maildir/, address=jayanta.ghosh@rpsg.in, fullname=<null>, maildir=/home/jayanta.ghosh/Maildir/, quota=209715200, options=<null>
Sep 3 14:22:52 dctest1 authdaemond: authmysql: clearpasswd=cesc, passwd=<null>
Sep 3 14:22:52 dctest1 authdaemond: Authenticated: sysusername=<null>, sysuserid=502, sysgroupid=503, homedir=/home/jayanta.ghosh/Maildir/, address=jayanta.ghosh@rpsg.in, fullname=<null>, maildir=/home/jayanta.ghosh/Maildir/, quota=209715200, options=<null>
Sep 3 14:22:52 dctest1 authdaemond: Authenticated: clearpasswd=cesc, passwd=<null>
Sep 3 14:22:52 dctest1 postfix/smtpd[17664]: C4551D008A: client=unknown[10.50.81.45], sasl_method=LOGIN, sasl_username=jayanta.ghosh@rpsg.in
Sep 3 14:22:52 dctest1 postfix/cleanup[17671]: C4551D008A: message-id=<EC...@JayantaGhosh>
Sep 3 14:22:52 dctest1 postfix/qmgr[8009]: C4551D008A: from=<ja...@rpsg.in>, size=1348, nrcpt=1 (queue active)
Sep 3 14:22:52 dctest1 postfix/smtpd[17664]: disconnect from unknown[10.50.81.45]
Sep 3 14:22:52 dctest1 spamd[8987]: spamd: connection from localhost.localdomain [127.0.0.1] at port 41998
Sep 3 14:22:52 dctest1 spamd[8987]: spamd: setuid to spamuser succeeded
Sep 3 14:22:52 dctest1 spamd[8987]: spamd: processing message <EC...@JayantaGhosh> for spamuser:504
Sep 3 14:22:55 dctest1 spamd[8987]: spamd: clean message (-1.0/5.0) for spamuser:504 in 2.5 seconds, 1346 bytes.
Sep 3 14:22:55 dctest1 spamd[8987]: spamd: result: . 0 - ALL_TRUSTED,HTML_MESSAGE,TVD_SPACE_RATIO scantime=2.5,size=1346,user=spamuser,uid=504,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=41998,mid=<EC...@JayantaGhosh>,autolearn=ham
Sep 3 14:22:55 dctest1 postfix/pickup[17220]: 6F649D008C: uid=504 from=<ja...@rpsg.in>
Sep 3 14:22:55 dctest1 postfix/cleanup[17671]: 6F649D008C: message-id=<EC...@JayantaGhosh>
Sep 3 14:22:55 dctest1 postfix/pipe[17672]: C4551D008A: to=<ja...@rpsg.in>, relay=spamassassin, delay=2.7, delays=0.12/0.01/0/2.5, dsn=2.0.0, status=sent (delivered via spamassassin service)
Sep 3 14:22:55 dctest1 postfix/qmgr[8009]: C4551D008A: removed
Sep 3 14:22:55 dctest1 postfix/qmgr[8009]: 6F649D008C: from=<ja...@rpsg.in>, size=1680, nrcpt=1 (queue active)
Sep 3 14:22:55 dctest1 spamd[8980]: prefork: child states: II
Sep 3 14:22:55 dctest1 amavis[6217]: (06217-13) (!!)WARN: all primary virus scanners failed, considering backups
Sep 3 14:22:57 dctest1 postfix/smtpd[17679]: connect from unknown[127.0.0.1]
Sep 3 14:22:57 dctest1 postfix/smtpd[17679]: EE0DFD008A: client=unknown[127.0.0.1]
Sep 3 14:22:57 dctest1 postfix/cleanup[17671]: EE0DFD008A: message-id=<VA...@dctest1.cesc.co.in>
Sep 3 14:22:57 dctest1 postfix/qmgr[8009]: EE0DFD008A: from=<vi...@localhost.rpsg.in>, size=3100, nrcpt=1 (queue active)
Sep 3 14:22:57 dctest1 postfix/smtpd[17679]: disconnect from unknown[127.0.0.1]
Sep 3 14:22:57 dctest1 amavis[6217]: (06217-13) Blocked INFECTED (Eicar-Test-Signature), [10.50.81.45] <ja...@rpsg.in> -> <ja...@rpsg.in>, quarantine: virus-b2tpskwyuuMR, Message-ID: <EC...@JayantaGhosh>, mail_id: b2tpskwyuuMR, Hits: -, size: 1680, 2531 ms
Sep 3 14:22:58 dctest1 authdaemond: received userid lookup request: virusalert@localhost.rpsg.in
Please help.
Regards,
Jayanta Ghosh
Re: Interfacing between Postfix, Amavis-new, Clamav and Spamassassin
Posted by Noel <no...@gmail.com>.
On 9/5/2012 2:29 AM, Jayanta Ghosh wrote:
> Dear List,
>
>
> I am not surewhether this is the right forum to discuss this
> issue. But I have few queries regarding the interfacing between
> the Postfix, Amavis-new, Clamav and Spamassassin. If this is not
> the right forum to discuss this issue then please excuse me.
>
> I have configured a mail server on RHEL 6.1(64 Bit) with the
> following components:-
>
> 1.Postfix
>
> 2.Courier-authlib
>
> 3.Courier-imap
>
> 4.MySql
>
> 5.Maildrop
>
> 6.Spamassassin
>
> 7. Clamav
>
> 8. Amavis-new
>
>
>
> The basic functionality of the mail server is in place. I have
> configured the server in such a way so that after the mail is
> being received by the postfix, then it is handed over to
> Spamassassin for spam detection. The Spamassassin returns the mail
> back to the postfix after scanning. The postfix then transfers the
> mail to Amavis for virus detection. The Amavis returns the mail
> back to postfix after the scanning is over. Finally, the postfix
> gives the mail to maildrop for delivery . The postfix
> configuration files (i.e main.cf and master.cf)are attached herein.
>
>
>
> But I have gone through few documents where it was mentioned that
> Amavis-new acts like an interface between Postfix and Spamassassin
> , Clamav. The flow of the mail should be such where Postfix gives
> the mail to Amavis which in turn sends the mail to both
> Spamassassin and Clamav. After the scanning is over Amavis
> returns the mail back to Postfix.This flow of email is not
> matching with our configuration.
>
>
>
Follow the install instructions included with amavisd-new. Do not
configure your system to use spamd.