# Help with setting up spamassassin, amavis, and claimav



## jubutld (Jul 20, 2011)

Hello

I have Postfix, courier_authdaemond, and courier_imap running with virtual email addresses (currently two domains on the server).  Email is coming and going fine. I want to implement a spam and anti-virus solution into the mix.  Everytime I try (and have tried a couple of different products) I am unable to get postfix to process the mail so I comment out the changes and restart postfix.

Does anyone have a good wiki or instructions (without missing steps) for how to turn on spamassassin, amavis, and claimav (or a better alternative) within this kind of setup?

Thanks


----------



## jubutld (Jul 21, 2011)

Never mind this question. I did get it all working but it looks like the spamassassin is not seeing the messages eventho it is in the log - I am reading this right?


```
Jul 20 21:38:32 unix1 postfix/cleanup[20348]: EC7D67E86A: message-id=<1730ab55c916a7394f22062c34025bac@localhost.localdomain>
Jul 20 21:38:32 unix1 postfix/qmgr[20260]: EC7D67E86A: from=<club@castellodiamorosa.com>, size=8950, nrcpt=2 (queue active)
Jul 20 21:38:32 unix1 postfix/smtpd[20351]: disconnect from localhost[127.0.0.1]
Jul 20 21:38:32 unix1 amavis[19620]: (19620-05) TIMING [total 263 ms] - SMTP EHLO: 1 (0%), SMTP pre-MAIL: 0 (0%), SMTP
 pre-DATA-flush: 1 (0%), SMTP DATA: 99 (38%), body_hash: 0 (0%), maia_connect: 1 (0%), maia_read_system_config: 1 (0%),
 maia_get_mysql_size_limit: 1 (0%), lookup_sql: 1 (0%), lookup_sql: 1 (0%), mime_decode: 6 (2%), get-file-type2: 18 (7%),
 decompose_part: 0 (0%), parts_decode: 0 (0%), update_cache: 1 (0%), maia_store_mail: 5 (2%), deal_with_mail_size: 1 (0%),
 maia_record_tests: 2 (1%), maia_set_mail_status: 3 (1%), fwd-connect: 16 (6%), fwd-mail-from: 1 (0%), fwd-rcpt-to: 1 (0%),
 write-header: 1 (0%), fwd-data: 0 (0%), fwd-data-end: 100 (38%), fwd-rundown: 0 (0%), main_log_entry: 0 (0%),
 update_snmp: 0 (0%), maia_cleanup: 0 (0%), maia_disconnect: 0 (0%), unlink-2-files: 1 (0%), rundown: 0 (0%)
Jul 20 21:38:32 unix1 postfix/smtp[20349]: 864977E81B: to=<dave@mywebsite.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.83,
 delays=0.56/0.01/0/0.26, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=19620-05, from MTA: 250 2.0.0 Ok: queued as EC7D67E86A)
Jul 20 21:38:32 unix1 postfix/qmgr[20260]: 864977E81B: removed
Jul 20 21:38:32 unix1 amavis[19620]: (19620-05) extra modules loaded:
 /usr/local/lib/perl5/site_perl/5.10.1/mach/auto/NetAddr/IP/Util/inet_n2dx.al,
 /usr/local/lib/perl5/site_perl/5.10.1/mach/auto/Storable/autosplit.ix, MLDBM.pm, MLDBM/Sync.pm, MLDBM/Sync/SDBM_File.pm,
 Mail/DKIM/Algorithm/Base.pm, Mail/DKIM/Algorithm/dk_rsa_sha1.pm, Mail/DKIM/Algorithm/rsa_sha1.pm,
 Mail/DKIM/Algorithm/rsa_sha256.pm, Mail/DKIM/AuthorDomainPolicy.pm, Mail/DKIM/Canonicalization/Base.pm,
 Mail/DKIM/Canonicalization/DkCommon.pm, Mail/DKIM/Canonicalization/DkimCommon.pm, Mail/DKIM/Canonicalization/dk_nofws.pm,
 Mail/DKIM/Canonicalization/dk_simple.pm, Mail/DKIM/Canonicalization/nowsp.pm, Mail/DKIM/Canonicalization/relaxed.pm,
 Mail/DKIM/Canonicalization/simple.pm, Mail/DKIM/Common.pm, Mail/DKIM/DNS.pm, Mail/DKIM/DkPolicy.pm, Mail/DKIM/DkSignature.pm,
 Mail/DKIM/DkimPolicy.pm, Mail/DKIM/Key.pm, Mail/DKIM/KeyValueList.pm, Mail/DKIM/MessageParser.pm, Mail/DKIM/Policy.pm,
 Mail/DKIM/PublicKey.pm, Mail/DKIM/Signature.pm, Mail/DKIM/V...
Jul 20 21:38:32 unix1 amavis[19620]: (19620-05) ...erifier.pm, Mail/SpamAssassin/Bayes/CombineChi.pm,
 Mail/SpamAssassin/Locales.pm, Mail/SpamAssassin/Plugin/Bayes.pm, Mail/SpamAssassin/Plugin/BodyEval.pm,
 Mail/SpamAssassin/Plugin/Check.pm, Mail/SpamAssassin/Plugin/DKIM.pm, Mail/SpamAssassin/Plugin/DNSEval.pm,
 Mail/SpamAssassin/Plugin/FreeMail.pm, Mail/SpamAssassin/Plugin/FuzzyOcr.pm, Mail/SpamAssassin/Plugin/FuzzyOcr/Config.pm,
 Mail/SpamAssassin/Plugin/FuzzyOcr/Deanimate.pm, Mail/SpamAssassin/Plugin/FuzzyOcr/Hashing.pm,
 Mail/SpamAssassin/Plugin/FuzzyOcr/Logging.pm, Mail/SpamAssassin/Plugin/FuzzyOcr/Misc.pm,
 Mail/SpamAssassin/Plugin/FuzzyOcr/Preprocessor.pm, Mail/SpamAssassin/Plugin/FuzzyOcr/Scanset.pm,
 Mail/SpamAssassin/Plugin/FuzzyOcr/Scoring.pm, Mail/SpamAssassin/Plugin/HTMLEval.pm, Mail/SpamAssassin/Plugin/HTTPSMismatch.pm,
 Mail/SpamAssassin/Plugin/HeaderEval.pm, Mail/SpamAssassin/Plugin/ImageInfo.pm, Mail/SpamAssassin/Plugin/MIMEEval.pm,
 Mail/SpamAssassin/Plugin/RelayEval.pm, Mail/SpamAssassin/P...
Jul 20 21:38:32 unix1 amavis[19620]: (19620-05) ...lugin/URIDetail.pm, Mail/SpamAssassin/Plugin/URIEval.pm,
 Mail/SpamAssassin/Plugin/VBounce.pm, Mail/SpamAssassin/Plugin/WLBLEval.pm, PerlIO.pm, PerlIO/scalar.pm, SDBM_File.pm,
 Storable.pm, String/Approx.pm
Jul 20 21:38:32 unix1 postfix/virtual[20352]: EC7D67E86A: to=<dave@mywebsite.com>, relay=virtual, delay=0.11,
 delays=0.1/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
```


----------



## jubutld (Jul 21, 2011)

*Can someone help?  Postfix - spamassassin, amavis, courier, etc*

My mail system is other wise working fine. Mail comes and goes ok.  Spamassassin tested out ok when I, via the command line, sent it the test spam email. But in my maillog, it is being referenced but I can't see where it is being invoked. Spam is still flowing in untouched. The maia mailguard configuration tester is clean.

maillog segment:


```
Jul 21 08:44:58 unix1 postfix/smtpd[30407]: connect from mail.fevia.be[194.78.206.46]
Jul 21 08:44:59 unix1 postfix/smtpd[30407]: C2F557E81B: client=mail.fevia.be[194.78.206.46]
Jul 21 08:45:00 unix1 postfix/cleanup[30410]: C2F557E81B: message-id=<FEVIA-MAILu7tS1RkFC0000055d@fevia-mail.Fevia-domain.local>
Jul 21 08:45:00 unix1 postfix/qmgr[20260]: C2F557E81B: from=<missnicho118@yahoo.com>, size=4118, nrcpt=2 (queue active)
Jul 21 08:45:00 unix1 amavis[30319]: (30319-03) ESMTP::10024 /var/amavisd/tmp/amavis-20110721T083100-30319:
 <missnicho118@yahoo.com> -> <mymobileemail@gmail.com>,<myemail@xxxxxxxxx.com> Received: SIZE=4118 from unix1.butler ([127.0.0.1])
 by localhost (host.domain.tld [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 30319-03; Thu, 21 Jul 2011 08:45:00 -0500
 (CDT)
Jul 21 08:45:00 unix1 amavis[30319]: (30319-03) Checking: [194.78.206.46] <missnicho118@yahoo.com> -> <mymobileemail@gmail.com>,
<myemail@xxxxxxxxx.com>
Jul 21 08:45:00 unix1 amavis[30319]: (30319-03) Maia: [check_mail] WARNING: Size limit (4294967295) > max_allowed_packet
 (10485760); effective size limit is 10484736 bytes
Jul 21 08:45:00 unix1 amavis[30319]: (30319-03) p001 1 Content-Type: text/html, size: 3131 B, name: 
Jul 21 08:45:00 unix1 postfix/smtpd[30407]: disconnect from mail.fevia.be[194.78.206.46]
Jul 21 08:45:00 unix1 amavis[30319]: (30319-03) FWD via SMTP: [127.0.0.1]:10025 <missnicho118@yahoo.com> ->
 <mymobileemail@gmail.com>, <myemail@xxxxxxxxx.com>
Jul 21 08:45:00 unix1 postfix/smtpd[30413]: initializing the server-side TLS engine
Jul 21 08:45:00 unix1 postfix/smtpd[30413]: connect from localhost[127.0.0.1]
Jul 21 08:45:00 unix1 postfix/smtpd[30413]: 319B97E81D: client=localhost[127.0.0.1]
Jul 21 08:45:00 unix1 postfix/cleanup[30410]: 319B97E81D: message-id=<FEVIA-MAILu7tS1RkFC0000055d@fevia-mail.Fevia-domain.local>
Jul 21 08:45:00 unix1 postfix/qmgr[20260]: 319B97E81D: from=<missnicho118@yahoo.com>, size=4441, nrcpt=2 (queue active)
Jul 21 08:45:00 unix1 postfix/smtpd[30413]: disconnect from localhost[127.0.0.1]
Jul 21 08:45:00 unix1 amavis[30319]: (30319-03) TIMING [total 247 ms] - SMTP EHLO: 1 (0%), SMTP pre-MAIL: 0 (0%), lookup_sql: 1
 (0%), lookup_sql: 1 (0%), SMTP pre-DATA-flush: 0 (0%), SMTP DATA: 98 (39%), body_hash: 0 (0%), maia_connect: 1 (0%),
 maia_read_system_config: 1 (0%), maia_get_mysql_size_limit: 0 (0%), lookup_sql: 1 (0%), lookup_sql: 1 (0%), mime_decode: 3 (1%),
 get-file-type1: 11 (5%), parts_decode: 0 (0%), update_cache: 1 (0%), maia_store_mail: 3 (1%), deal_with_mail_size: 1 (0%),
 fwd-connect: 16 (7%), fwd-mail-from: 1 (0%), fwd-rcpt-to: 1 (0%), write-header: 1 (0%), fwd-data: 0 (0%), fwd-data-end: 100
 (40%), fwd-rundown: 0 (0%), main_log_entry: 0 (0%), update_snmp: 0 (0%), maia_delete_mail: 2 (1%), maia_cleanup: 0 (0%),
 maia_disconnect: 0 (0%), unlink-1-files: 0 (0%), rundown: 0 (0%)
Jul 21 08:45:00 unix1 postfix/smtp[30411]: C2F557E81B: to=<mymobileemail@gmail.com>, orig_to=<dmyemail@xxxxxxxxx.com>,
 relay=127.0.0.1[127.0.0.1]:10024, delay=0.79, delays=0.53/0.01/0/0.25, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=30319-03,
 from MTA: 250 2.0.0 Ok: queued as 319B97E81D)
Jul 21 08:45:00 unix1 postfix/smtp[30411]: C2F557E81B: to=<myemail@xxxxxxxxx.com>, orig_to=<dmyemail@xxxxxxxxx.com>,
 relay=127.0.0.1[127.0.0.1]:10024, delay=0.79, delays=0.53/0.01/0/0.25, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=30319-03,
 from MTA: 250 2.0.0 Ok: queued as 319B97E81D)
Jul 21 08:45:00 unix1 postfix/qmgr[20260]: C2F557E81B: removed
Jul 21 08:45:00 unix1 amavis[30319]: (30319-03) extra modules loaded:
 /usr/local/lib/perl5/site_perl/5.10.1/mach/auto/NetAddr/IP/Util/inet_n2dx.al,
 /usr/local/lib/perl5/site_perl/5.10.1/mach/auto/Storable/autosplit.ix, MLDBM.pm, MLDBM/Sync.pm, MLDBM/Sync/SDBM_File.pm,
 Mail/DKIM/Algorithm/Base.pm, Mail/DKIM/Algorithm/dk_rsa_sha1.pm, Mail/DKIM/Algorithm/rsa_sha1.pm,
 Mail/DKIM/Algorithm/rsa_sha256.pm, Mail/DKIM/AuthorDomainPolicy.pm, Mail/DKIM/Canonicalization/Base.pm,
 Mail/DKIM/Canonicalization/DkCommon.pm, Mail/DKIM/Canonicalization/DkimCommon.pm, Mail/DKIM/Canonicalization/dk_nofws.pm,
 Mail/DKIM/Canonicalization/dk_simple.pm, Mail/DKIM/Canonicalization/nowsp.pm, Mail/DKIM/Canonicalization/relaxed.pm,
 Mail/DKIM/Canonicalization/simple.pm, Mail/DKIM/Common.pm, Mail/DKIM/DNS.pm, Mail/DKIM/DkPolicy.pm, Mail/DKIM/DkSignature.pm,
 Mail/DKIM/DkimPolicy.pm, Mail/DKIM/Key.pm, Mail/DKIM/KeyValueList.pm, Mail/DKIM/MessageParser.pm, Mail/DKIM/Policy.pm,
 Mail/DKIM/PublicKey.pm, Mail/DKIM/Signature.pm, Mail/DKIM/V...
Jul 21 08:45:00 unix1 amavis[30319]: (30319-03) ...erifier.pm, Mail/SpamAssassin/Bayes/CombineChi.pm,
 Mail/SpamAssassin/Locales.pm, Mail/SpamAssassin/Plugin/Bayes.pm, Mail/SpamAssassin/Plugin/BodyEval.pm,
 Mail/SpamAssassin/Plugin/Check.pm, Mail/SpamAssassin/Plugin/DKIM.pm, Mail/SpamAssassin/Plugin/DNSEval.pm,
 Mail/SpamAssassin/Plugin/FreeMail.pm, Mail/SpamAssassin/Plugin/FuzzyOcr.pm, Mail/SpamAssassin/Plugin/FuzzyOcr/Config.pm,
 Mail/SpamAssassin/Plugin/FuzzyOcr/Deanimate.pm, Mail/SpamAssassin/Plugin/FuzzyOcr/Hashing.pm,
 Mail/SpamAssassin/Plugin/FuzzyOcr/Logging.pm, Mail/SpamAssassin/Plugin/FuzzyOcr/Misc.pm,
 Mail/SpamAssassin/Plugin/FuzzyOcr/Preprocessor.pm, Mail/SpamAssassin/Plugin/FuzzyOcr/Scanset.pm,
 Mail/SpamAssassin/Plugin/FuzzyOcr/Scoring.pm, Mail/SpamAssassin/Plugin/HTMLEval.pm, Mail/SpamAssassin/Plugin/HTTPSMismatch.pm,
 Mail/SpamAssassin/Plugin/HeaderEval.pm, Mail/SpamAssassin/Plugin/ImageInfo.pm, Mail/SpamAssassin/Plugin/MIMEEval.pm,
 Mail/SpamAssassin/Plugin/RelayEval.pm, Mail/SpamAssassin/P...
Jul 21 08:45:00 unix1 amavis[30319]: (30319-03) ...lugin/URIDetail.pm, Mail/SpamAssassin/Plugin/URIEval.pm,
 Mail/SpamAssassin/Plugin/VBounce.pm, Mail/SpamAssassin/Plugin/WLBLEval.pm, PerlIO.pm, PerlIO/scalar.pm, SDBM_File.pm,
 Storable.pm, String/Approx.pm
Jul 21 08:45:00 unix1 postfix/virtual[30414]: 319B97E81D: to=<myemail@xxxxxxxxx.com>, relay=virtual, delay=0.11,
 delays=0.1/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
Jul 21 08:45:00 unix1 postfix/smtp[30415]: certificate verification failed for gmail-smtp-in.l.google.com[209.85.225.27]:25:
 untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
Jul 21 08:45:00 unix1 postfix/smtp[30415]: 319B97E81D: to=<mymobileemail@gmail.com>, relay=gmail-smtp-
 in.l.google.com[209.85.225.27]:25, delay=0.78, delays=0.1/0.01/0.32/0.35, dsn=2.0.0, status=sent (250 2.0.0 OK 1311255870
 o10si3682804icn.74)
Jul 21 08:45:01 unix1 postfix/qmgr[20260]: 319B97E81D: removed
```

Master.cfg

```
smtp      inet  n       -       n       -       -       smtpd
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
	-o smtp_fallback_relay=
cyrus     unix  -       n       n       -       -       pipe
smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtp-amavis unix - - n - 2 smtp
   -o smtp_data_done_timeout=2400
   -o smtp_send_xforward_command=yes
   -o disable_dns_lookups=yes
   -o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
   -o content_filter=
   -o local_recipient_maps=
   -o relay_recipient_maps=
   -o smtpd_restriction_classes=
   -o smtpd_delay_reject=no
   -o smtpd_client_restrictions=permit_mynetworks,reject
   -o smtpd_helo_restrictions=
   -o smtpd_sender_restrictions=
   -o smtpd_recipient_restrictions=permit_mynetworks,reject
   -o mynetworks_style=host
   -o mynetworks=127.0.0.0/8
   -o strict_rfc821_envelopes=yes
   -o smtpd_error_sleep_time=0
   -o smtpd_soft_error_limit=1001
   -o smtpd_hard_error_limit=1000
   -o smtpd_client_connection_count_limit=0
   -o smtpd_client_connection_rate_limit=0
   -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
```

main.cf

```
content_filter=smtp-amavis:[127.0.0.1]:10024
virtual_alias_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_mailbox_base = /var/vmail/
virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 112400000
virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 125
virtual_transport = virtual
virtual_uid_maps = static:125
alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
    permit_mynetworks,   
    permit_sasl_authenticated,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    reject_unknown_sender_domain,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_recipient_domain,
    reject_unauth_pipelining,
    reject_unauth_destination,
    reject_rbl_client zen.spamhaus.org,
    check_sender_access hash:/etc/postfix/sender_checks,
    permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = proxy:mysql:/usr/local/etc/postfix/mysql_virual_domain.cf
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/ssl/smtpd.pem
smtpd_tls_CAfile = /etc/ssl/smtpd.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtpd_sasl_path = smtpd
```


----------



## DutchDaemon (Jul 21, 2011)

Don't start a new thread for an existing topic, and format your posts correctly.


----------



## jubutld (Jul 21, 2011)

Got it working.  Found I needed to "pear install Mail_mimeDecode", and "turn on" spam checking in mail guard.  This thread can be closed. Thanks


----------

