Postfix, dspam, clamav and dovecot

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Postfix, dspam, clamav and dovecot

Jan Meyland Andersen
Hi

I have a problem with setting up a combination of Postfix, dspam, clamav
and dovecot.

What I want to achieve is to get the mail scanned by dspam and clamav
before dovecot(sieve) delivers the mail.
I don't know if this is the best setup but I think that this should give
me the spam and virus filter that I need.

My setup look like this.

*** main.cf ***
# --------------- local settings ------------------
myhostname                      = agile.dk
inet_interfaces                 = all
mynetworks                      = 127.0.0.0/8 [::ffff:127.0.0.0]/104
[::1]/128,192.1.1.64/26,192.1.1.1
mydestination                   = localhost
relayhost                       = mail.telenor.dk
smtpd_banner                    = $myhostname ESMTP $mail_name (Debian/GNU)
biff                            = no
mailbox_size_limit              = 0
recipient_delimiter             = +
alias_maps                     = hash:/etc/aliases
dspam_destination_recipient_limit = 1
content_filter = scan:127.0.0.1:2424

# ---------------------- VIRTUAL DOMAINS START ----------------------
local_transport=virtual;
virtual_mailbox_domains         = mysql:/etc/postfix/mysql/domains.cf
virtual_mailbox_base            = /var/spool/postfix/virtual
virtual_mailbox_maps            = mysql:/etc/postfix/mysql/aliases.cf
virtual_alias_maps              = mysql:/etc/postfix/mysql/remote_aliases.cf
virtual_mailbox_limit           = 102400000
virtual_minimum_uid             = 101
virtual_uid_maps                = mysql:/etc/postfix/mysql/vuids.cf
virtual_gid_maps                = mysql:/etc/postfix/mysql/vgids.cf
virtual_alias_domains           =
virtual_transport               = dovecot
dovecot_destination_recipient_limit = 1
# ---------------------- VIRTUAL DOMAINS END ----------------------
# ---------------------- SASL PART START ----------------------
smtpd_sasl_auth_enable          = yes
smtpd_sasl_exceptions_networks  = $mynetworks
smtpd_sasl_security_options     = noanonymous
broken_sasl_auth_clients        = yes
smtpd_sasl_type                 = dovecot
smtpd_sasl_path                 = private/auth
# ---------------------- SASL PART END ----------------------
# ---------------------- TLS PART START ----------------------
#smtp_tls_CAfile                = /etc/pki/tls/certs/cert.pem
smtp_tls_cert_file              = /etc/postfix/smtpd.cert
smtp_tls_key_file               = /etc/postfix/smtpd.key
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_security_level         = may
smtpd_tls_cert_file             = /etc/postfix/smtpd.cert
smtpd_tls_key_file              = /etc/postfix/smtpd.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_security_level        = may
smtpd_use_tls                   = yes
smtpd_tls_received_header       = yes
smtpd_tls_ask_ccert             = yes
smtpd_tls_loglevel              = 1
tls_random_source               = dev:/dev/urandom
# ---------------------- TLS PART END ----------------------
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20
smtpd_helo_required             = yes
disable_vrfy_command            = yes
non_fqdn_reject_code            = 450
invalid_hostname_reject_code    = 450
maps_rbl_reject_code            = 450
smtpd_recipient_restrictions =
         permit_mynetworks
         permit_sasl_authenticated
         reject_unauth_destination
         reject_invalid_helo_hostname
         warn_if_reject reject_non_fqdn_helo_hostname
         warn_if_reject reject_unknown_helo_hostname
         warn_if_reject reject_unknown_client
         reject_non_fqdn_sender
         reject_non_fqdn_recipient
         reject_unknown_sender_domain
         reject_unknown_recipient_domain
         reject_rbl_client zen.spamhaus.org
         reject_rbl_client bl.spamcop.net
         reject_rbl_client dnsbl.sorbs.net=127.0.0.2
         reject_rbl_client dnsbl.sorbs.net=127.0.0.3
         reject_rbl_client dnsbl.sorbs.net=127.0.0.4
         reject_rbl_client dnsbl.sorbs.net=127.0.0.5
         reject_rbl_client dnsbl.sorbs.net=127.0.0.7
         reject_rbl_client dnsbl.sorbs.net=127.0.0.9
         reject_rbl_client dnsbl.sorbs.net=127.0.0.11
         reject_rbl_client dnsbl.sorbs.net=127.0.0.12
         warn_if_reject reject_rhsbl_sender dsn.rfc-ignorant.org
         warn_if_reject reject_rhsbl_sender abuse.rfc-ignorant.org
         warn_if_reject reject_rhsbl_sender whois.rfc-ignorant.org
         warn_if_reject reject_rhsbl_sender bogusmx.rfc-ignorant.org
         warn_if_reject reject_rhsbl_sender postmaster.rfc-ignorant.org
         permit
smtpd_data_restrictions =
         reject_unauth_pipelining,
         reject_multi_recipient_bounce,
         permit

*** master.cf ***
smtp      inet  n       -       -       -       -       smtpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       - trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
         -o smtp_fallback_relay=
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
   flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail    unix  -       n       n       -       -       pipe
   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix  -       n       n       -       2       pipe
   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
   flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
   ${nexthop} ${user}
dspam     unix  -       n       n       -       10      pipe
   flags=DRhu user=dspam argv=/usr/bin/dspam --deliver=innocent,spam
--user ${user}@${nexthop} -i -f $sender -- $recipient
dovecot   unix  -       n       n       -       -       pipe
   flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender}
   -d ${user}@${nexthop} -a ${recipient}
scan      unix  -       -       n       -       16      smtp
  -o smtp_send_xforward_command=yes
127.0.0.1:10026 inet  n -       n       -       16      smtpd
  -o content_filter=
  -o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
  -o smtpd_helo_restrictions=
  -o smtpd_client_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8
  -o smtpd_authorized_xforward_hosts=127.0.0.0/8

*** dspam.conf ***
Home /var/spool/dspam
StorageDriver /usr/lib/dspam/libhash_drv.so
TrustedDeliveryAgent "/usr/lib/dovecot/deliver -d %u"
UntrustedDeliveryAgent "/usr/lib/dovecot/deliver -d %u"
DeliveryHost            127.0.0.1
DeliveryPort            10026
DeliveryIdent           localhost
DeliveryProto           SMTP
QuarantineAgent "/usr/lib/dovecot/deliver -d %u -m SPAM"
OnFail error
Trust root
Trust dspam
Trust www-data
Trust mail
Trust postfix
Debug *
TrainingMode teft
TestConditionalTraining on
Feature whitelist
Algorithm graham burton
Tokenizer chain
PValue bcr
WebStats on
Preference "trainingMode=TEFT"          # { TOE | TUM | TEFT | NOTRAIN }
-> default:teft
Preference "spamAction=tag"             # { quarantine | tag | deliver }
-> default:quarantine
Preference "spamSubject=[SPAM]"         # { string } -> default:[SPAM]
Preference "statisticalSedation=5"      # { 0 - 10 } -> default:0
Preference "enableBNR=on"               # { on | off } -> default:off
Preference "enableWhitelist=on"         # { on | off } -> default:on
Preference "signatureLocation=message"  # { message | headers } ->
default:message
Preference "tagSpam=off"                # { on | off }
Preference "tagNonspam=off"             # { on | off }
Preference "showFactors=off"            # { on | off } -> default:off
Preference "optIn=off"                  # { on | off }
Preference "optOut=off"                 # { on | off }
Preference "whitelistThreshold=10"      # { Integer } -> default:10
Preference "makeCorpus=off"             # { on | off } -> default:off
Preference "storeFragments=off"         # { on | off } -> default:off
Preference "localStore="                # { on | off } -> default:username
Preference "processorBias=on"           # { on | off } -> default:on
Preference "fallbackDomain=off"         # { on | off } -> default:off
Preference "trainPristine=off"          # { on | off } -> default:off
Preference "optOutClamAV=off"           # { on | off } -> default:off
Preference "ignoreRBLLookups=off"       # { on | off } -> default:off
Preference "RBLInoculate=off"           # { on | off } -> default:off
Preference "notifications=off"          # { on | off } -> default:off
AllowOverride enableBNR
AllowOverride enableWhitelist
AllowOverride fallbackDomain
AllowOverride ignoreGroups
AllowOverride ignoreRBLLookups
AllowOverride localStore
AllowOverride makeCorpus
AllowOverride optIn
AllowOverride optOut
AllowOverride optOutClamAV
AllowOverride processorBias
AllowOverride RBLInoculate
AllowOverride showFactors
AllowOverride signatureLocation
AllowOverride spamAction
AllowOverride spamSubject
AllowOverride statisticalSedation
AllowOverride storeFragments
AllowOverride tagNonspam
AllowOverride tagSpam
AllowOverride trainPristine
AllowOverride trainingMode
AllowOverride whitelistThreshold
AllowOverride dailyQuarantineSummary
AllowOverride notifications
Notifications   off
PurgeSignatures 14      # Stale signatures
PurgeNeutral    90      # Tokens with neutralish probabilities
PurgeUnused     90      # Unused tokens
PurgeHapaxes    30      # Tokens with less than 5 hits (hapaxes)
PurgeHits1S     15      # Tokens with only 1 spam hit
PurgeHits1I     15      # Tokens with only 1 innocent hit
LocalMX 127.0.0.1
SystemLog       on
UserLog         on
Opt out
ClamAVPort              3310
ClamAVHost              127.0.0.1
ClamAVResponse          accept
ServerHost              127.0.0.1
ServerPort              2424
ServerQueueSize 32
ServerPID               /var/run/dspam/dspam.pid
ServerMode standard
ServerParameters        "--deliver=innocent -d %u"
ProcessorURLContext on
ProcessorBias on
StripRcptDomain off
Include /etc/dspam/dspam.d/

When I get mail I get the following error when postfix tries to deliver
to dspam.
Sep 22 15:46:24 NoiceControl postfix/smtp[11989]: A25A84A2072:
to=<[hidden email]>, relay=127.0.0.1[127.0.0.1]:2424, delay=0.8,
delays=0.69/0.02/0.08/0, dsn=5.0.0, status=bounced (host
127.0.0.1[127.0.0.1] refused to talk to me: 503 5.0.0 Need LHLO here.)

I have no idea where to look in the setup for the error and what to fix.

I hope someone know what to do and what I done wrong.

Kind Regards

Jan
Reply | Threaded
Open this post in threaded view
|

Re: Postfix, dspam, clamav and dovecot

Benny Pedersen
Jan Meyland Andersen skrev den 2012-09-22 16:21:

> content_filter = scan:127.0.0.1:2424

> scan      unix  -       -       n       -       16      smtp

unix vs lmtp

> ServerHost              127.0.0.1
> ServerPort              2424

this is lmtp not unix sockets

do you want lmtp or unix sockets ?

Reply | Threaded
Open this post in threaded view
|

Re: Postfix, dspam, clamav and dovecot

Viktor Dukhovni
On Sat, Sep 22, 2012 at 04:56:58PM +0200, Benny Pedersen wrote:

> Jan Meyland Andersen skrev den 2012-09-22 16:21:
>
> >content_filter = scan:127.0.0.1:2424
>
> >scan      unix  -       -       n       -       16      smtp
>
> unix vs lmtp
>
> >ServerHost              127.0.0.1
> >ServerPort              2424
>
> this is lmtp not unix sockets
>
> do you want lmtp or unix sockets ?

Nonsense, there is no such thing as an "lmtp socket". The OP's
configuration is fine in this respect.

All Postfix delivery agents (smtp, lmtp, local, relay, pipe, virtual,
error, retry, ...) use "unix" domain sockets as the internal
communication channel with the queue manager. This in no way prevents
them from using various IPC mechanisms for message delivery. The
second column in master.cf is the *internal* IPC type, not
the delivery IPC type.

--
        Viktor.