One of the biggest ways viruses are distributes is via Email. While for people running OS X and *nix/BSD viruses aren’t really a problem. However, as we are running a server, people accessing mail on that server may be using other operating systems that are vulnerable to viruses, it is a good idea to help prevent the spread of those viruses by scanning emails arriving at your server.

There are a variety of virus scanners available for use, and some of them are specifically designed to work with email servers, just like ours. I have chosen the ClamAV virus scanner as it is an open source project that is highly respected.

Integrating ClamAV into the mail server requires the use of a program called amavisd-new. Amavisd-new is the glue that allows postfix to use ClamAV. Amavisd-new is already on your system, though we will need to configure it properly for it to work in our setup.

We will split up the setup process as follows.

  1. Installing Clamav from source
  2. Installing SpamAssassin
  3. Start Clamav as a daemon on boot
  4. Configuring Amavisd-new and its dependancies
  5. Starting Amavisd-new on boot
  6. Configure postfix to use amavisd-new

From the amavisd-new website :
Amavisd-new is a high-performance and reliable interface between mailer (MTA) and one or more content checkers: virus scanners, and/or Mail::SpamAssassin Perl module. It is written in Perl, ensuring high reliability, portability and maintainability. It talks to MTA via (E)SMTP or LMTP protocols, or by using helper programs. No timing gaps exist in the design, which could cause a mail loss.

Once Amavisd-new, SpamAssassin and ClamAV are installed and working, it is very easy to add other content checkers for Amavisd to use.

Spamassassin had a large number of dependancies. Thankfully, these can all be taken care of using the CPAN system. It does some time to install the dependancies, but it is not complicated.