Introduction

I'm so very surprised at myself for NOT knowing about this little diddy years sooner however all along there's been a nice little package called clamsmtp that fits nicely into your Postfix MTA backend that will use your ClamAV to scan both incoming AND outgoing emails for viri. With the recent news about Avast scanning your drive not just for viri but for data to sell about you around the globe I'm sure folks will be looking for a nice alternative for viri scanning their systems and their emails. After all it's best to catch a viri PRIOR to you opening mail than trying to clean things up after the fact. This "how-to" will show you how to add this with an AmprNet axMail-FAX mail system.

Let's begin the fun!

Since most (not all) are Debian or Debian based installs that are using the axMail-FAX system this will be designed to guide those with such systems. I'm sure if you're using something else such as Fedora you can translate things to RedHat lingo. Also I'm going to assume you have ClamAV installed along with FreshClam and my ClamScan system. If you don't have ClamAV installed stop now and install clam and freshclam - and while at it my ClamScan package. You may check by issuing the command:
ps ax|grep clam
If its not install it use apt-get to install them. ClamScan you'll have to get from my ftp server.

Get ClamSMTP and configure it for AmprNet mail

As root, execute:
apt-get install clamsmtp
It will grab this package from the repository and install it with a very basic installation. The trick will be to configure it for our usage which is actually easier than I thought. Next as root using your favorite text editor edit the file: /etc/clamsmtpd.conf
Change 2 lines to the following:
OutAddress: 10025
to
OutAddress: 10026
NEXT change 
Listen: 127.0.0.1:10026
to
Listen 0.0.0.0:10025
You may uncomment the Header: line if you desire. Save the file!

Postfix configuration

There's 2 files in /etc/postfix you will need to edit:
main.cf and master.cf
You may copy and paste in the following lines in each file for ease of use. First let's visit the easier one: main.cf
Using your favorite text editor open the file up and you may scroll all the way to the bottom of the file and add these 2 lines:
content_filter = scan:44.x.x.x:10025
receive_override_options = no_address_mappings
Insure to replace 44.x.x.x with your postfix's AmprNet IP that's bound to mail ports. Most of us are required to do this because our ISPs filter outbound port 25 sending to the global internet in an attempt to halt you from being used by spammers as relay stations. Save your main.cf file and next open your master.cf file with your editor. At the bottom of your master.cf file you may copy and paste the following lines in:
# AV scan filter (used by content_filter)
scan      unix  -       -       n       -       16      smtp
        -o smtp_send_xforward_command=yes
# For injecting mail back into postfix from the filter
44.x.x.x:10026 inet  n -       n       -       16      smtpd
        -o content_filter=
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_helo_restrictions=
        -o smtpd_client_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks_style=host
        -o smtpd_authorized_xforward_hosts=44.x.x.x/32
Change 44.x.x.x to your 44-net IP as with main.cf above. Save this file. Now put on a hat and hold onto your hat as we're going to go for a ride.

Start it up

Now restart both clamsmtp AND postfix. Login to your axMail and send yourself a simple email to: clamsmtp and in the body you can leave it empty or just type something simple like "test". Logoff axmail, then log back in. You should have new mail waiting:
axMail-Fax v2.10
You have 1 messages (1 new).
n1uro@n1uro.ampr.org
Current message 0 of 1
=> l
St Num From                      Subject                  Date              Size
 N   1 Brian n1uro@n1uro.ampr.o clamsmtp                 Thu, 30 Jan 2020  1014
n1uro@n1uro.ampr.org
Current message 0 of 1
Now read the mail in verbose mode with the "v #: command"
 => v 1
Message 1: (New)
Return-Path: <n1uro@n1uro.ampr.org>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on n1uro.ampr.org
X-Spam-Level:
X-Spam-Status: No, score=-100.7 required=3.0 tests=RCVD_IN_DNSWL_LOW,
        SPF_HELO_PASS,SPF_PASS,USER_IN_WHITELIST autolearn=ham version=3.3.2
X-Original-To: n1uro@n1uro.ampr.org
Delivered-To: n1uro@n1uro.ampr.org
Received: from n1uro.ampr.org (n1uro [44.88.0.9])
        by n1uro.ampr.org (Postfix) with ESMTP id A03CD227CC
        for <n1uro@n1uro.ampr.org>; Thu, 30 Jan 2020 23:39:40 -0500 (EST)
Received: by n1uro.ampr.org (Postfix, from userid 1000)
        id 85C512287A; Thu, 30 Jan 2020 23:39:40 -0500 (EST)
From: Brian <n1uro@n1uro.ampr.org>
To: n1uro@n1uro.ampr.org
X-Priority: 3 (Normal)
Subject: clamsmtp
Message-Id: <20200131043940.85C512287A@n1uro.ampr.org>
Date: Thu, 30 Jan 2020 23:39:40 -0500 (EST)
X-AV-Checked: ClamAV using ClamSMTP

view headers.

---
73 de Brian, N1URO - supporting packet radio since 1995.

sent via axMail-FAX by N1URO.
--- end of message #1 ---
n1uro@n1uro.ampr.org
Current message 1 of 1
You'll notice the header under the Date: shows that it was processed by ClamSMTP just fine! If you have questions, please email the uronode support list as others may run into problems as well and answers may help others before they need to ask questions.

Updated information for a newer MTA

If you have postfix version 2.3 or newer, you should use Clamav-Milter. This does things a LOT more automatically for you and your postfix configurations are only 2 lines total and only in main.cf! Here's what you do:
apt -y remove --purge clamsmtp #if installed
apt -y install clamav-milter

cd /etc/postfix
nano main.cf... and add at the bottom (after removing clamsmtp configs):
smtpd_milters = unix:/var/run/clamav/clamav-milter.ctl
milter_default_action = accept
save and remove all you may have put in master.cf.
service postfix restart (or systemctl if you're sadly using systemd)

You will see your mail was scanned in the headers. Enjoy!

I do hope this page helps get you going with ClamAV scanning for mail! --73
Back