Mail Filter

Amavis Logo

Amavis is an open source content filter for electronic mail, implementing mail message transfer, decoding, some processing and checking, and interfacing with external content filters to provide protection against spam, viruses and other malware. It can be considered an interface between a mailer (MTA, Mail Transfer Agent) and one or more content filters.

We will use Amavis for the following tasks:

  • DKIM signing our outgoing mails.

  • Checking DKIM signatures of incoming mails.

  • Scanning all mails for viruses (using ClamAV).

  • Scanning inccoming mails for spam (using SpamAssassin).

Software Installation

Amavis is available as package in the Ubuntu software repository:

$ sudo apt-get install amavisd-new

The installation creates the following items:

  • The system user and group amavis.

  • The directory /etc/amavis with configuration files.

  • The directory /usr/share/amavis/conf.d/ with read-only configuration files.

  • The directory /var/lib/amavis

  • The directory /usr/share/doc/amavis-new with documentation and configuration examples.

  • The system service amavis (see /etc/init.d/amavis)

Additional Archive Packages

With the following software packages installed, it will be possible to look inside various types of file-archives and scan the contents for viruses:

$ sudo apt-get install arj cabextract lzop nomarch p7zip-full rar ripole rpm2cpio unrar-free zip zoo

The following documentation is relevant to our installation and will be used as reference for what lies ahead:

  • /usr/share/doc/amavis-new/amavisd-new-docs.html

  • /usr/share/doc/amavis-new/README.debian.gz

  • /usr/share/doc/amavis-new/NEWS.Debian.gz

  • /usr/share/doc/amavis-new/README.postfix.html

Note that any Ubuntu specific notes are included in the above Debian files by the Ubuntu package maintainers.

Group Memberships

Add clamav user to the amavis group and vice versa in order for Clamav to have access to the files it needs to scan:

$ sudo adduser clamav amavis
$ sudo adduser amavis clamav

Configuration

Enable Scanning for Virus and Spam

Mail content scanners are disabled by deafult. To activate them open /etc/amavis/conf.d/15-content_filter_mode and uncomment the following lines:

#
# Default antivirus checking mode
# Please note, that anti-virus checking is DISABLED by 
# default.
# If You wish to enable it, please uncomment the following lines:


@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
#
# Default SPAM checking mode
# Please note, that anti-spam checking is DISABLED by 
# default.
# If You wish to enable it, please uncomment the following lines:


@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

Database for Virtual Domains

Amavis needs to be able to lookup our hosted virtual mail-domains to decide if a mail is incoming or outgoing.

We create the /etc/amavis/conf.d/50-user and define the database server connection there.

Use the same credentials as we defined in the database connection of our ViMbAdmin configuration.

use strict;

#
# Place your configuration directives here.  They will override those in
# earlier files.
#
# See /usr/share/doc/amavisd-new/ for documentation and examples of
# the directives you can use in this file
#

$sa_spam_subject_tag = undef;
$spam_quarantine_to  = undef;
$sa_tag_level_deflt  = undef;

# Prevent spams from automatically rejected by mail-server
$final_spam_destiny  = D_PASS;

# We need to provide list of domains for which filtering need to be done
@lookup_sql_dsn = (
    ['DBI:mysql:database=vimbadmin;host=127.0.0.1;port=3306',
     'vimbadmin',
     '********']);

$sql_select_policy = 'SELECT domain FROM domain WHERE CONCAT("@",domain) IN (%k)';

#------------ Do not modify anything below this line -------------
1;  # ensure a defined return

Service Re-Start

Now re-start Amavis:

$ sudo service amavis restart