Fighting spam with Postfix+postgrey+clamav

After year working with Mailscanner installed I've decided to try another way;

So, in our servers room (after server consolidation) I had an IBM x226 configured with

  • 2x Intel Xeon 3GHz;
  • 6 GB RAM,
  • 4x 40GB SCSI
  • IBM Server Raid controller
  • 2X NetXtreme BCM5703 Gigabit Ethernet controller

I know this is too to do this job, but in future I don't know if will be sufficient.

Installed Centos 5.5 final; purged and updated; next installed postfix, postgrey, and after enable (only this time ) rpmforge repo I've installed clamav-milter.

Next I've configured postfix to act as mailgateway for our internal mailserver, and I've enabled some controls on sender, look my posfix.conf:

smtpd_recipient_restrictions =  reject_invalid_hostname,
                                reject_non_fqdn_hostname,
                                reject_non_fqdn_sender,
                                reject_unauth_destination,
                                reject_unauth_pipelining,
                                check_sender_access hash:/etc/postfix/whitelist
                                reject_rbl_client zen.spamhaus.org,
                                reject_rbl_client dnsbl.njabl.org,
                                reject_unknown_recipient_domain,
                                reject_unverified_recipient

in "check_sender_access" I've Whitelists some sender that use blacklisted mailservers.
Now It's time to setup postgrey, so in "smtpd_recipient_restrictions" section of main.cf add this line at the end of the section:

check_policy_service inet:127.0.0.1:10025

In /etc/sysconfig/postgrey you have to set options. This is mine:

OPTIONS="--greylist-text=\"You are greylisted...try again later. \"
--inet=127.0.0.1:10025  --user=postfix --group=postfix"

You can also use unix socket instead of tcp socket It's your choice.
Clamav-milter need to be configured, his configuration file is in /etc/clamav-milter.conf,
I've changed these parameter:

MilterSocket unix:/var/clamav/clmilter.socket
User clamav
AllowSupplementaryGroups yes
ClamdSocket unix:/var/run/clamav/clamd.sock
LogFile /var/log/clamav/clamav-milter.log
LogSyslog yes
LogFacility LOG_MAIL
LogInfected Basic

To instruct postfix to use clamav-milter, add these two lines in /etc/postfix/main.cf after "smtpd_recipient_restrictions" section:

smtpd_milters = unix:/var/clamav/clmilter.socket
non_smtpd_milters = unix:/var/clamav/clmilter.socket

With this settings we have no false positive, and we can catch 99 % of spam.

This post is also available in: Italian

Comments (2)

  1. 6:20 am, August 16, 2010Anonymous  / Reply

    Keep up the good work. Everyone is opened to there opinion. Excellent blog here, i am still reading :)

  2. 8:25 pm, September 10, 2010Anonymous  / Reply

    Great post – I’ve been struggling with this for some time and it’s great to see this information.

Leave a Reply


*