How to Add Antivirus and Spam Protection to Postfix Mail Server with ClamAV and SpamAssassin – Part 3

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Use our Linode referral link if you plan to buy VPS (it starts at only $10/month).
  4. Support us via PayPal donate - Make a Donation
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Gabriel Cánepa

Gabriel Cánepa is a GNU/Linux sysadmin and web developer from Villa Mercedes, San Luis, Argentina. He works for a worldwide leading consumer product company and takes great pleasure in using FOSS tools to increase productivity in all areas of his daily work.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

9 Responses

  1. Sergio says:

    I am using Debian and when I try to use the systemctl enable clamd@scan.service and the start one, shows me an error saying no such file or directory, are these commands just for Ubuntu? Or they should be working on Debian too? Thanks.

    • Gabriel A. Cánepa says:

      Hi Sergio,
      Which version of Debian are you using? Please note that systemctl is part of the systemd suite, which is available starting with Debian 8 Jessie.
      If you are sure you’re using Jessie, you can check how these services are called by doing
      systemctl | grep clam
      Hope it helps.

  2. Peter says:

    Is there a way to make all the spam automatically go to the users junk-mail folder?

    On that function is implemented, but the guides isn’t identically so I don’t think I can use the configuration from that site.

    Some script that delete everything from all junk-folders that are older than 1 month or so would also be nice.

  3. Harmon20 says:

    Spamassassin went fine but I’m having trouble with clamav. I tried removing all (they were installed in Part 1 of this guide), including config files and backups, then installing from scratch and following these instructions precisely. Got the same results and my Google-fu is failing me. CentOS 7.2.1511 and ClamAV 0.99.1

    Everything went according to the script but the service won’t start. The output of the status query is:

    [root@mx /]# systemctl -l status clamd@scan.service
    clamd@scan.service – Generic clamav scanner daemon
    Loaded: loaded (/usr/lib/systemd/system/clamd@scan.service; enabled; vendor preset: disabled)
    Active: failed (Result: start-limit) since Wed 2016-06-01 15:32:40 EDT; 4min 19s ago
    Process: 2528 ExecStart=/usr/sbin/clamd -c /etc/clamd.d/%i.conf –nofork=yes (code=exited, status=1/FAILURE)
    Main PID: 2528 (code=exited, status=1/FAILURE)

    Jun 01 15:32:40 mx systemd[1]: clamd@scan.service: main process exited, code=exited, status=1/FAILURE
    Jun 01 15:32:40 mx systemd[1]: Unit clamd@scan.service entered failed state.
    Jun 01 15:32:40 mx systemd[1]: clamd@scan.service failed.
    Jun 01 15:32:40 mx systemd[1]: clamd@scan.service holdoff time over, scheduling restart.
    Jun 01 15:32:40 mx systemd[1]: start request repeated too quickly for clamd@scan.service
    Jun 01 15:32:40 mx systemd[1]: Failed to start Generic clamav scanner daemon.
    Jun 01 15:32:40 mx systemd[1]: Unit clamd@scan.service entered failed state.
    Jun 01 15:32:40 mx systemd[1]: clamd@scan.service failed.
    [root@mx /]#

    Any ideas what I might be missing?

    • Harmon20 says:

      additional info: In case this was a problem with me trying to manually start the service I rebooted the server and checked the service status after it came back up. Same output.

      • @Harmon20, we’re almost there, brother :). Hang in there.
        Can you paste the output of journalctl -xn RIGHT AFTER attempting to manually start clamd? We are mostly interested in lines containing the word ERROR in them.

  4. ura soul says:

    if the clamav scan only runs once a day, won’t that mean that new messages that are infected will be available for download for up to 1 day? so therefore, many of them will get through to mail clients?

    • @ura,
      What runs once a day is the cron job that will update the virus definitions. On the other hand, the antivirus service itself should be running as a daemon at all times. That is what will protect your new messages.
      Of course, it is possible -though highly unlikely- that a message (infected with a virus released in the recent past, whose signature has not yet been identified by major antivirus engines) finds its way to your mailbox. With virus and antivirus you can be as paranoid as with backups. A solid knowledge of the threats your environment faces will give you the last word as to how paranoid you need to be about it.

      • Ivan says:

        Hello Gabriel,

        First of all, let me thank you for the great series of articles. I’m following along, and so far so good :)

        regarding the above question, I thing @ura souls was referring to this part:

        “The above cronjob will scan the mail server directory recursively and leave a log of its operation in /var/log/clamav/dailyclamscan.log”

        I understood as he did. Also, I find that updating is by default, but what needs to be done is to remove this four lines:

        ### !!!!! REMOVE ME !!!!!!
        ### REMOVE ME: By default, the freshclam update is disabled to avoid
        ### REMOVE ME: network access without prior activation
        FRESHCLAM_DELAY=disabled-warn # REMOVE ME

        from vi /etc/sysconfig/freshclam.

        If you can comment this, it would be really helpful.

        All the best

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

Join Over 300K+ Linux Users
  1. 202,035
  2. 9,267
  3. 38,621

Are you subscribed?