Fedora35 : Clam AntiVirus , Mail Server

# vi /etc/clamd.d/scan.conf
●Line 14.
# Default: disabled
LogFile /var/log/clamd.scan　←　Uncomment
●Line 77.
# Default: disabled
PidFile /run/clamd.scan/clamd.pid　←　Uncomment
●Line 96.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
LocalSocket /run/clamd.scan/clamd.sock　←　Uncomment
●Line 219.
# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
#User clamscan　←　comment-out

# vi /etc/freshclam.conf
●Line 75.
Insert a "#" at the beginning of the line "DatabaseMirror database.clamav.net" and
Add "DatabaseMirror db.jp.clamav.net"
#DatabaseMirror database.clamav.net
DatabaseMirror db.jp.clamav.net
●Per line 151
Add "NotifyClamd /etc/clamd.d/scan.conf"
#NotifyClamd /path/to/clamd.conf
NotifyClamd /etc/clamd.d/scan.conf

# freshclam
daily.cvd database is up-to-date (version: 26535, sigs: 1983975, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2)

# systemctl start clamd@scan　←　clamd start
# systemctl enable clamd@scan　←　clamd auto-startup setting
Created symlink /etc/systemd/system/multi-user.target.wants/clamd@scan.service → /usr/lib/systemd/system/clamd@.service.
# systemctl is-enabled clamd@scan
enabled
# systemctl status clamd@scan　←　operation check
● clamd@scan.service - clamd scanner (scan) daemon
Loaded: loaded (/usr/lib/systemd/system/clamd@.service; enabled; vendor pr>
Active: active (running) since Sun 2022-05-15 11:08:35 JST; 20s ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://www.clamav.net/documents/
Main PID: 4234 (clamd)
Tasks: 2 (limit: 4614)
Memory: 1.1G
CPU: 17.146s
CGroup: /system.slice/system-clamd.slice/clamd@scan.service
mq4234 /usr/sbin/clamd -c /etc/clamd.d/scan.confMay 15 11:08:35 fedora clamd[4234]: ELF support enabled.
May 15 11:08:35 fedora clamd[4234]: Mail files support enabled.
May 15 11:08:35 fedora clamd[4234]: OLE2 support enabled.
May 15 11:08:35 fedora clamd[4234]: PDF support enabled.

# wget http://www.eicar.org/download/eicar.com
# clamscan --infected --remove --recursive
/root/eicar.com: Win.Test.EICAR_HDB-1 FOUND ← Virus detection
/root/eicar.com: Removed. ← virus removal
----------- SCAN SUMMARY -----------
Known viruses: 8616037
Engine version: 0.103.5
Scanned directories: 1
Scanned files: 10
Infected files: 1
Data scanned: 0.02 MB
Data read: 0.01 MB (ratio 2.00:1)
Time: 27.879 sec (0 m 27 s)
Start Date: 2022:05:09 16:02:51
End Date: 2022:05:09 16:03:19

# mkdir -p /var/www/system
# cd /var/www/system

Create clamscan.sh in /var/www/system with the following contents
# vi /var/www/system/clamscan.sh
#!/bin/bash
PATH=/usr/bin:/bin
# excludeopt setup
excludelist=/var/www/system/clamscan.exclude
if [ -s $excludelist ]; then
for i in `cat $excludelist`
do
if [ $(echo "$i"|grep \/$) ]; then
i=`echo $i|sed -e 's/^\([^ ]*\)\/$/\1/p' -e d`
excludeopt="${excludeopt} --exclude-dir=$i"
else
excludeopt="${excludeopt} --exclude=$i"
fi
done
fi
# signature update
freshclam
# virus scan
clamscan --recursive --remove ${excludeopt} /

# chmod 700 clamscan.sh
# echo "/sys/" >> /var/www/system/clamscan.exclude
# echo "/proc/" >> /var/www/system/clamscan.exclude
Exclude sys and proc directories.

# crontab -e
no crontab for root - using an empty one
Fedora does not have cron by default, so please run the following to install it
# dnf install cronie cronie-anacron
again
# crontab -e
0 1 * * * /var/www/system/clamscan.sh > /dev/null 2>&1

# rpm -qa | grep postfix
postfix-3.6.4-1.fc35.x86_64

# systemctl enable postfix.service
Created symlink /etc/systemd/system/multi-user.target.wants/postfix.service → /usr/lib/systemd/system/postfix.service.
# systemctl is-enabled postfix.service
enabled

# cp -p /etc/postfix/main.cf `date '+/etc/postfix/main.cf.%Y%m%d'`
# cp -p /etc/postfix/master.cf `date '+/etc/postfix/master.cf.%Y%m%d'`

# vi /etc/postfix/main.cf
●Per line 96: add
#myhostname = virtual.domain.tld
myhostname = mail.<domain name>
●Per line 103: Add your domain name
#mydomain = domain.tld
mydomain = <domain name>
●Per line 118: Uncomment
myorigin = $mydomain
●
inet_interfaces = all
●Per line 138: change
inet_protocols = ipv4
●Per line 183: add
Comment out around line 183 and add to line 184.
#mydestination = $myhostname, localhost.$mydomain, localhost
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
●Per line 287: add
#mynetworks = 168.100.189.0/28, 127.0.0.0/8
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table
mynetworks = 192.168.11.0/24, 127.0.0.0/8　←192.168.11.0/24 to suit your environment
●Per line 440: Uncomment
Mail storage format
#home_mailbox = Mailbox
home_mailbox = Maildir/　
●Per line 447: add
#mail_spool_directory = /var/mail
mail_spool_directory = /var/spool/mail　
●Per line 593: add
#smtpd_banner = $myhostname ESMTP $mail_name
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_banner = $myhostname ESMTP unknown
●Add the following to the last line
#Limit send/receive mail size to 10M
message_size_limit = 10485760
# Limit mailbox size to 1G
mailbox_size_limit = 1073741824
# SMTP-Auth Settings
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, permit_sasl_authenticated, reject

# firewall-cmd --add-service=smtp --permanent
success
# firewall-cmd --reload
success

# cp -p /etc/dovecot/dovecot.conf `date '+ /etc/dovecot/dovecot.conf.%Y%m%d'`
# vi /etc/dovecot/dovecot.conf
●Per line 25: add
# protocols = imap pop3 lmtp
protocols = imap pop3
●Line 30 : Uncomment
# Remove [::] if listening for IPv4 only
listen = *

# vi /etc/dovecot/conf.d/10-auth.conf
●Line 10 : Uncomment  change
If plain text authentication is also allowed
disable_plaintext_auth = no
●Line 100 : add
auth_mechanisms = plain login

# vi /etc/dovecot/conf.d/10-mail.conf
●Line 31 : add
mail_location = maildir:~/Maildir

# vi /etc/dovecot/conf.d/10-master.conf
●Line 107-109 : Uncommented and added
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}

# vi /etc/dovecot/conf.d/10-ssl.conf
●Per line 8
Change "ssl = required" to "ssl = yes"
ssl = yes

# systemctl enable dovecot.service
Created symlink /etc/systemd/system/multi-user.target.wants/dovecot.service → /usr/lib/systemd/system/dovecot.service.
# systemctl is-enabled dovecot.service
Enabled
# systemctl start dovecot.service

# firewall-cmd --permanent --add-service=pop3
# firewall-cmd --permanent --add-service=imap
# firewall-cmd --reload

Mail client installation
# dnf -y install mailx

Mailboxes are set to refer to Maildir
# echo 'export MAIL=$HOME/Maildir' >> /etc/profile.d/mail.sh

Add user "linux"
# useradd linux
# passwd  linux
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

# su - linux
$ mail linux@localhost
Subject: Test Mail
mail test
.   ←　To end the text, type "."
EOT
$ mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/home/linux/Maildir": 1 message 1 new
>N 1 linux@korodes.com Wed May 11 13:05 17/506 "Test Mail"
& 1
Message 1:
From linux@korodes.com Wed May 11 13:05:10 2022
Return-Path: <linux@korodes.com>
X-Original-To: linux@localhost
Delivered-To: linux@localhost
Date: Wed, 11 May 2022 13:05:10 +0900
To: linux@localhost
Subject: test
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: linux@korodes.com
Status: Rmail test& q
Held 1 message in /home/linux/Maildir

# vi /etc/clamd.d/scan.conf
●Line 77：change
PidFile /var/run/clamd.scan/clamd.pid
●Line 81：Uncomment
TemporaryDirectory /var/tmp
●Line 96：change
LocalSocket /var/run/clamd.scan/clamd.sock

# touch /var/log/clamd.scan
# chown clamscan. /var/log/clamd.scan
# systemctl enable clamd@scan

# vi /etc/amavisd/amavisd.conf
●Delete # at the beginning of the line per line 13
@bypass_spam_checks_maps = (1); # controls running of anti-spam code　
● Line 23：Change to your domain name
$mydomain = '<your domain>';
● per line 28
#$QUARANTINEDIR = undef; # -Q
●Comment out per line 125
# $virus_admin = undef; # notifications recip
●Line 158：Uncomment and change to your own host name
$myhostname = 'mail.<your domain>';

# systemctl enable amavisd　
Created symlink /etc/systemd/system/multi-user.target.wants/amavisd.service → /usr/lib/systemd/system/amavisd.service.

# vi /etc/postfix/main.cf
# Add to the last line　
content_filter=smtp-amavis:[127.0.0.1]:10024
# vi /etc/postfix/master.cf
# Add to the last line　
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000

# dnf -y install spamassassin spamass-milter-postfix
# systemctl start spamassassin
# systemctl enable spamassassin
Created symlink /etc/systemd/system/multi-user.target.wants/spamassassin.service → /usr/lib/systemd/system/spamassassin.service.

# vi /etc/mail/spamassassin/v310.pre
●Delete # at the beginning of the line per line 24
loadplugin Mail::SpamAssassin::Plugin::DCC

# cd /var/www/system
# vi /var/www/system/spamassassin-update.sh

#!/bin/bash

cd /etc/mail/spamassassin
wget -q https://github.com/kittyfreak/spamassassin_user_prefs/archive/refs/heads/main.zip
[ $? -ne 0 ] && exit
unzip main.zip >/dev/null 2>&1
[ $? -ne 0 ] && exit
rm -f main.zip
mv spamassassin_user_prefs-main/user_prefs .
rm -rf spamassassin_user_prefs-main
diff user_prefs user_prefs.org > /dev/null 2>&1
if [ $? -ne 0 ]; then
cp user_prefs local.cf
echo "report_safe 0" >> local.cf
echo "rewrite_header Subject ***SPAM***" >> local.cf

if [ -f /etc/rc.d/init.d/spamassassin ]; then
/etc/rc.d/init.d/spamassassin restart > /dev/null
else
systemctl restart spamassassin > /dev/null
fi
fi
cp user_prefs user_prefs.org

# chmod 700 /var/www/system/spamassassin-update.sh
# /var/www/system/spamassassin-update.sh

# ls -l /etc/mail/spamassassin
total 176
drwxr-xr-x 2 root root 40 May 15 23:02 channel.d
-rw-r--r-- 1 root root 1194 Jul 24 2021 init.pre
-rw-r--r-- 1 root root 276 Jul 24 2021 local.cf
-rw-r--r-- 1 root root 126639 May 15 23:06 main.zip
drwx------ 2 root root 6 Jul 24 2021 sa-update-keys
-rw-r--r-- 1 root root 62 Jul 24 2021 spamassassin-default.rc
-rwxr-xr-x 1 root root 39 Jul 24 2021 spamassassin-helper.sh
-rw-r--r-- 1 root root 55 Jul 24 2021 spamassassin-spamc.rc
-rw-r--r-- 1 root root 2523 May 15 23:04 v310.pre

# crontab -e
0 2 * * * /var/www/system/spamassassin-update.sh > /dev/null 2>&1

# vi /etc/postfix/master.cf
●Add "#" to the beginning of line 11 and add SpamAssassin setting to line 12
# smtp inet n - n - - smtpd
smtp inet   n   -   n   -   -   smtpd
-o content_filter=spamassassin
●Add to last line
smtp-amavis unix - - n - 2 smtp
       -o smtp_data_done_timeout=1200
       -o smtp_send_xforward_command=yes
       -o disable_dns_lookups=yes

127.0.0.1:10025 inet n - n - - smtpd
       -o content_filter=
       -o local_recipient_maps=
       -o relay_recipient_maps=
       -o smtpd_restriction_classes=
       -o smtpd_client_restrictions=
       -o smtpd_helo_restrictions=
       -o smtpd_sender_restrictions=
       -o smtpd_recipient_restrictions=permit_mynetworks,reject
       -o mynetworks=127.0.0.0/8
       -o strict_rfc821_envelopes=yes
       -o smtpd_error_sleep_time=0
       -o smtpd_soft_error_limit=1001
       -o smtpd_hard_error_limit=1000

spamassassin unix - n n - - pipe
        user=nobody argv=/usr/bin/spamc -e /usr/sbin/sendmail.postfix -oi -f ${sender} ${recipient}