[clamav-users] trying to get clamav working with amavis-ng, postfix, and openbsd

[Sid Keller <sidkeller@netscape.net>]

First, sorry for the long post.  I'm trying to supply enough information 
for someone to help.  I'm using clamav-0.54 with postfix-1.1.11, 
amavis-ng-0.1.4, and openbsd 3.2.  I ran into a few problems installing 
amavis-ng because apparently OpenBSD doesn't recognize install -D as 
indicated in the Makefile.  I edited the Makefile as follows:

pure_install :: pure_$(INSTALLDIRS)_install
   # Install Exim filter script
   install -d -m644 amavis-filter 
$(INSTALLSCRIPT)/../share/amavis/amavis-filter
   # Install magic cookie file
   install -d -m644 magic.mime $(INSTALLSCRIPT)/../share/amavis/magic.mime
   # Install AMaViS main script
   install -m755 amavis.pl $(INSTALLSCRIPT)/amavis
   install -m4755 -omail -gmail qmail-queue.amavis \
                $(INSTALLSCRIPT)/../sbin/qmail-queue.amavis
   #install -D -m755 amavis-milter/amavis-milter \
   #   $(INSTALLSCRIPT)/../sbin/amavis-milter
   # Install spool directories
   install -d -m750 -omail -gmail \
       $(PREFIX)/../var/spool/amavis/quarantine \
       $(PREFIX)/../var/spool/amavis/problems \
       $(PREFIX)/../var/spool/amavis/queue
   install -d -m750 -omail -gmail \
       $(PREFIX)/../var/log/amavis \
       $(PREFIX)/../var/run/amavis

It appears that this worked however I also noticed that AMAVIS.pm and 
the AMAVIS directory in the amavis-ng source directory were not 
installed.  I then did a make pure_perl_install per the Makefile.  This 
seems to have installed the perl modules.

For the amavis.conf file I uncommented the following or made the 
following corrections:

[global]
mail-transfer-agent = Postfix
virus-scanner = CLAM

[Postfix]
;; Location and arguments of the binary
postfix = /usr/local/sbin/sendmail
#postfix = /usr/sbin/sendmail
args = -i -f

[CLAM]
clamscan = /usr/local/bin/clamscan

My postfix master.cf file looks like this:

#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#       (yes)   (yes)   (yes)   (never) (50)
# ==========================================================================
smtp      inet  n   -   -   -   -   smtpd -o content_filter=amavis:
#smtp     inet  n   -   -   -   -   smtpd
#smtps     inet  n  -   -   -   -   smtpd -o smtpd_tls_wrappermode=yes -o 
smtpd_sasl_auth_enable=yes
#submission inet n  -   -   -   -   smtpd -o smtpd_enforce_tls=yes -o 
smtpd_sasl_auth_enable=yes
#628      inet  n   -   -   -   -   qmqpd
pickup    fifo  n   -   -   60  1   pickup
cleanup   unix  n   -   -   -   0   cleanup
qmgr      fifo  n   -   -   300 1   qmgr
#qmgr     fifo  n   -   -   300 1   nqmgr
rewrite   unix  -   -   -   -   -   trivial-rewrite
bounce    unix  -   -   -   -   0   bounce
defer     unix  -   -   -   -   0   bounce
flush     unix  n   -   -   1000?   0   flush
smtp      unix  -   -   -   -   -   smtp
showq     unix  n   -   -   -   -   showq
error     unix  -   -   -   -   -   error
local     unix  -   n   n   -   -   local
virtual   unix  -   n   n   -   -   virtual
lmtp      unix  -   -   -   -   -   lmtp
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
# The Cyrus deliver program has changed incompatibly.
#
cyrus     unix  -   n   n   -   -   pipe
  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
uucp      unix  -   n   n   -   -   pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail 
($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop 
$recipient
amavis    unix  -       n       n       -       -       pipe
  flags=Rq user=mail argv=/usr/bin/amavis ${sender} -- ${recipient}

When I send an email with the clamav-0.54/test/test1 file attached, it 
appears that it is not scanned.  I'm not quite sure if I have amavis-ng 
working.  Here is the message source.

Return-Path: <skeller@first-texas.com>
Delivered-To: sid@first-texas.com
Received: by mail.first-texas.com (Postfix, from userid 100)
   id E9048115EA; Thu, 20 Feb 2003 14:17:55 -0600 (CST)
X-Scanned-By: AMaViS at a badly configured site.
Received: from first-texas.com (unknown [192.168.1.102])
   by mail.first-texas.com (Postfix) with ESMTP id BE0541159D
   for <skeller@first-texas.com>; Thu, 20 Feb 2003 14:17:54 -0600 (CST)
Message-ID: <3E55377E.5010000@first-texas.com>
Date: Thu, 20 Feb 2003 14:15:58 -0600
From: "Sid (IMAP)" <skeller@first-texas.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2) 
Gecko/20021120 Netscape/7.01
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: skeller@first-texas.com
Subject: test
Content-Type: multipart/mixed;
 boundary="------------060903000307070906060906"


This is a multi-part message in MIME format.
--------------060903000307070906060906
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

test

--------------060903000307070906060906
Content-Type: application/x-java-applet;version=1.1.1;
 name="test1"
Content-Transfer-Encoding: base64
Content-Disposition: inline;
 filename="test1"

JENFbGlhY21hVHJFU1R1U2Npa2dzbiRGUkVFLVRFU1QtU0lHTkFUVVJFJEVFRUVFJAo=
--------------060903000307070906060906
Content-Type: application/octet-stream;
 name="test2.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="test2.zip"

UEsDBBQAAAAIAJ2r9yxbmRzrMAAAADIAAAAIABUAY2xhbXRlc3RVVAkAA3quPT1Prz09VXgE
AAAAAABTcXbNyUxMzk0MKXINDikNTs7MTi/OU3ELcnXVDQGK6AZ7uvs5hoQGuaq4goAKFwBQ
SwECFwMUAAAACACdq/csW5kc6zAAAAAyAAAACAANAAAAAAABAAAApIEAAAAAY2xhbXRlc3RV
VAUAA3quPT1VeAAAUEsFBgAAAAABAAEAQwAAAGsAAAAAAA==
--------------060903000307070906060906
Content-Type: application/octet-stream;
 name="test3.rar"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="test3.rar"

UmFyIRoHAM+QcwAADQAAAAAAAACFT3RAgCkAuQAAAMQAAAADeguax2qnAS0UMwkAgIEAAHRl
c3QyLnppcA2dVVBAAAAAHNO4zM9H98qJlLQOSJCK1GVLGMxIZUqRFQoYwiFIiKGg1CtUSFo0
GkPVtDpGgFCpI9Jk9Ix5QqaG7O87yc539pn6faMoTkUooFH4aNfeRTzx+0p7mWdmMFWxUsuV
rbjVKACN/YssztLtXkg9KNq7z4rrknw1WxxFRsE5MSSOrCbudBoZuosHDxMy5Bb9W7HhgqAa
pB8oj/Rgz/NB7NOL4n8aT8zbOoYJMX2MVmvbrnqA
--------------060903000307070906060906--

Here is a snippet from the postfix log file.

Feb 20 14:26:07 mail postfix/qmgr[7091]: 420041159D: 
from=<skeller@first-texas.com>, size=2267, nrcpt=1 (queue active)
Feb 20 14:26:07 mail postfix/smtpd[23286]: disconnect from 
unknown[192.168.1.102]
Feb 20 14:26:08 mail postfix/pickup[7450]: 9C3E9115ED: uid=100 
from=<skeller@first-texas.com>
Feb 20 14:26:08 mail postfix/cleanup[2720]: 9C3E9115ED: 
message-id=<3E55396B.10104@first-texas.com>
Feb 20 14:26:08 mail postfix/qmgr[7091]: 9C3E9115ED: 
from=<skeller@first-texas.com>, size=2434, nrcpt=1 (queue active)
Feb 20 14:26:08 mail postfix/local[31331]: warning: database 
/etc/postfix/aliases.db is older than source file /etc/postfix/aliases
Feb 20 14:26:08 mail postfix/local[31331]: 9C3E9115ED: 
to=<sid@first-texas.com>, relay=local, delay=0, status=sent (maildir)
Feb 20 14:26:08 mail postfix/pipe[19574]: 420041159D: 
to=<skeller@first-texas.com>, relay=amavis, delay=1, status=sent 
(mail.first-texas.com)
Feb 20 14:42:12 mail imapd: LOGOUT, user=skeller@first-texas.com, 
ip=[::ffff:192.168.1.102], headers=511, body=6024


Nothing shows up in the amavis log file.

Thanks, I appreciate your help and time.

--
Sid Keller


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@clamav.elektrapro.com
For additional commands, e-mail: users-help@clamav.elektrapro.com