AmaVis & Sendmail Relay HowTo for Linux sendmail
Thue Feb 20 19:08:09 CET 2001
Table of Contents
AmaVis needs a number of tools to unpack attachments of different kinds.
Build and install them (downloads are listed on www.amavis.org)
||build and install (to /usr/bin)
||./configure; make; cp freeze /usr/bin
||cp lha /usr/bin
||./configure; make; cp rfc2045/reformime /usr/bin (only
||./configure; make; cp src/tnef /usr/bin
||make; cp unrar /usr/bin
||gcc -o xbin xbinunix.c; cp xbin /usr/bin
||make; cp unarj /usr/bin
(arc, zoo, gunzip, unzip, compress, uudecode should be installed by default on
Download and install
the Virus Scanners
You can find a list of Linux-Virusscanners on the AmaVis homepage. Download English(!) versions and install them by following the default instructions provided by the authors. It
usually only involves untarring the package and executing a shell-script
which will ask you a few simple questions such as where to install the
binaries. Just accept the default settings and you will be fine. We tested:
on SuSE Linux 6.0. with sendmail 8.9.3.
Download and build AmaVis
Get AmaVis from www.amavis.org. Unpack
it using tar -xvzf amavis-x.x.x.tar.gz.
Build and install it with ./configure --enable-relay=yes; make; make
Configure should automatically find the tools and scanners you installed
before. If you want the recipient of an infected mail to be noticed of
the stopped delivery, add --notify-receiver to the configure options.
Configuring Sendmail to
Backup your config!
This is perhaps the trickiest part of the setup as it involves modifying
your /etc/sendmail.cf (depending on your distribution this might also be
/etc/mail/sendmail.cf). Be sure to copy the original version of that file
to somewhere safe:
e.g.: cp /etc/sendmail.cf /etc/sendmail.cf.noscan
If you want AmaVis to scan all mail going through your mail server including
mails which are only relayed and not delivered locally, sendmail has to
be called twice. On the first pass it is invoked from the network or by
a user program and will use the modified sendmail.cf to "pipe" the mail
through the AmaVis "scanmail" program. On the second pass it is invoked
by scanmail and will use your original sendmail.cf to deliver the mail
Therefore you have to make a copy of your
/etc/sendmail.cf and name
Do not use a different name, as scanmail needs
to call sendmail using this config (or use --with-origconf when
Now we are ready to modify your sendmail.cf. Much of the work will be done
by applying this patch
to your /etc/sendmail.cf.
patch -p0 < amavis.patch
If that patch succeeded, open your /etc/sendmail.cf in your favorite editor. Make sure that you find the following code and modify it to fit
P=/usr/sbin/scanmails, F=lsACDFMS5:/|@qShP, S=0, R=0
A=scanmails $h $u $f,
Modify your /etc/sendmail.orig.cf to contain the following code:
P=/usr/bin/procmail, F=lsSDFMAw5:/|@qPfhn9, S=10/30, R=20/40,
A=procmail -Y -a $h -d $u,
Depending on your Distribution you might have to make /usr/bin/procmail
setuid root. Type chmod +s /usr/bin/procmail to do that.
Make sure /var/spool/mqueue is writable for user daemon. Check
/etc/permissons entry on SuSE dists!!!
Create the AmaVis spool directory by mkdir /var/spool/mqamavis.
Check if /etc/aliases contains a virusalert: root entry. Type newaliases to
build new aliases.db. If getting
errors try /usr/sbin/sendmail -bi -C /etc/sendmail.orig.conf to generate new
aliases and(!) change mod of /etc/newaliases.db to 644.
Either send a SIGHUP to the sendmail process to make it reread its configuration
or restart sendmail entirely by typing /etc/rc.d/init.d/sendmail restart.
Try sending mail to and from the network and local users and watch /var/log/mail
and /var/log/scanmails/logfile closely to spot any errors that might have occurred. Mails containing viruses will be stored to directory /var/virusmail.
Make sure SuSE YaST will leave new sendmail.cf untouched.
Holger von Amlen, Marcus
Schopen, University of Bielefeld, GERMANY