Installing Exim with ClamAV, SpamAssassin and Greylistd support on Debian 7.5

The development server caters for the delivery of email to a single host or domain.

Installing Exim, ClamAV, SpamAssassin and Greylistd

We install the required packages by executing the following command in a “root” shell.

apt-get install exim4-daemon-heavy clamav-daemon clamav-freshclam clamav-testfiles spamassassin greylistd

Once the installation is complete, we continue with the configuration of the components.

Populating ClamAV database

The initial virus database should be downloaded before ClamAV can be started. We download the current database by executing the following command in a “root” shell.

freshclam

To automatically update the ClamAV virus database, we start the clamav-freshclam service by executing the following command in a “root” shell.

service clamav-freshclam start

To start the daemon, we start the clamav-daemon service by executing the following command in a “root” shell.

service clamav-daemon start

Configuring SpamAssassin

The configuration of SpamAssassin is defined in the /etc/default/spamassassin file. To activate SpamAssassin, we set the value of ENABLED to 1, as shown below.

ENABLED=1

To automatically update the rules on a nightly basis, we set the value of CRON to 1, as shown below.

CRON=1

Configuring Greylistd

We activate Greylistd by executing the following command in a “root” shell.

greylistd-setup-exim4 add

Configuring ClamAV

To enable ClamAV to scan the mail spool directory, the user clamav should be added to the group Debian-exim. We add the user to the group by executing the following command in a “root” shell.

adduser clamav Debian-exim

The permissions on the mail spool directory should also allow for the group to have write access to the files as well as to set the group to Debian-exim for any new files created in the directory. We set the permissions by executing the following commands in a “root” shell.

chmod -Rf g+w /var/spool/exim4
chmod -Rf g+s /var/spool/exim4

We need to confirm that the /etc/clamav/clamd.conf file contains the following; if it doesn’t, we need to set it.

AllowSupplementaryGroups true

To activate the new configuration, we restart the clamav-daemon service by executing the following command in a “root” shell.

service clamav-daemon restart

Configuring Exim

ClamAV

To enable ClamAV in Exim, we edit the /etc/exim4/exim4.conf.template file by uncommenting the following line. If our Exim configuration is split, we edit the /etc/exim4/conf.d/main/02_exim4-config_options file.

av_scanner = clamd:/var/run/clamav/clamd.ctl

To define the error message returned, we edit the /etc/exim4/exim4.conf.template file as follows. If our Exim configuration is split, we edit the /etc/exim4/conf.d/acl/40_exim4-config_check_data file.

# Deny if the message contains malware. Before enabling this check, you
# must install a virus scanner and set the av_scanner option in the
# main configuration.
#
# exim4-daemon-heavy must be used for this section to work.
#
deny
  malware = *
  message = This message was detected as possible malware ($malware_name).

SpamAssassin

To enable SpamAssassin in Exim, we edit the /etc/exim4/exim4.conf.template file by uncommenting the following line. If our Exim configuration is split, we edit the /etc/exim4/conf.d/main/02_exim4-config_options file.

spamd_address = 127.0.0.1 783

To define the error message returned, we edit the /etc/exim4/exim4.conf.template file as follows. If our Exim configuration is split, we edit the /etc/exim4/conf.d/acl/40_exim4-config_check_data file.

# Add headers to a message if it is judged to be spam. Before enabling this,
# you must install SpamAssassin. You also need to set the spamd_address
# option in the main configuration.
#
# exim4-daemon-heavy must be used for this section to work.
#
# Please note that this is only suiteable as an example. There are
# multiple issues with this configuration method. For example, if you go
# this way, you'll give your spamassassin daemon write access to the
# entire exim spool which might be a security issue in case of a
# spamassassin exploit.
#
# See the exim docs and the exim wiki for more suitable examples.
#
warn
  spam = Debian-exim:true
  add_header = X-Spam_score: $spam_score\n\
            X-Spam_score_int: $spam_score_int\n\
            X-Spam_bar: $spam_bar\n\
            X-Spam_report: $spam_report

To reconfigure Exim, we execute the following command in a “root” shell.

dpkg-reconfigure exim4-config

To activate the new configuration, we reload the exim4 service by executing the following command in a “root” shell.

service exim4 reload
Advertisements

One thought on “Installing Exim with ClamAV, SpamAssassin and Greylistd support on Debian 7.5

Comments are closed.