New branch for clamsmtpd testing

Added Clamsmtpd for clamav email virus scanning. Virus email will be dropped and notification will be sent to user in its place. Tested it on my MIAB as an upgrade, need to test as full install
2016-08-22 00:42:20 -07:00 · 2016-08-22 00:42:20 -07:00 · 830dea309b
parent ba75ff7820
commit 830dea309b
3 changed files with 115 additions and 0 deletions
--- a/setup/clamsmtpd.sh
+++ b/setup/clamsmtpd.sh
@ -0,0 +1,69 @@
+#!/bin/bash
+# clamsmtpd virus scanning
+# ----------------------
+
+source setup/functions.sh # load our functions
+source /etc/mailinabox.conf # load global vars
+
+echo "Installing clamsmtpd (ClamAV e-mail virus scanning)..."
+
+
+# Install clamav-daemon & clamsmtpd with additional scanning formats
+apt_install clamav-daemon clamav clamsmtp unzip p7zip zip arj bzip2 cabextract cpio file gzip lhasa nomarch pax rar unrar unzip zip zoo
+
+
+# Config /etc/clamsmtpd.conf
+# Config edits do the following:
+# Default port of 10025 is already in use by <>, using unused port 10028 to pass back from clamsmtpd to postfix.
+# Default port of 10026 for listening from postfix is already in use by <>, using unused port 10027 instead.
+# Add X-AV-Checked Header
+# Adds script to notify destination user only (since sender may be spoofed) that mail was dropped due to virus detection)
+
+tools/editconf.py /etc/clamsmtpd.conf -s \
+		OutAddress:=127.0.0.1:10028 \
+		Listen:=127.0.0.1:10027 \
+		Header:="X-AV-Checked: ClamAV" \
+		VirusAction:="/usr/local/lib/clamsmtpd/email_virus_notify.sh"
+
+# Configure postfix main.cf
+
+tools/editconf.py /etc/postfix/main.cf \
+content_filter=scan:127.0.0.1:10027 #\
+#not sure if the below is needed/wanted, RFC - http://www.postfix.org/postconf.5.html#receive_override_options
+#receive_override_options=no_address_mappings
+
+# Configure postfix master.cf
+tools/editconf.py /etc/postfix/master.cf -s -w \
+        "scan      unix  -       -       n       -       16      smtp
+          -o smtp_send_xforward_command=yes" \
+        "127.0.0.1:10028 inet  n -       n       -       16      smtpd
+          -o content_filter=
+          -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
+          -o smtpd_helo_restrictions=
+          -o smtpd_client_restrictions=
+          -o smtpd_sender_restrictions=
+          -o smtpd_recipient_restrictions=permit_mynetworks,reject
+          -o mynetworks_style=host
+          -o smtpd_authorized_xforward_hosts=127.0.0.0/8"
+
+# Config Notification Script
+# Inspiration from https://h4des.org/blog/index.php?/archives/308-clamsmtp-informing-recipients-abount-email-virus-infection.html
+mkdir -p /usr/local/lib/clamsmtpd
+chown clamsmtp:clamsmtp /usr/local/lib/clamsmtpd
+cp tools/email_virus_notify.sh /usr/local/lib/clamsmtpd/email_virus_notify.sh
+chown clamsmtp:clamsmtp /usr/local/lib/clamsmtpd/email_virus_notify.sh
+chmod 700 /usr/local/lib/clamsmtpd/email_virus_notify.sh
+
+# Force virus def updates
+echo "Updating ClamAV Definitions"
+echo ""
+/usr/bin/freshclam
+
+
+# restart postfix, start clamsmtpd, clamav-daemon, clamav-freshclam
+adduser clamsmtp clamav > /dev/null
+restart_service postfix
+restart_service clamsmtp
+restart_service clamav-daemon
+restart_service clamav-freshclam
+
--- a/setup/start.sh
+++ b/setup/start.sh
@ -104,6 +104,7 @@ source setup/mail-dovecot.sh
 source setup/mail-users.sh
 source setup/dkim.sh
 source setup/spamassassin.sh
+source setup/clamsmtpd.sh
 source setup/web.sh
 source setup/webmail.sh
 source setup/owncloud.sh
--- a/tools/email_virus_notify.sh
+++ b/tools/email_virus_notify.sh
@ -0,0 +1,45 @@
+#!/bin/bash
+#
+# This script will notify users that email was dropped by clamsmtpd.
+#
+# Original inspiration from this script: https://h4des.org/blog/index.php?/archives/308-clamsmtp-informing-recipients-abount-email-virus-infection.html
+
+source /etc/mailinabox.conf # load global vars
+# For all variables passed when running this script please see "man clamsmtpd.conf"
+
+#pull list of all emails served by this mailserver
+dest_email=$(/usr/bin/sqlite3 /home/user-data/mail/users.sqlite "select distinct source from aliases union all select distinct email from users;")
+
+# check every single recipient
+for i in $RECIPIENTS; do
+
+# check every single email/alias
+for j in $dest_email; do
+
+#check if email address contains hosted domain name
+# $i contains email address
+# $j contains hosted email
+if [[ "$i" == "$j" ]]
+then
+{
+echo "Hello $i,"
+echo ""
+echo "This is the email system of $PRIMARY_HOSTNAME."
+echo "" 
+echo "The email from $SENDER to you was infected with a virus ($VIRUS)." 
+echo "The email was blocked and this notification was sent instead." 
+echo "" 
+echo "If you encounter further problems please contact your System Administrator." 
+echo "" 
+echo "Regards," 
+echo "The email server at $PRIMARY_HOSTNAME"
+#sending email to recipient that is hosted on this system
+} | mail -a "From: postmaster@$PRIMARY_HOSTNAME" -s "Email Virus Scan Notificaton" "$i"
+#continue with next recipient
+
+fi
+
+done 
+
+done
+