mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2025-04-21 03:02:09 +00:00
46cfb3e4f6
Added sqlite to clamsmtpd installscript. Switched to using sendmail instead of mail command since there are different commands for different mail(bsd/heirloom) installs.
69 lines
2.7 KiB
Bash
Executable File
69 lines
2.7 KiB
Bash
Executable File
#!/bin/bash
|
|
# clamsmtpd virus scanning
|
|
# ----------------------
|
|
|
|
source setup/functions.sh # load our functions
|
|
source /etc/mailinabox.conf # load global vars
|
|
|
|
echo "Installing clamsmtpd (ClamAV e-mail virus scanning)..."
|
|
|
|
|
|
# Install clamav-daemon & clamsmtpd with additional scanning formats
|
|
apt_install sqlite clamav-daemon clamav clamsmtp unzip p7zip zip arj bzip2 cabextract cpio file gzip lhasa nomarch pax rar unrar unzip zip zoo
|
|
|
|
|
|
# Config /etc/clamsmtpd.conf
|
|
# Config edits do the following:
|
|
# Default port of 10025 is already in use by <>, using unused port 10028 to pass back from clamsmtpd to postfix.
|
|
# Default port of 10026 for listening from postfix is already in use by <>, using unused port 10027 instead.
|
|
# Add X-AV-Checked Header
|
|
# Adds script to notify destination user only (since sender may be spoofed) that mail was dropped due to virus detection)
|
|
|
|
tools/editconf.py /etc/clamsmtpd.conf -s \
|
|
OutAddress:=127.0.0.1:10028 \
|
|
Listen:=127.0.0.1:10027 \
|
|
Header:="X-AV-Checked: ClamAV" \
|
|
VirusAction:="/usr/local/lib/clamsmtpd/email_virus_notify.sh"
|
|
|
|
# Configure postfix main.cf
|
|
|
|
tools/editconf.py /etc/postfix/main.cf \
|
|
content_filter=scan:127.0.0.1:10027 #\
|
|
#not sure if the below is needed/wanted, RFC - http://www.postfix.org/postconf.5.html#receive_override_options
|
|
#receive_override_options=no_address_mappings
|
|
|
|
# Configure postfix master.cf
|
|
tools/editconf.py /etc/postfix/master.cf -s -w \
|
|
"scan=unix - - n - 16 smtp
|
|
-o smtp_send_xforward_command=yes" \
|
|
"127.0.0.1:10028=inet n - n - 16 smtpd
|
|
-o content_filter=
|
|
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
|
|
-o smtpd_helo_restrictions=
|
|
-o smtpd_client_restrictions=
|
|
-o smtpd_sender_restrictions=
|
|
-o smtpd_recipient_restrictions=permit_mynetworks,reject
|
|
-o mynetworks_style=host
|
|
-o smtpd_authorized_xforward_hosts=127.0.0.0/8"
|
|
|
|
# Config Notification Script
|
|
# Inspiration from https://h4des.org/blog/index.php?/archives/308-clamsmtp-informing-recipients-abount-email-virus-infection.html
|
|
mkdir -p /usr/local/lib/clamsmtpd
|
|
chown clamsmtp:clamsmtp /usr/local/lib/clamsmtpd
|
|
cp tools/email_virus_notify.sh /usr/local/lib/clamsmtpd/email_virus_notify.sh
|
|
chown clamsmtp:clamsmtp /usr/local/lib/clamsmtpd/email_virus_notify.sh
|
|
chmod 700 /usr/local/lib/clamsmtpd/email_virus_notify.sh
|
|
|
|
# Force virus def updates
|
|
echo "Updating ClamAV Definitions"
|
|
echo ""
|
|
/usr/bin/freshclam
|
|
|
|
|
|
# restart postfix, start clamsmtpd, clamav-daemon, clamav-freshclam
|
|
adduser clamsmtp clamav > /dev/null
|
|
restart_service postfix
|
|
restart_service clamsmtp
|
|
restart_service clamav-daemon
|
|
restart_service clamav-freshclam
|