Paypal donation


Configure a Dedicated Server with Webmin

Part 14 - Email Antivirus

01-Introduction - 02-Installing Webmin - 03-Configure DNS - 04-Assign Nameservers - 05-Configure SFTP - 06-Setup Web server - 07-Let's Encrypt - 08-Setup Perl/CGI PHP - 09-Manage MySQL - 10-Setup Email server - 11-Setup SASL - 12-Setup Email accounts - 13-Email process - [[ 14-Email antivirus ]] - 15-Usermin - 16-Extras

Before installing an antivirus at your email server i need to point out that it it not 100% necessary.
Also take notice that any antivirus will take a lot of resources. I noticed that ClaimAV took 400 MB more of RAM.
A lot of web hosting providers are not offering email antivirus protection.
Anyway in our session we will install ClamAV.

Install ClamAV

Log in at your system using PuTTY in order to add the EPEL repository at your system.
The EPEL repository is enabled by simply installing an RPM.
Please use the command below to install the EPEL repository on your CentOS server.
For CentOS 6 – 32-bit:

rpm -Uvh http://mirror.overthewire.com.au/pub/epel/6/i386/epel-release-6-8.noarch.rpm

For CentOS 6 – 64-bit (our case senario):

rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm


Install required ClamAV packages using the command below:

yum install clamav clamd clamsmtp

Update ClamAV using:

yum update clamav

Update ClamAV virus DB:

freshclam

Configure ClamAV

Using Webmin go to Others > File Manager.
Click over the search button indicated at the photo below. Fill the Search query clamsmtpd.conf and hit the "Search" button From the "Search results" click over edit located at the right of clamsmtpd.conf.
Do like below:

# line 6: Make sure that the OutAddress: 10026 (leave it unmodified).

# line 22: uncomment and modify like this :
Listen: 127.0.0.1:10025

# line 28: uncomment
Header: X-Virus-Scanned: ClamAV using ClamSMTP

# line 34: uncomment
Action: drop
webmin configuration

Click "Save and close" button.

Start clamsmtpd:

/etc/rc.d/init.d/clamsmtpd start

Start clamd.clamsmtp:

/etc/rc.d/init.d/clamsmtp-clamd start

Log in using Webmin this time and navigate to System > Bootup and Shutdown
Check the clamd, clamsmtp-clamd, clamsmtpd processes
webmin antivirus configuration

Click the "Start Now and on Boot" button.


Configure Postfix to use ClamAV

Navigate to Servers > Postfix Mail Server and click over the "General Options" icon.

Email content filter : scan:127.0.0.1:10025

postfix antivirus configuration

Click the "Save and apply" button.

Navigate to Servers > Postfix Mail Server and click over the "Edit Config Files" icon.

Select the file "/etc/postfix/master.cf" end press the "Edit" button
Now at the bottom of this file add this portion of code :
scan unix -       -       n       -       16       smtp
   -o smtp_data_done_timeout=1200
   -o smtp_send_xforward_command=yes
   -o disable_dns_lookups=yes
127.0.0.1:10026 inet n       -       n       -       16       smtpd
   -o content_filter=
   -o local_recipient_maps=
   -o relay_recipient_maps=
   -o smtpd_restriction_classes=
   -o smtpd_client_restrictions=
   -o smtpd_helo_restrictions=
   -o smtpd_sender_restrictions=
   -o smtpd_recipient_restrictions=permit_mynetworks,reject
   -o mynetworks_style=host
   -o smtpd_authorized_xforward_hosts=127.0.0.0/8

postfix antivirus configuration

Click the "Save" button and click over "Return to Postfix configuration" link.
Hit "Reload Configuration" button
Stop and start Postfix

Install Cron Jobs

Log in via PuTTY and give the command :

yum install cronie

Now using Webmin navigate at System > Bootup and Shutdown.
Check crond and hit the "Start Now and On Boot" button.
webmin boot cron

Auto-Update ClamAV virus database using a Cron Job

Navigate at System > Scheduled Cron Jobs
Click over the link called Create a new scheduled cron job.
Fill the "Create Cron Job" form like below :

Execute cron job as : root
Active?: Yes
Command : freshclam
Simple schedule ...: Checked Daily (at midnight)

webmin cron antivirus

Click the "Create" button.

Test ClamAV

Send an email at your account email@website1.com
Receive and open the email using Thunderbird.
Click over More button and then select View Source.
thunderbird read header

Over the source you should see the string : X-Virus-Scanned: ClamAV using ClamSMTP like the picture below:
thunderbird clamav header

Another test is to create an empty text file called "testantiv.txt" with the string:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

This is a common Anti-Malware Testfile from European Institute for Computer Antivirus Research (Eicar).
A lot of email services if you try to send this file as attachment will trace if as false positive virus and won't permit you to send it.
In order to send this file at your account email@website1.com use some external service like: www.anonymousemail.me
anonymusmail

You should not receive that email.
Using Webmin navigate at System > System Logs.
Focus at the line /var/log/maillog and click View ...
webmin system logs

Only show lines with text: VIRUS Hit the "Refresh" button.
webmin mail log
You should get: status=VIRUS:Eicar-Test-Signature
Your antivirus should be up and running !
In the next chapter we will find out how we can enable Web mail for our users using Usermin.

01-Introduction - 02-Installing Webmin - 03-Configure DNS - 04-Assign Nameservers - 05-Configure SFTP - 06-Setup Web server - 07-Let's Encrypt - 08-Setup Perl/CGI PHP - 09-Manage MySQL - 10-Setup Email server - 11-Setup SASL - 12-Setup Email accounts - 13-Email process - [[ 14-Email antivirus ]] - 15-Usermin - 16-Extras


Copyright © TrustFm.net 1998-2017 - Made by TrustFm - All Rights Reserved Worldwide