Probleme mit postfix und clamav

martin

Well-Known Member
Hi

Also bisher hab ich meine Mailserver mit antivir gemacht, leider benötigt es da immer so ein lizenzfile, welches man ständig erneuern muss, deshalb wollte ich mal clamav mit postfix ausprobieren.
Nun gut, was hab ich gemacht... ich hab postfix und clamav installiert und nach dem HowTo im Wiki versucht zu konfigurieren.
Soweit sogut, postfix läuft ohne den clamav einwandfrei. dann hab ich versucht den calmav einzubinden. Hab in der /etc/services den 10025 und 10024 hinzugefügt und möchte nun, dass alle mails von postfix an clamav gehen und zurück. Und genau da hackt es... beim Verusch eine mail zu versenden erhalte ich folgenden Fehler:

PHP:
Dec  6 01:25:11 host postfix/smtp[1247]: 0536A11BE4: to=<test@gmx.net>, relay=none, delay=1435, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused)
Firewall ist ausgeschaltet, telnet auf 10025 funzt, nicht aber auf 10024???
 
Du solltest vielleicht noch amavis installieren, der dann auf den ports 10024 und 10025 läuft......
 
Aso, den amavisd-new hab ich natürlich auch installiert, genau nach Wiki, auch die Berechtigungen und user für den clamav geändert.
So, mein Problem ist, dass auf 10024 kein Dienst lauscht, auf 10025 schon.

Hier meine config files:
main.cf
Code:
content_filter = smtp-amavis:192.168.0.222:10024

master.cf
Code:
smtp-amavis unix - - n - 3 smtp
   -o smtp_data_done_timeout=1200
   -o disable_dns_lookups=yes
192.168.0.222:10025 inet n - n - - smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_client_restrictions=
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=192.168.0.222/32
  -o strict_rfc821_envelopes=yes

clamd.conf
Code:
##
## Example config file for the Clam AV daemon
## Please read the clamd.conf(5) manual before editing this file.
##


# Comment or remove the line below.
#Example

# Uncomment this option to enable logging.
# LogFile must be writable for the user running daemon.
# A full path is required.
# Default: disabled
LogFile /var/log/clamav/clamd.log

# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option).
# This option disables log file locking.
# Default: disabled
#LogFileUnlock

# Maximal size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers.
# Default: 1M
#LogFileMaxSize 2M

# Log time with each message.
# Default: disabled
#LogTime

# Also log clean files. Useful in debugging but drastically increases the
# log size.
# Default: disabled
#LogClean

# Use system logger (can work together with LogFile).
# Default: disabled
#LogSyslog

# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
# Default: LOG_LOCAL6
#LogFacility LOG_MAIL

# Enable verbose logging.
# Default: disabled
#LogVerbose

# This option allows you to save a process identifier of the listening
# daemon (main thread).
# Default: disabled
PidFile /var/run/clamav/clamd.pid

# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
#TemporaryDirectory /var/tmp

# Path to the database directory.
# Default: hardcoded (depends on installation options)
DatabaseDirectory /usr/local/share/clamav

# The daemon works in a local OR a network mode. Due to security reasons we
# recommend the local mode.

# Path to a local socket file the daemon will listen on.
# Default: disabled
#LocalSocket /var/run/clamav/clamd

# Remove stale socket after unclean shutdown.
# Default: disabled
FixStaleSocket

# TCP port address.
# Default: disabled
TCPSocket 3310

# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world.
# Default: disabled
TCPAddr 192.168.0.222

# Maximum length the queue of pending connections may grow to.
# Default: 15
#MaxConnectionQueueLength 30

# Close the connection if this limit is exceeded.
# Default: 10M
#StreamMaxLength 20M

# Maximal number of threads running at the same time.
# Default: 10
#MaxThreads 20

# Waiting for data from a client socket will timeout after this time (seconds).
# Value of 0 disables the timeout.
# Default: 120
#ReadTimeout 300

# Waiting for a new job will timeout after this time (seconds).
# Default: 30
#IdleTimeout 60

# Maximal depth directories are scanned at.
# Default: 15
#MaxDirectoryRecursion 20

# Follow directory symlinks.
# Default: disabled
#FollowDirectorySymlinks

# Follow regular file symlinks.
# Default: disabled
#FollowFileSymlinks

# Perform internal sanity check (database integrity and freshness).
# Default: 1800 (30 min)
#SelfCheck 600

# Execute a command when virus is found. In the command string %v will
# be replaced by a virus name.
# Default: disabled
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"

# Run as a selected user (clamd must be started by root).
# Default: disabled
User vscan

# Initialize supplementary group access (clamd must be started by root).
# Default: disabled
AllowSupplementaryGroups

amavisd.conf hab ich das Original gelassen, als port steht da 10024 drin, hab ich kontrolliert!

Ein telnet 192.168.0.222 10025 funktioniert, ein telnet localhost 10024 nicht, auch nicht telnet 192.168.0.222 10024!

Vielleicht noch folgendes:
Code:
bash-2.05b# netstat -a | grep smtp
tcp4       0      0  mailserver.smtp-backdo *.*                    LISTEN
tcp4       0      0  *.smtp                 *.*                    LISTEN
c1d62118 stream      0      0 c1d5c108        0        0        0 private/smtp-amavis
c1cb2e38 stream      0      0 c1d5c318        0        0        0 private/bsmtp
c1cb22bc stream      0      0 c1d59528        0        0        0 private/smtp
bash-2.05b#
 
Last edited:
Back
Top