AMaViS-NG is a better choice
If you're going the AMaViS route, the -NG version is a better choice. It integrates fairly easily as well.
I had promised to get some docs together, but this is still somewhat incomplete. Here's what I do have though...
Start by downloadig amavis-ng:
http://sourceforge.net/projects/amavis
Relevent Readme included in the tarball:
doc/README.exim-perl
AntiVirus Scanner - my personal preference is uvscan:
McAfee Download:
McAfee VirusScan Command Line Scanner for... Linux (4.16)
http://www.mcafeeb2b.com/naicommon/buy-try/try/products-evals.asp
register and download vlnx416e.tar.Z
Now we need to update the DAT file and install the program to do so via cron
uvupdate:
http://main.psi.com.br/~julio/uvscan/
read and follow uvupdate INSTALL file - select experimental or not
Add symbolic link from /etc/cron.daily/uvupdate to your installed uvupdate program
edit /etc/exim.conf:
edit out # message_filter = /etc/antivirus.exim
insert...
message_filter = /etc/exim/amavis.filter
message_filter_user = mail
message_filter_group = mail
deliver_load_max = 3
queue_only_load = 4
I elected to also edit this value:
deliver_queue_load_max = 5
copy /root/src/amavis-ng/amavis-ng-0.1.3.1/doc/exim/exim.filter to /etc/exim/amavis.filter
insert line at top of /etc/exim.pl:
do '/usr/share/amavis/amavis-filter.pl';
cpan install File::MMagic
cpan install Config::IniFiles
cpan install MIME::Tools (mine was up-to-date)
cpan install Convert::TNEF
cpan install Convert::UUlib
cpan instlal Compress::Zlib (MINE WAS UP-TO-DATE)
cpan install Archive::Tar (was up to date)
Also may be desired (no guarantee that these are the latest though...)
* unrar ftp://speakeasy.rpmfind.net/linux/contrib/libc6/i386/unrar-3.0-1.i386.rpm
* zoo http://ftp.task.gda.pl/linux/RPMS/redhat/libc6/contribs/i386/zoo-2.10-7.i386.html
* arc ftp://speakeasy.rpmfind.net/linux/contrib/libc6/i386/arc-5.21e-6.i386.rpm
* lha http://www.redhat.com/swr/i386/lha-1.14i-4.i386.html
* unarj http://www.redhat.com/swr/i386/unarj-2.43-10.i386.html
Then install amavis-ng:
make;make install
cp /root/src/amavis-ng/amavis-ng-0.1.3.1/etc/amavis.conf /etc/
edit /etc/amavis.conf with your fav. editor:
- enable EximPerl (line 11) and at least one scanner (I use NAI) -- FSP is FILE::Scan Perl module (free and installed)
- enable extractor modules which are installed
- select headers
- unpack directory - I use /tmp/amavis/ chmod 755, chown mail.mail
In the [notify] section, I recommend not selecting a local domain at all. This appears to work best in my testing:
;; local domain = .*example\.com
- set admin mail addresses to/from
- check path for virusscan program and external compression programs
- /etc/amavis.conf file must be in /etc/amavis/ ... I added a symbolic link to take care of this. It may work with amavis.conf only in /etc/amavis/ but I have not had a chance to test that.
The only problem with this is if/when CPanel updates Exim. In the past, the exim.conf would be overwritten, but the past few updates seem to have preserved the config file.
However, you also need to ensure that the first line of your exim.pl doesn't get wiped out. chattr could help here.
- Jason
