From f51180415c7409ad5c52d84123e4ed2fe34c2943 Mon Sep 17 00:00:00 2001
From: Pierre Jaury <pierre@jaury.eu>
Date: Wed, 2 Mar 2016 22:31:44 +0100
Subject: [PATCH] Put clamav and amavis togther, fix spam filtering

---
 amavis/Dockerfile                                  |  1 +
 amavis/conf/amavisd.conf                           | 11 ++++++-----
 {clamav/conf => amavis/conf/clamav}/clamd.conf     |  6 ++----
 {clamav/conf => amavis/conf/clamav}/freshclam.conf |  3 +--
 amavis/start.sh                                    |  4 ++++
 clamav/Dockerfile                                  | 11 -----------
 clamav/start.sh                                    |  4 ----
 docker-compose.yml                                 |  9 ++-------
 dovecot/{conf => sieve}/after.sieve                |  0
 dovecot/{conf => sieve}/default.sieve              |  0
 10 files changed, 16 insertions(+), 33 deletions(-)
 rename {clamav/conf => amavis/conf/clamav}/clamd.conf (91%)
 rename {clamav/conf => amavis/conf/clamav}/freshclam.conf (85%)
 delete mode 100644 clamav/Dockerfile
 delete mode 100755 clamav/start.sh
 rename dovecot/{conf => sieve}/after.sieve (100%)
 rename dovecot/{conf => sieve}/default.sieve (100%)

diff --git a/amavis/Dockerfile b/amavis/Dockerfile
index 65736c24..a8d43d1f 100644
--- a/amavis/Dockerfile
+++ b/amavis/Dockerfile
@@ -6,6 +6,7 @@ RUN echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/re
       perl-io-socket-inet6@testing \
       amavisd-new \
       spamassassin \
+      clamav \
       rsyslog \
       wget \
  && rm -rf /var/cache/apk/*
diff --git a/amavis/conf/amavisd.conf b/amavis/conf/amavisd.conf
index df4d060c..70098931 100644
--- a/amavis/conf/amavisd.conf
+++ b/amavis/conf/amavisd.conf
@@ -17,14 +17,15 @@ $TEMPBASE = "$MYHOME/tmp";
 $ENV{TMPDIR} = $TEMPBASE;
 $QUARANTINEDIR = '/var/amavis/quarantine';
 
-$log_level = 2;
+$log_level = 1;
 $do_syslog = 1;
 
 $enable_db = 1;
 $nanny_details_level = 2;
 $enable_dkim_verification = 1;
 
-@local_domains_maps = ( [".$mydomain"] );
+@local_domains_maps = ( ["."] );
+@local_domains_acl = ( "." );
 
 @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
                   10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
@@ -33,7 +34,7 @@ $enable_dkim_verification = 1;
 $unix_socketname = "$MYHOME/amavisd.sock";
 $inet_socket_port = 2525;
 $inet_socket_bind = undef;
-$forward_method = 'lmtp:lmtp:25';
+$forward_method = 'lmtp:lmtp:2525';
 
 ###############
 # Policies
@@ -63,7 +64,7 @@ $recipient_delimiter = '+';
 # Antispam
 ###############
 
-$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
+$sa_tag_level_deflt  = -9999;  # add spam info headers if at, or above that level
 $sa_tag2_level_deflt = 6.2;  # add 'spam detected' headers at that level
 $sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail)
 $sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
@@ -92,7 +93,7 @@ $defang_by_ccat{CC_BADH.",6"} = 1;  # header field syntax error
 
 @av_scanners = (
  ['ClamAV-clamd',
-   \&ask_daemon, ["CONTSCAN {}\n", inet_ntoa(inet_aton("clamav")).":3310"],
+   \&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd.sock"],
    qr/\bOK$/m, qr/\bFOUND$/m,
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
 );
diff --git a/clamav/conf/clamd.conf b/amavis/conf/clamav/clamd.conf
similarity index 91%
rename from clamav/conf/clamd.conf
rename to amavis/conf/clamav/clamd.conf
index 208258e9..ee872624 100644
--- a/clamav/conf/clamd.conf
+++ b/amavis/conf/clamav/clamd.conf
@@ -3,12 +3,10 @@
 ###############
 
 DatabaseDirectory /data
-LogFile /logs/clamav.log
+LogSyslog yes
 LogTime yes
 PidFile /run/clamav/clamd.pid
-TCPSocket 3310
-TCPAddr 0.0.0.0
-Foreground yes
+LocalSocket /tmp/clamd.sock
 
 ###############
 # Results
diff --git a/clamav/conf/freshclam.conf b/amavis/conf/clamav/freshclam.conf
similarity index 85%
rename from clamav/conf/freshclam.conf
rename to amavis/conf/clamav/freshclam.conf
index 3076ba93..88d12bef 100644
--- a/clamav/conf/freshclam.conf
+++ b/amavis/conf/clamav/freshclam.conf
@@ -3,11 +3,10 @@
 ###############
 
 DatabaseDirectory /data
-UpdateLogFile /logs/freshclam.log
+LogSyslog yes
 LogTime yes
 PidFile /run/clamav/freshclam.pid
 DatabaseOwner root
-Foreground yes
 
 ###############
 # Updates
diff --git a/amavis/start.sh b/amavis/start.sh
index d2ed0e10..c5f86494 100755
--- a/amavis/start.sh
+++ b/amavis/start.sh
@@ -3,6 +3,10 @@
 # Prepare the databases
 sa-update
 
+# Update the AV database
+freshclam
+
 # Actually run Amavis
+/usr/sbin/clamd
 /usr/sbin/amavisd
 rsyslogd -n
diff --git a/clamav/Dockerfile b/clamav/Dockerfile
deleted file mode 100644
index 61fae006..00000000
--- a/clamav/Dockerfile
+++ /dev/null
@@ -1,11 +0,0 @@
-FROM alpine
-
-RUN apk add --update \
-      clamav \
- && rm -rf /var/cache/apk/*
-
-COPY conf /etc/clamav
-
-COPY start.sh /start.sh
-
-CMD ["/start.sh"]
diff --git a/clamav/start.sh b/clamav/start.sh
deleted file mode 100755
index 97505ade..00000000
--- a/clamav/start.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-
-freshclam
-clamd
diff --git a/docker-compose.yml b/docker-compose.yml
index b1dc4c15..183e3252 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -41,14 +41,9 @@ filter:
   env_file: freeposte.env
   links:
     - imap:lmtp
-    - clamav:clamav
-
-clamav:
-  build: clamav
-  env_file: freeposte.env
   volumes:
-    - /tmp/data/clamav:/data
-    - /tmp/data/logs:/logs
+    - /tmp/data/filter:/data
+
 
 admin:
   build: admin
diff --git a/dovecot/conf/after.sieve b/dovecot/sieve/after.sieve
similarity index 100%
rename from dovecot/conf/after.sieve
rename to dovecot/sieve/after.sieve
diff --git a/dovecot/conf/default.sieve b/dovecot/sieve/default.sieve
similarity index 100%
rename from dovecot/conf/default.sieve
rename to dovecot/sieve/default.sieve