Put clamav and amavis togther, fix spam filtering

9 years ago · f51180415c
parent e9ae250d7d
commit f51180415c
10 changed files with 16 additions and 33 deletions
--- a/amavis/Dockerfile
+++ b/amavis/Dockerfile
@ -6,6 +6,7 @@ RUN echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/re
      perl-io-socket-inet6@testing \
      amavisd-new \
      spamassassin \
+      clamav \
      rsyslog \
      wget \
 && rm -rf /var/cache/apk/*
--- a/amavis/conf/amavisd.conf
+++ b/amavis/conf/amavisd.conf
@ -17,14 +17,15 @@ $TEMPBASE = "$MYHOME/tmp";
 $ENV{TMPDIR} = $TEMPBASE;
 $QUARANTINEDIR = '/var/amavis/quarantine';

-$log_level = 2;
+$log_level = 1;
 $do_syslog = 1;

 $enable_db = 1;
 $nanny_details_level = 2;
 $enable_dkim_verification = 1;

-@local_domains_maps = ( [".$mydomain"] );
+@local_domains_maps = ( ["."] );
+@local_domains_acl = ( "." );

@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
                  10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
@ -33,7 +34,7 @@ $enable_dkim_verification = 1;
 $unix_socketname = "$MYHOME/amavisd.sock";
 $inet_socket_port = 2525;
 $inet_socket_bind = undef;
-$forward_method = 'lmtp:lmtp:25';
+$forward_method = 'lmtp:lmtp:2525';

 ###############
 # Policies
@ -63,7 +64,7 @@ $recipient_delimiter = '+';
 # Antispam
 ###############

-$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
+$sa_tag_level_deflt  = -9999;  # add spam info headers if at, or above that level
 $sa_tag2_level_deflt = 6.2;  # add 'spam detected' headers at that level
 $sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail)
 $sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
@ -92,7 +93,7 @@ $defang_by_ccat{CC_BADH.",6"} = 1;  # header field syntax error

@av_scanners = (
 ['ClamAV-clamd',
-   \&ask_daemon, ["CONTSCAN {}\n", inet_ntoa(inet_aton("clamav")).":3310"],
+   \&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd.sock"],
   qr/\bOK$/m, qr/\bFOUND$/m,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
 );
--- a/amavis/conf/clamav/clamd.conf
+++ b/amavis/conf/clamav/clamd.conf
@ -3,12 +3,10 @@
 ###############

 DatabaseDirectory /data
-LogFile /logs/clamav.log
+LogSyslog yes
 LogTime yes
 PidFile /run/clamav/clamd.pid
-TCPSocket 3310
-TCPAddr 0.0.0.0
-Foreground yes
+LocalSocket /tmp/clamd.sock

 ###############
 # Results
--- a/amavis/conf/clamav/freshclam.conf
+++ b/amavis/conf/clamav/freshclam.conf
@ -3,11 +3,10 @@
 ###############

 DatabaseDirectory /data
-UpdateLogFile /logs/freshclam.log
+LogSyslog yes
 LogTime yes
 PidFile /run/clamav/freshclam.pid
 DatabaseOwner root
-Foreground yes

 ###############
 # Updates
--- a/amavis/start.sh
+++ b/amavis/start.sh
@ -3,6 +3,10 @@
 # Prepare the databases
 sa-update

+# Update the AV database
+freshclam
+
 # Actually run Amavis
+/usr/sbin/clamd
 /usr/sbin/amavisd
 rsyslogd -n
--- a/clamav/Dockerfile
+++ b/clamav/Dockerfile
@ -1,11 +0,0 @@
-FROM alpine
-
-RUN apk add --update \
-      clamav \
- && rm -rf /var/cache/apk/*
-
-COPY conf /etc/clamav
-
-COPY start.sh /start.sh
-
-CMD ["/start.sh"]
--- a/clamav/start.sh
+++ b/clamav/start.sh
@ -1,4 +0,0 @@
-#!/bin/sh
-
-freshclam
-clamd
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -41,14 +41,9 @@ filter:
  env_file: freeposte.env
  links:
    - imap:lmtp
-    - clamav:clamav
-
-clamav:
-  build: clamav
-  env_file: freeposte.env
  volumes:
-    - /tmp/data/clamav:/data
-    - /tmp/data/logs:/logs
+    - /tmp/data/filter:/data
+

 admin:
  build: admin
--- a/dovecot/sieve/after.sieve
+++ b/dovecot/sieve/after.sieve
--- a/dovecot/sieve/default.sieve
+++ b/dovecot/sieve/default.sieve