smtp.proxy + clamscan Hint
Configuration
Theory of operation
This configuration hint describes how to integrate the clamav virus scanner into an SMTP proxy which makes the ariane box an e-mail virus scanner.
Please notice that this setup is a proof of concept. I'm not sure if it's working, and if what, to what degree.
- Check your freshclam configuration.
- Take a look at freshclam's pattern database server in /etc/freshclam.conf (DNSDatabaseInfo option). It's set to db.de.clamav.net, a server in Germany, since I had problems using the default of database.clamav.net.
- ariane doesn't have the virus patterns, so fetch them:
# freshclam
- Now it's time to start your proxy:
# /usr/local/smtpproxy/start-smtp upstream-server
where upstream-server is the server where you want your e-mail delivered. This is usually another SMTP server but it could be a local sendmail (which you don't find on ariane).
- Test your proxy server be sending an e-mail with and one without a virus, check that it works.
smtp.proxy is an SMTP proxy server, a program for buffer overflow and open-relay protection. It sits between a client (the computer that wants to send the an e-mail) and a server (the computer that should receive the e-mail) watching that both sides speak SMTP.
Since smtp.proxy sees the whole SMTP communication, it knows exactly what is going on. It has especially access to the e-mail if it wants. While smtp.proxy usually is completely transparent it has a special mode for virus scanning:
- Spool the e-mail to a temporary file.
- Call /usr/local/smtpproxy/smtp.ccp to check the mail for it's content.
- /usr/local/smtpproxy/smtp.checkmail (called from smtp.ccp) checks the e-mail and denies forwarding to the upstream server if a virus is detected.
- Forward the e-mail if it's clean.