Amavis: Difference between revisions

From QmailToaster
Jump to navigation Jump to search
(Created page with " For testing until production stability proven. Get Amavis Qmail queue # grep "release 7" /etc/centos-release # [ "$?" = "0" ] && cos=7 || cos=8 # echo $cos # wget -O /var/qmail/bin/qmail-queue.smtp https://github.com/qmtoaster/amavis/blob/main/qmail-queue.smtp.cos${cos}?raw=true # chown qmailq:qmail /var/qmail/bin/qmail-queue.smtp # chmod 4711 /var/qmail/bin/qmail-queue.smtp Build Your Own qmail-queue.smtp Install Amavis & edit config, run clamd under Amavis, star...")
 
No edit summary
 
(29 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[Configuration#Amavis|Back]]<br>
  For testing until production stability proven.
  For testing until production stability proven.


  Get Amavis Qmail queue
  The way it works <span style="color:red">[TCP Port or pipe]</span>:
# grep "release 7" /etc/centos-release
SMTP ''--[25]->'' qmail-smtpd ''--[|]->'' qmail-queue.smtpd ''--[10024]->'' amavisd ''--[10025]->'' qmail-smtpd ''--[|]->'' qmail-queue ''>'' qmail queue ''>'' qmail-local
# [ "$?" = "0" ] && cos=7 || cos=8
# echo $cos
# wget -O /var/qmail/bin/qmail-queue.smtp https://github.com/qmtoaster/amavis/blob/main/qmail-queue.smtp.cos${cos}?raw=true
# chown qmailq:qmail /var/qmail/bin/qmail-queue.smtp
# chmod 4711 /var/qmail/bin/qmail-queue.smtp


  Build Your Own qmail-queue.smtp
  '''Build qmail-queue.smtp transfers email to Amavisd'''
# wget https://raw.githubusercontent.com/qmtoaster/amavis/main/qmail-amavisd-0.94.patch
# wget https://raw.githubusercontent.com/qmtoaster/amavis/main/qmail-amavisd-0.94.tgz
# tar zxvf qmail-amavisd-0.94.tgz
# cd qmail-amavisd-0.94
# patch < ../qmail-amavisd-0.94.patch
# make
# cp qmail-queue.smtp /var/qmail/bin
# chown qmailq:qmail /var/qmail/bin/qmail-queue.smtp
# chmod 4711 /var/qmail/bin/qmail-queue.smtp


  Install Amavis & edit config, run clamd under Amavis, start both services
  '''Install Amavis & edit config, run clamd under Amavis, start both services'''
# yum --enablerepo=epel,PowerTools -y install amavisd-new lz4 perl-Digest-SHA1 perl-IO-stringy
# dnf -y install amavisd-new lz4 cabextract perl-Digest-SHA1 perl-IO-stringy
# yum --enablerepo=fedora cabextract
# wget https://www.rarlab.com/rar/rarlinux-x64-700.tar.gz (https://www.rarlab.com/)
# wget https://www.rarlab.com/rar/rarlinux-x64-6.0.b1.tar.gz
# tar zxvf rarlinux-x64-700.tar.gz
# tar zxvf rarlinux-x64-6.0.b1.tar.gz
# cp rar/rar rar/unrar /usr/local/bin
# cd rar
# sed -i 's/%i.conf/amavisd.conf/' /usr/lib/systemd/system/clamd@.service
# cp rar unrar /usr/local/bin
# systemctl daemon-reload
# sed -i 's/%i.conf/amavisd.conf/' /usr/lib/systemd/system/clamd@.service
# systemctl restart clamd@scan
# systemctl daemon-reload
# vi /etc/amavisd/amavisd.conf
# systemctl restart clamd@scan
# vi /etc/amavisd/amavisd.conf
   $mydomain = 'domain.tld';
   $mydomain = 'domain.tld';
   $myhostname = 'mx.domain.tld';
   $myhostname = 'mx.domain.tld';
   $notify_method = 'smtp:[127.0.0.1]:10025';
   $notify_method = 'smtp:[127.0.0.1]:10025';
   $forward_method = 'smtp:[127.0.0.1]:10025';
   $forward_method = 'smtp:[127.0.0.1]:10025';
# systemctl enable --now amavisd
# systemctl enable --now amavisd


  Create tcp rules for qmail smtp & qmail amavis
  '''Create tcp rules for qmail smtp & qmail amavis'''
# mv /etc/tcprules.d/tcp.smtp /etc/tcprules.d/tcp.smtp.bak
# mv /etc/tcprules.d/tcp.smtp /etc/tcprules.d/tcp.smtp.bak


tee /etc/tcprules.d/tcp.amavis.smtp  > /dev/null <<EOT
# tee /etc/tcprules.d/tcp.amavis.smtp  > /dev/null <<EOT
127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
:allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue.smtp",NOP0FCHECK="1"
:allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue.smtp",NOP0FCHECK="1"
EOT
EOT
# tcprules /etc/tcprules.d/tcp.amavis.smtp.cdb /etc/tcprules.d/tcp.amavis.smtp.tmp < /etc/tcprules.d/tcp.amavis.smtp
# chmod 644 tcp.amavis.smtp*


tee /etc/tcprules.d/tcp.smtp  > /dev/null <<EOT
# tee /etc/tcprules.d/tcp.smtp  > /dev/null <<EOT
127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
:allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue",NOP0FCHECK="1"
:allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue",NOP0FCHECK="1"
EOT
EOT
# qmailctl cdb


  Edit/Create run files for qmail smtp & qmail amavis
  '''Edit/Create run files for qmail smtp & qmail amavis'''
# cp -Rp /var/qmail/supervise/smtp /var/qmail/supervise/smtp2
# cp -Rp /var/qmail/supervise/smtp /var/qmail/supervise/smtp2


tee /var/qmail/supervise/smtp/run > /dev/null <<EOT
# tee /var/qmail/supervise/smtp/run > /dev/null <<EOT
#!/bin/sh
#!/bin/sh
QMAILDUID=`id -u vpopmail`
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SMTPD="/var/qmail/bin/qmail-smtpd"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.amavis.smtp.cdb"
TCP_CDB="/etc/tcprules.d/tcp.amavis.smtp.cdb"
HOSTNAME=`hostname`
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
VCHKPW="/home/vpopmail/bin/vchkpw"
export SMTPAUTH="-"
export SMTPAUTH="-"<br>
 
exec /usr/bin/softlimit -m 64000000 \
exec /usr/bin/softlimit -m 64000000 \
     /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
     /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
     -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
     -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
     $SMTPD $VCHKPW /bin/true 2>&1
     $SMTPD $VCHKPW /bin/true 2>&1<br>
 
EOT
EOT
 
tee /var/qmail/supervise/smtp2/run > /dev/null <<EOT
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
export SMTPAUTH="-"
export FORCETLS=0


exec /usr/bin/softlimit -m 64000000 \
# tee /var/qmail/supervise/smtp2/run > /dev/null <<EOT
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
export SMTPAUTH="-"
export FORCETLS=0<br>
exec /usr/bin/softlimit -m 64000000 \
     /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
     /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
     -u "$QMAILDUID" -g "$NOFILESGID" 0 10025 \
     -u "$QMAILDUID" -g "$NOFILESGID" 0 10025 \
     $SMTPD $VCHKPW /bin/true 2>&1
     $SMTPD $VCHKPW /bin/true 2>&1<br>
EOT


EOT
# tee /var/qmail/supervise/smtp2/log/run > /dev/null <<EOT
 
#!/bin/sh
tee /var/qmail/supervise/smtp2/log/run > /dev/null <<EOT
LOGSIZE=`cat /var/qmail/control/logsize`
#!/bin/sh
LOGCOUNT=`cat /var/qmail/control/logcount`
LOGSIZE=`cat /var/qmail/control/logsize`
exec /usr/bin/setuidgid qmaill \
LOGCOUNT=`cat /var/qmail/control/logcount`
exec /usr/bin/setuidgid qmaill \
     /usr/bin/multilog t s$LOGSIZE n$LOGCOUNT \
     /usr/bin/multilog t s$LOGSIZE n$LOGCOUNT \
     /var/log/qmail/smtp2 2>&1
     /var/log/qmail/smtp2 2>&1<br>
 
EOT
EOT
 
Add Amavis Dspam support


'''Add Amavis Dspam support'''
  Install Dspam (skip 'install per domain')
  Install Dspam (skip 'install per domain')
# wget https://raw.githubusercontent.com/qmtoaster/dspam/master/dspamdb.sh
# wget https://raw.githubusercontent.com/qmtoaster/dspam/master/dspamdb.sh
# chmod 755 dspamdb.sh
# chmod 755 dspamdb.sh
# ./dpsamdb.sh
# ./dpsamdb.sh


  Add Under $dspam = 'dspam'
  '''Add Under $dspam = 'dspam''''
# vi /etc/amavisd/amavisd.conf
# vi /etc/amavisd/amavisd.conf


@spam_scanners = (
@spam_scanners = (
   ['DSPAM', 'Amavis::SpamControl::ExtProg', 'dspam',
   ['DSPAM', 'Amavis::SpamControl::ExtProg', 'dspam',
       [ qw(--user amavis --deliver=stdout) ],
       [ qw(--user amavis --deliver=stdout) ],
   ],
   ],
);
);
 
Add under 'Trust vpopmail'
# vi /etc/dspam.conf
Trust amavis


  Start & stat qmail
  '''Add under 'Trust vpopmail''''
# qmailctl start
# vi /etc/dspam.conf
# qmailctl stat
Trust amavis


send: up (pid 253068) 97100 seconds
'''Start & stat qmail'''
smtp: up (pid 253065) 97100 seconds
# qmailctl start
smtp2: up (pid 253071) 97100 seconds
# qmailctl stat<br>
smtps: up (pid 253067) 97100 seconds
send: up (pid 253068) 97100 seconds
submission: up (pid 253073) 97100 seconds
smtp: up (pid 253065) 97100 seconds
send/log: up (pid 253064) 97100 seconds
smtp2: up (pid 253071) 97100 seconds
smtp2/log: up (pid 253070) 97100 seconds
smtps: up (pid 253067) 97100 seconds
smtp/log: up (pid 253066) 97100 seconds
submission: up (pid 253073) 97100 seconds
smtps/log: up (pid 253072) 97100 seconds
send/log: up (pid 253064) 97100 seconds
submission/log: up (pid 253069) 97100 seconds
smtp2/log: up (pid 253070) 97100 seconds
smtp/log: up (pid 253066) 97100 seconds
smtps/log: up (pid 253072) 97100 seconds
submission/log: up (pid 253069) 97100 seconds


  Test with Swaks
  '''Test with Swaks'''
# swaks --to myuser@domain.tld,myuser2@domain.tld --from myuser@remotedomain.tld --server mx.domain.tld -tls
# swaks --to myuser@domain.tld,myuser2@domain.tld --from myuser@remotedomain.tld --server mx.domain.tld -tls
=== Trying 192.168.16.75:25...
=== Trying 192.168.16.75:25...
=== Connected to 192.168.16.75.
=== Connected to 192.168.16.75.
<-  220 localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server ESMTP
<-  220 localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server ESMTP
  -> EHLO mx.domain.tld
  -> EHLO mx.domain.tld
<-  250-localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server
<-  250-localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server
<-  250-STARTTLS
<-  250-STARTTLS
<-  250-PIPELINING
<-  250-PIPELINING
<-  250-8BITMIME
<-  250-8BITMIME
<-  250 SIZE 20971520
<-  250 SIZE 20971520
  -> STARTTLS
  -> STARTTLS
<-  220 ready for tls
<-  220 ready for tls
=== TLS started with cipher TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256
=== TLS started with cipher TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256
=== TLS no local certificate set
=== TLS no local certificate set
=== TLS peer DN="/O=Qmail Toaster Server/OU=Test Certificate/CN=localhost"
=== TLS peer DN="/O=Qmail Toaster Server/OU=Test Certificate/CN=localhost"
  ~> EHLO mx.domain.tld
  ~> EHLO mx.domain.tld
<~  250-localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server
<~  250-localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server
<~  250-PIPELINING
<~  250-PIPELINING
<~  250-8BITMIME
<~  250-8BITMIME
<~  250 SIZE 20971520
<~  250 SIZE 20971520
  ~> MAIL FROM:<myuser@remotedomain.tld>
  ~> MAIL FROM:<myuser@remotedomain.tld>
<~  250 ok
<~  250 ok
  ~> RCPT TO:<myuser@domain.tld>
  ~> RCPT TO:<myuser@domain.tld>
<~  250 ok
<~  250 ok
  ~> RCPT TO:<myuser2@domain.tld>
  ~> RCPT TO:<myuser2@domain.tld>
<~  250 ok
<~  250 ok
  ~> DATA
  ~> DATA
<~  354 go ahead
<~  354 go ahead
  ~> Date: Sun, 29 Nov 2020 14:58:40 -0700
  ~> Date: Sun, 29 Nov 2020 14:58:40 -0700
  ~> To: myuser@domain.tld,myuser2@domain.tld
  ~> To: myuser@domain.tld,myuser2@domain.tld
Line 165: Line 164:
  ~>
  ~>
  ~> .
  ~> .
<~  250 ok 1606687121 qp 308705
<~  250 ok 1606687121 qp 308705
  ~> QUIT
  ~> QUIT
<~  221 localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server
<~  221 localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server
=== Connection closed with remote host.
=== Connection closed with remote host.


  All Amavis output is in the maillog (/var/log/maillog).
  '''All Amavis output is in the maillog (/var/log/maillog).'''


  Email headers will contain
  '''The following header will be inserted by amavisd'''
X-Virus-Scanned: amavisd-new at domain.tld
X-Virus-Scanned: amavisd-new at domain.tld


  Email headers will show Amavis routing
  '''Email headers will show Amavis routing'''
Return-Path:  
Return-Path:  
Delivered-To: myemail@domain.tld
Delivered-To: myemail@domain.tld
Received: (qmail 266650 invoked by uid 89); 29 Nov 2020 00:43:58 -0000
Received: (qmail 266650 invoked by uid 89); 29 Nov 2020 00:43:58 -0000
Received: from unknown (HELO localhost) (127.0.0.1)
Received: from unknown (HELO localhost) (127.0.0.1)
   by localhost.localdomain with SMTP; 29 Nov 2020 00:43:58 -0000
   by localhost.localdomain with SMTP; 29 Nov 2020 00:43:58 -0000
X-DSPAM-Processed: Sat Nov 28 17:43:58 2020
X-DSPAM-Processed: Sat Nov 28 17:43:58 2020
X-DSPAM-Confidence: 0.9899
X-DSPAM-Confidence: 0.9899
X-DSPAM-Probability: 0.0000
X-DSPAM-Probability: 0.0000
X-Virus-Scanned: amavisd-new at domain.tld
<span style="color:red">X-Virus-Scanned: amavisd-new at domain.tld</span>
X-DSPAM-Result: Whitelisted
X-DSPAM-Result: Whitelisted
X-DSPAM-Signature: 1,5fc2eece2666485921812939
X-DSPAM-Signature: 1,5fc2eece2666485921812939
Received: from unknown ([127.0.0.1])
<span style="color:red">Received: from unknown ([127.0.0.1])
         by localhost (mx.domain.tld [127.0.0.1]) (amavisd-new, port 10024)
         by localhost (mx.domain.tld [127.0.0.1]) (amavisd-new, port 10024)
         with SMTP id kma806hO5pyA; Sat, 28 Nov 2020 17:43:57 -0700 (MST)
         with SMTP id kma806hO5pyA; Sat, 28 Nov 2020 17:43:57 -0700 (MST)</span>
Received: from unknown (HELO mx.remotedomain.tld) (xxx.xxx.xxx.xxx)
Received: from unknown (HELO mx.remotedomain.tld) (xxx.xxx.xxx.xxx)
   by localhost.localdomain with ESMTPS (ECDHE-RSA-AES256-GCM-SHA384 encrypted); 29 Nov 2020 00:43:57 -0000
   by localhost.localdomain with ESMTPS (ECDHE-RSA-AES256-GCM-SHA384 encrypted); 29 Nov 2020 00:43:57 -0000
Received-SPF: none (localhost.localdomain: domain at remotedomain.tld does not designate permitted sender hosts)
Received-SPF: none (localhost.localdomain: domain at remotedomain.tld does not designate permitted sender hosts)






  Other spam scanners operable with Amavis
  '''Other spam scanners operable with Amavis'''


   @spam_scanners = (
   @spam_scanners = (
Line 207: Line 206:
   );
   );


  Other AV scanners operable with Amavis
  '''Other AV scanners operable with Amavis'''
   ESET NODE32
   ESET NODE32
   Avast
   Avast

Latest revision as of 09:11, 19 October 2024

Back

For testing until production stability proven.

The way it works [TCP Port or pipe]:
SMTP --[25]-> qmail-smtpd --[|]-> qmail-queue.smtpd --[10024]-> amavisd --[10025]-> qmail-smtpd --[|]-> qmail-queue > qmail queue > qmail-local

Build qmail-queue.smtp transfers email to Amavisd
# wget https://raw.githubusercontent.com/qmtoaster/amavis/main/qmail-amavisd-0.94.patch
# wget https://raw.githubusercontent.com/qmtoaster/amavis/main/qmail-amavisd-0.94.tgz
# tar zxvf qmail-amavisd-0.94.tgz
# cd qmail-amavisd-0.94
# patch < ../qmail-amavisd-0.94.patch
# make
# cp qmail-queue.smtp /var/qmail/bin
# chown qmailq:qmail /var/qmail/bin/qmail-queue.smtp
# chmod 4711 /var/qmail/bin/qmail-queue.smtp

Install Amavis & edit config, run clamd under Amavis, start both services
# dnf -y install amavisd-new lz4 cabextract perl-Digest-SHA1 perl-IO-stringy
# wget https://www.rarlab.com/rar/rarlinux-x64-700.tar.gz (https://www.rarlab.com/)
# tar zxvf rarlinux-x64-700.tar.gz
# cp rar/rar rar/unrar /usr/local/bin
# sed -i 's/%i.conf/amavisd.conf/' /usr/lib/systemd/system/clamd@.service
# systemctl daemon-reload
# systemctl restart clamd@scan
# vi /etc/amavisd/amavisd.conf
 $mydomain = 'domain.tld';
 $myhostname = 'mx.domain.tld';
 $notify_method = 'smtp:[127.0.0.1]:10025';
 $forward_method = 'smtp:[127.0.0.1]:10025';
# systemctl enable --now amavisd

Create tcp rules for qmail smtp & qmail amavis
# mv /etc/tcprules.d/tcp.smtp /etc/tcprules.d/tcp.smtp.bak

# tee /etc/tcprules.d/tcp.amavis.smtp  > /dev/null <<EOT
127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
:allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue.smtp",NOP0FCHECK="1"
EOT
# tcprules /etc/tcprules.d/tcp.amavis.smtp.cdb /etc/tcprules.d/tcp.amavis.smtp.tmp < /etc/tcprules.d/tcp.amavis.smtp
# chmod 644 tcp.amavis.smtp*

# tee /etc/tcprules.d/tcp.smtp  > /dev/null <<EOT
127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
:allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue",NOP0FCHECK="1"
EOT
# qmailctl cdb

Edit/Create run files for qmail smtp & qmail amavis
# cp -Rp /var/qmail/supervise/smtp /var/qmail/supervise/smtp2

# tee /var/qmail/supervise/smtp/run > /dev/null <<EOT
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.amavis.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
export SMTPAUTH="-"

exec /usr/bin/softlimit -m 64000000 \
    /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
    -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
    $SMTPD $VCHKPW /bin/true 2>&1

EOT

# tee /var/qmail/supervise/smtp2/run > /dev/null <<EOT
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
export SMTPAUTH="-"
export FORCETLS=0

exec /usr/bin/softlimit -m 64000000 \
    /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
    -u "$QMAILDUID" -g "$NOFILESGID" 0 10025 \
    $SMTPD $VCHKPW /bin/true 2>&1

EOT

# tee /var/qmail/supervise/smtp2/log/run > /dev/null <<EOT
#!/bin/sh
LOGSIZE=`cat /var/qmail/control/logsize`
LOGCOUNT=`cat /var/qmail/control/logcount`
exec /usr/bin/setuidgid qmaill \
    /usr/bin/multilog t s$LOGSIZE n$LOGCOUNT \
    /var/log/qmail/smtp2 2>&1

EOT

Add Amavis Dspam support
Install Dspam (skip 'install per domain')
# wget https://raw.githubusercontent.com/qmtoaster/dspam/master/dspamdb.sh
# chmod 755 dspamdb.sh
# ./dpsamdb.sh

Add Under $dspam = 'dspam'
# vi /etc/amavisd/amavisd.conf

@spam_scanners = (
  ['DSPAM', 'Amavis::SpamControl::ExtProg', 'dspam',
     [ qw(--user amavis --deliver=stdout) ],
  ],
);

Add under 'Trust vpopmail'
# vi /etc/dspam.conf
Trust amavis

Start & stat qmail
# qmailctl start
# qmailctl stat

send: up (pid 253068) 97100 seconds
smtp: up (pid 253065) 97100 seconds
smtp2: up (pid 253071) 97100 seconds
smtps: up (pid 253067) 97100 seconds
submission: up (pid 253073) 97100 seconds
send/log: up (pid 253064) 97100 seconds
smtp2/log: up (pid 253070) 97100 seconds
smtp/log: up (pid 253066) 97100 seconds
smtps/log: up (pid 253072) 97100 seconds
submission/log: up (pid 253069) 97100 seconds

Test with Swaks
# swaks --to myuser@domain.tld,myuser2@domain.tld --from myuser@remotedomain.tld --server mx.domain.tld -tls
=== Trying 192.168.16.75:25...
=== Connected to 192.168.16.75.
<-  220 localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server ESMTP
-> EHLO mx.domain.tld
<-  250-localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server
<-  250-STARTTLS
<-  250-PIPELINING
<-  250-8BITMIME
<-  250 SIZE 20971520
-> STARTTLS
<-  220 ready for tls
=== TLS started with cipher TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256
=== TLS no local certificate set
=== TLS peer DN="/O=Qmail Toaster Server/OU=Test Certificate/CN=localhost"
~> EHLO mx.domain.tld
<~  250-localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server
<~  250-PIPELINING
<~  250-8BITMIME
<~  250 SIZE 20971520
~> MAIL FROM:<myuser@remotedomain.tld>
<~  250 ok
~> RCPT TO:<myuser@domain.tld>
<~  250 ok
~> RCPT TO:<myuser2@domain.tld>
<~  250 ok
~> DATA
<~  354 go ahead
~> Date: Sun, 29 Nov 2020 14:58:40 -0700
~> To: myuser@domain.tld,myuser2@domain.tld
~> From: myuser@remotedomain.tld
~> Subject: test Sun, 29 Nov 2020 14:58:40 -0700
~> Message-Id: <20201129145840.009255@mx.domain.tld>
~> X-Mailer: swaks v20170101.0 jetmore.org/john/code/swaks/
~>
~> This is a test mailing
~>
~> .
<~  250 ok 1606687121 qp 308705
~> QUIT
<~  221 localhost - Welcome to Qmail Toaster Ver. 1.03-3.3.1.qt.md.el8 SMTP Server
=== Connection closed with remote host.

All Amavis output is in the maillog (/var/log/maillog).

The following header will be inserted by amavisd
X-Virus-Scanned: amavisd-new at domain.tld

Email headers will show Amavis routing
Return-Path: 
Delivered-To: myemail@domain.tld
Received: (qmail 266650 invoked by uid 89); 29 Nov 2020 00:43:58 -0000
Received: from unknown (HELO localhost) (127.0.0.1)
 by localhost.localdomain with SMTP; 29 Nov 2020 00:43:58 -0000
X-DSPAM-Processed: Sat Nov 28 17:43:58 2020
X-DSPAM-Confidence: 0.9899
X-DSPAM-Probability: 0.0000
X-Virus-Scanned: amavisd-new at domain.tld
X-DSPAM-Result: Whitelisted
X-DSPAM-Signature: 1,5fc2eece2666485921812939
Received: from unknown ([127.0.0.1])
       by localhost (mx.domain.tld [127.0.0.1]) (amavisd-new, port 10024)
       with SMTP id kma806hO5pyA; Sat, 28 Nov 2020 17:43:57 -0700 (MST)
Received: from unknown (HELO mx.remotedomain.tld) (xxx.xxx.xxx.xxx)
 by localhost.localdomain with ESMTPS (ECDHE-RSA-AES256-GCM-SHA384 encrypted); 29 Nov 2020 00:43:57 -0000
Received-SPF: none (localhost.localdomain: domain at remotedomain.tld does not designate permitted sender hosts)



Other spam scanners operable with Amavis

 @spam_scanners = (
   ['CRM114', 'Amavis::SpamControl::ExtProg', 'crm',
     [ qw(-u /var/amavis/home/.crm114 mailreaver.crm
          --dontstore --report_only --stats_only
          --good_threshold=8 --spam_threshold=-8) ],
     mail_body_size_limit => 64000, score_factor => -0.20,
   ],
 );

Other AV scanners operable with Amavis
 ESET NODE32
 Avast
 Trend Micro
 Kaspersky
 Sophos
 F-Secure
 ...

Questions, comments, suggestions, corrections...contact Eric on the QMT list
Retrieved from "http://wiki.qmailtoaster.org:80/index.php?title=Amavis&oldid=1341"