安装amavisd-new
yum install amavisd-new
中文过滤规则
cp Chinese_rules.cf /usr/share/spamassassin/
service amavisd start
lsof -i:10024

安装ClamAV
yum install clamd
vim /etc/clamd.conf
注释掉 80行 ‘TCPSocket 3310’,我们将使用unix socket而不是TCP,两者不可并存

设置相关目录权限:
将clamav加到amavis运行组里,并调整目录权限,否则clamav将无法扫描amavisd-new产生的临时文件
usermod -G amavis clamav
chown amavis.amavis /var/spool/vscan
chmod 750 /var/spool/vscan
chown amavis.amavis /var/spool/vscan/tmp
chmod 750 /var/spool/vscan/tmp

启动ClamAV及更新病毒库
service clamd start
配置amavisd.con文件
vim /etc/amavisd/amavisd.conf
21  $mydomain = 'server.com';
153 $myhostname = 'mail.server.com';
54  @local_domains_maps = qw(.);   //对所有的域检查

修改投递/拦截的方法:
158 $final_virus_destiny      = D_REJECT;
160 $final_spam_destiny       = D_REJECT;  //邮件不会被投递给收件人,但会通知发件人邮件被拒绝
99  $sa_tag2_level_deflt = 19.2;          超过这个分数,允许在邮件标题加入[SPAM] 标记
100 $sa_kill_level_deflt = 19.9;          超过这个分数,直接將信件备份后删除

配置Amavisd与Clamav结合

“);

@av_scanners_backup = (”
上面添加
717
718 ['ClamAV-clamd',
719    \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
720    qr/\bOK$/, qr/\bFOUND$/,
721    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
722
723 );
724 @av_scanners_backup = (
725
726   ### http://www.clamav.net/   - backs up clamd or Mail::ClamAV
727 #  ['ClamAV-clamscan', 'clamscan',
728 #    "--stdout --no-summary -r --tempdir=$TEMPBASE {}",
729 #    [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
730 ['ClamAV-clamscan', 'clamscan',
731     "--stdout --no-summary -r --tempdir=$TEMPBASE {}",
732     [0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

配置Amavisd与spam结合
14  @bypass_spam_checks_maps  = (\%bypass_spam_checks,\@bypass_spam_checks_acl,\$bypass_spam_checks_re);

配置Postfix 集成amavisd-new
修改/etc/postfix/master.cf添加如下:smtp-amavis   unix  -       -        n      -        2      smtp    
                -o  lmtp_data_done_timeout=1200    
                -o  lmtp_send_xforward_command=yes  
                -o  disable_dns_lookups=yes
127.0.0.1:10025 inet n  -        n      -        -      smtpd  
                -o content_filter=      
                -o smtpd_client_restrictions=permit_mynetworks,reject  
                -o smtpd_helo_restrictions=    
                -o smtpd_sender_restrictions=  
                -o smtpd_recipient_restrictions=permit_mynetworks,reject    
                -o smtpd_data_restrictions=reject_unauth_pipelining    
                -o mynetworks=127.0.0.0/8

修改 vim /etc/postfix/main.cf文件
content_filter=smtp-amavis:[127.0.0.1]:10024
重启postfix:
service postfix restart
重新启动amavisd:
service amavisd restart
使用thunderbird发送正常邮件测试,
发送垃圾邮件测试,
代码:XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
病毒代码:X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
被拒绝的邮件保存在/var/spool/vscan/tmp目录下
日志文件/var/log/maillog
service spamassassin restart