Updated: 2024/03/19
Enable CodeReady Linux Builder (CRB) repo:
dnf config-manager --set-enabled crb
Install and enable EPEL repo:
dnf --enablerepo=extras install epel-release
Install ClamAV (and related) packages:
install clamav clamd clamav-update clamav-milter
Adjust SELinux:
setsebool -P antivirus_can_scan_system 1
Update ClamAV definitions:
freshclam
Start and enable Freshclam service
systemctl enable clamav-freshclam
systemctl start clamav-freshclam
Configure clamd:
sed -i "s|^#LogFacility LOG_MAIL|LogFacility LOG_MAIL|g" /etc/clamd.d/scan.conf
sed -i "s|^#LocalSocket\s.*|LocalSocket /run/clamd.scan/clamd.sock |g" /etc/clamd.d/scan.conf
sed -i "s|^#ScanArchive yes|ScanArchive yes|g" /etc/clamd.d/scan.conf
sed -i "s|^#AlertEncrypted yes|AlertEncrypted yes|g" /etc/clamd.d/scan.conf
sed -i "s|^#AlertEncryptedArchive yes|AlertEncryptedArchive yes|g" /etc/clamd.d/scan.conf
sed -i "s|^#AlertEncryptedDoc yes|AlertEncryptedDoc yes|g" /etc/clamd.d/scan.conf
sed -i "s|^#AlertBrokenExecutables yes|AlertBrokenExecutables yes|g" /etc/clamd.d/scan.conf
Start and enable clamd:
systemctl enable clamd@scan.service
systemctl start clamd@scan.service
Configure ClamAV-milter:
sed -i "s|^Example|#Example|g" /etc/mail/clamav-milter.conf
sed -i "s|^#ClamdSocket tcp:scanner.mydomain:7357|ClamdSocket unix:/run/clamd.scan/clamd.sock|g" /etc/mail/clamav-milter.conf
sed -i "s|^#AddHeader Replace|AddHeader Replace|g" /etc/mail/clamav-milter.conf
sed -i "s|^#LogFacility LOG_MAIL|LogFacility LOG_MAIL|g" /etc/mail/clamav-milter.conf
sed -i "s|^#MilterSocket inet:7357|MilterSocket inet:3381@localhost|g" /etc/mail/clamav-milter.conf
sed -i "s|^#OnInfected Quarantine|OnInfected Reject|g" /etc/mail/clamav-milter.conf
Start and enable ClamAV-milter:
systemctl enable clamav-milter
systemctl start clamav-milter
Update Postfix main configuration:
postconf -e milter_default_action=accept
postconf -e milter_protocol=6
postconf -e smtpd_milters="inet:127.0.0.1:3381"
postconf -e non_smtpd_milters=inet:127.0.0.1:3381
Reload postfix:
postfix reload
Home > Build Procedures > Postfix SMTP gateway for Exchange on Rocky 9