Red Hat Bugzilla – Bug 189862
Amavisd-new and clamav mutual integration in FC5 (with Postfix, SpamAssassin and other components too)
Last modified: 2007-11-30 17:11:31 EST
Description of problem:
Despite the fact that both amavisd-new and clamav components were integrated in
FC5 Extras and some precious clues were given into clamav-server's README, there
is no clear way how to build a complete antivirus system.
When installing, the amavisd-new RPM package seems to "detect" the presence of
clamav and activates the coresponding options. However, there are some
contradictions between the indications given in clamav-server's README file and
the actual configuration done by the RPM packages.
Because the lack of integration, system become unstable after nightly updates
done by yum (the antivirus system locks up, preventing Postfix's delivery of
mails in users' mailboxes) or/and clamav's database update is not possible due
to RPM's changing of files/directories' permissions.
Version-Release number of selected component (if applicable):
Install Postfix, amavisd-new and clamav components on a stoc FC5 system, using
packages provided by FC5 Extras.
Steps to Reproduce:
- Whole mailsystem locks up due to antivirus filter failure, after yum upgrading
packages during the night.
- Freshclam is unable to update clamav's database after an yum upgrade, due du
RPM's changing files/directories permissions
- No single piece of documentation included in the RPM states how to properly
integrate all these in a production-class system (Postfix, amavisd-new, clamav,
spamassassin and others like Razor, Pyzor, etc.)
- The provided RPM packages should work together using the supplied
configuration files, with minimal changes.
- A clear piece of documentation should exist, referring to the actual config
files provided by the RPM packages.
- By all means, the antivirus filter should survive a yum upgrade.
- The system should work in a SELinux-enabled environment (acces to various
files/directories should be allowed for all necessary daemons, by the default
I consider all these highly critical, due to the following facts:
- clamav +amavisd-new seems to be the only true GPLed antivirus solution on the
- this configuration is widely used - on many RedHat/Fedora Linux mailservers
that services a LAN of Windows workstations, in production/business environments.
/usr/share/doc/amavisd-new-2.4.0/README_FILES/README.fedora has directions for
setting up postfix + amavisd-new. If you have a problem with that
documentation, please open a bug against amavisd-new with your suggestions. (I
know I hand-wave over the clamd setup a little, and I'd be happy to fix that if
it isn't clear how to set up clamd, freshclam, etc. properly.)
If you see SELinux-related failures, please open a bug against