Description of problem: Despite the fact that both amavisd-new and clamav components were integrated in FC5 Extras and some precious clues were given into clamav-server's README, there is no clear way how to build a complete antivirus system. When installing, the amavisd-new RPM package seems to "detect" the presence of clamav and activates the coresponding options. However, there are some contradictions between the indications given in clamav-server's README file and the actual configuration done by the RPM packages. Because the lack of integration, system become unstable after nightly updates done by yum (the antivirus system locks up, preventing Postfix's delivery of mails in users' mailboxes) or/and clamav's database update is not possible due to RPM's changing of files/directories' permissions. Version-Release number of selected component (if applicable): amavisd-new-2.3.3-5.fc5 clamav-server-0.88.1-1.fc5 clamav-data-0.88.1-1.fc5 clamav-lib-0.88.1-1.fc5 clamav-update-0.88.1-1.fc5 spamassassin-3.1.1-1.fc5 postfix-2.2.8-1.2 How reproducible: Install Postfix, amavisd-new and clamav components on a stoc FC5 system, using packages provided by FC5 Extras. Steps to Reproduce: 1. 2. 3. Actual results: - Whole mailsystem locks up due to antivirus filter failure, after yum upgrading packages during the night. - Freshclam is unable to update clamav's database after an yum upgrade, due du RPM's changing files/directories permissions - No single piece of documentation included in the RPM states how to properly integrate all these in a production-class system (Postfix, amavisd-new, clamav, spamassassin and others like Razor, Pyzor, etc.) Expected results: - The provided RPM packages should work together using the supplied configuration files, with minimal changes. - A clear piece of documentation should exist, referring to the actual config files provided by the RPM packages. - By all means, the antivirus filter should survive a yum upgrade. - The system should work in a SELinux-enabled environment (acces to various files/directories should be allowed for all necessary daemons, by the default selinux-targeted policy). Additional info: I consider all these highly critical, due to the following facts: - clamav +amavisd-new seems to be the only true GPLed antivirus solution on the market today; - this configuration is widely used - on many RedHat/Fedora Linux mailservers that services a LAN of Windows workstations, in production/business environments.
/usr/share/doc/amavisd-new-2.4.0/README_FILES/README.fedora has directions for setting up postfix + amavisd-new. If you have a problem with that documentation, please open a bug against amavisd-new with your suggestions. (I know I hand-wave over the clamd setup a little, and I'd be happy to fix that if it isn't clear how to set up clamd, freshclam, etc. properly.) If you see SELinux-related failures, please open a bug against selinux-policy-targeted.