I've been using Courier MTA since I first started using Linux almost 9 years ago (a good friend of mine turned me onto it over sendmail.) For about the past 3 years or so I've been using ClamCour with ClamAV to protect my users, and myself, from email viruses and worms. This has been working great, until just recently. Changes in the Debian Courier packages seem to have broken ClamCour for good, while ClamCour is being maintained outside of Debian and has had releases subsequent to the 2.2 release seen on Debian systems, the package has been abandoned. If I were more comfortable with my Linux skills, I'd probably have seen if I could update the ClamCour package with the latest release and compatibility with the newest Courier MTA. But, I'm not that skilled, yet.

So I turned to my trusty sidekick, Google. I quickly turned up an article from 2004 on using Perl, Courier, and ClamAV. For historic reasons I've never had clamd installed, though there have been times that I've realized I should probably switch. So I immediately decided to use Method 2, which was labeled as not requiring clamd. Turns out this isn't true anymore, but it got me started. So without further ado, here's how I setup Courier::Filter on my Debian machine.

First install the necessary Debian packages:

# apt-get install courier-filter-perl libmime-tools-perl libclamav-client-perl clamav-daemon

While libmime-tools-perl and libclamav-client-perl are not required for courier-filter-perl, they are required in order to use Courier::Filter::Module::ClamAVd. Next edit /etc/courier/filters/pureperlfilter.conf and the following line after the Sample declaration:

Courier::Filter::Module::ClamAVd->new(),

Your modules section should look something like this:

    modules     => [

      # Sample declaration:
      #Courier::Filter::Module::Header->new(
      #    fields      => {
      #       'list-id'        => '',
      #        subject         => qr/duell?ing\s+banjoe?s?/i
      #    },
      #    response    => 'Oh no, not those dueling banjos again!',
      #    trusting    => TRUE
      #),


      Courier::Filter::Module::ClamAVd->new(),
  ]

Lastly we need to symlink the pureperlfilter (the Courier::Filter documentation calls this courier-filter-perl) in our /etc/courier/filters/active and restart the Courier filters.

# cd /etc/courier/filters/active
# ln -s /usr/lib/pureperlfilter
# courierfilter restart

That's it, you should now have antivirus protection on incoming and outgoing mail. Hope this helps someone.

Labels: Computers, Linux

¶ 1:51 PM