Clamassassin as Antivirus Solution with Maildrop, Courier and Postfix


First of all you need to install the needed packages:

apt-get install clamassassin clamav clamav-freshclam clamav-daemon clamav-base

Supposing that you use maildrop, you just have to edit the file /etc/courier/maildroprc as follows:

exception {
 xfilter "/usr/bin/clamassassin"
 if (/^X-Virus-Status: Yes/)
 {
  to /dev/null
 }
}

E-mails passed to maildrop will so directly be deleted if they're scanned positively for a virus.

Instead of deleting them you may want to move them to a quarantine folder instead:

`[ -d $DEFAULT/.Quarantine ]`
if ( $RETURNCODE == 1 )
{
`maildirmake.courier $DEFAULT/.Quarantine`
}

exception {
 xfilter "/usr/bin/clamassassin"
 if (/^X-Virus-Status: Yes/)
 {
 to "$DEFAULT/.Quarantine/"
 }
}

At the beginning of the script we make sure that the quarantine folder exists in your mailbox, then we filter the mail and in case it contains a virus moves it to .Quarantine.