Clapf project is a clamav based network filter for postfix. Now clapf includes an experimental bayesian antispam module.
- edit parameters in config.h
- if you don't want to compile the antispam module type "make av_only"; otherwise type "make", it should compile cleanly
- create a dedicated group and user for clapf such as "av"
groupadd av; useradd -g av -d /opt/av -s /bin/false av
- lock the user out:
usermod -L av
- create a directory for clapf:
mkdir -p /opt/av/quarantine
chown -R av:av /opt/av
chmod -R 700 /opt/av
If you plan to put clapf into a chroot jail make sure te create a /tmp directory there.
I recommend you put the spool directory to a separate disk for a better performance.
- start the filter application:
su av -c 'export TMPDIR=/opt/av; /path/to/clapf &'
The util/check_clapf.sh script is planned to run regularly to check whether clapf is running and restart it if necessary.
Note that clapf (I mean the clamav library) usually tries to unpack CVD files in /tmp
I suggest you to change this setting with the TMPDIR environment variable (as shown above)
Be careful that clapf needs enough space under $TMPDIR
If you see messages like
"LibClamAV Error: cli_cvdload(): Can't create temporary directory /tmp/clamav-a0480b63a7872f98"
"LibClamAV Error: Wrote 0 instead of 512 (/tmp/clamav-75668d156e64018e/main.db).
LibClamAV Error: cli_cvdload(): Can't unpack CVD file."
"cl_loaddbdir: CVD extraction failure."
that means clapf has no enough space under $TMPDIR
Notice the following messages in syslog (typically /var/log/maillog):
'clapf < VERSION > starting'
'Loaded 22548 signatures.'
'using /opt/av/tokens.cdb as spamicity file' (if you configured to use the antispam module)
1. add the following line to main.cf:
content_filter = smtp:[127.0.0.1]:10025
2. add the following lines to master.cf:
127.0.0.1:10026 inet n - n - 10 smtpd -o content_filter=
3. restart postfix
· Clam AntiVirus
What's New in This Release: [ read full changelog ]
· Heavy LDAP-related Web UI modifications were made.
· Lots of minor other Web UI fixes and improvements were made.
· An LDAP issue related to the usage of email blacklist was resolved....
· Tokenization was made smarter.
· Training is faster due to bulk creation of new tokens.
· Support was added to the icc libraries to let you build a static clapf daemon using icc compiled mysql libraries.
· PDF reports are supported.
· Statistics were revised using the history database.
· XFORWARD is no longer used to detect whether the connecting host is a zombie.
· Support for counters was added in the Web UI.