Debian Exim-AMaViS-SpamAssassin Pseudo-HOW-TO

Do not use exim in version 3 no more, for which this document is intended. Upgrade to a newer version of exim and use a different documentation, please.

Get your eMails checked for viri and Spam tagged as such on your beloved Debian stable. This Pseudo-HOW-TO describes in short how to achieve such an installation.


What you need:

• Debian GNU/Linux
• Exim v3
• a working virus scanner supported by AMaViS (e.g. apt-get install clamav-daemon)

• apt-get update
  
• apt-get install spamassassin
  Don't worry about the daemon of  SpamAssassin, it's disabled by default.
• apt-get install amavisd-new

• Exim v3 (nano /etc/exim/exim.conf)
  
  1. Add a transport for AMaViS
     (you may need to change hosts = localhost to hosts = 127.0.0.1):
     

     amavis_smtp:
             driver = smtp
             hosts = localhost
             port = 10024
             allow_localhost
             hosts_override

  2. Add a director for AMaViS as the first entry:
     

     amavis_director:
             condition = "${if or  { { eq {$received_protocol} {scanned-ok} } \
     				{ eq {$sender_address} {} } \
     				{ > {$message_size} {1024K} } \
     			      } \
     		      {0}{1}}"
     	driver = smartuser
             transport = amavis_smtp
             no_verify
     

  3. Add a router for AMaViS as the first entry:
     

     amavis_router:
             condition = "${if or  { { eq {$received_protocol} {scanned-ok} } \
     				{ eq {$sender_address} {} } \
     				{ > {$message_size} {8192K} } \
                                   } \
                           {0}{1}}"
             driver = domainlist
             transport = amavis_smtp
             route_list = * localhost byname
             self = send
             no_verify
     	  

  4. Add the user "amavis", under which AMaViS runs, to the list of trusted users (Option "trusted_users"; the data is separated by colons).
     
  5. Add a retry rule for your localhost as the first entry:
     e.g. localhost * F,1d,5m; G,15h,5m,1.5; F,5d,6h; F,2w,1d
     Do not remove the default retry rule.
  6. Optionally use exim's receiver_verify feature.
  
  
• AMaViS (nano /etc/amavis/amavisd.conf):
  
  1. Change $mydomain to contain your primary domain name.
     
  2. Include all domains you relay or receive mail for in @local_domains_acl. Only matching domains get spam tags. If you have configured your exim with virtual domain handling as described in " Debian Exim with Virtual Domains Pseudo-HOW-TO", you can use this configuration snippet (updated 2005-09-01).
  3. Uncomment the settings for Exim v3.
  4. Comment out the other MTAs.
     
  5. Comment out @bypass_spam_checks_acl to enable SpamAssassin.
  6. Think about exims remote_max_parallel and amavis' max_servers directives.
  7. Configure the rest solely your preferences.

• restart Exim (/etc/init.d/exim restart)
  
• restart AMaViS (/etc/init.d/amavis restart)
  
• check the logs: less /var/log/syslog, less /var/log/exim/mainlog, less /var/log/exim/paniclog and less /var/log/exim/rejectlog
• send some test mails in and out, watch the headers and the logs. You may want to test delivery by using exim's testing feature: exim -d <debuglevel> -bt <address>
• download and mail the eicar test file (http://eicar.org/anti_virus_test_file.htm)
  

• exim home
• amavisd-new
• amavis homepage
• Debian mailinglists
• amavis-user mailinglist