debip124:/# cat /etc/postfix/main.cf

# see /usr/share/postfix/main.cf.dist for a commented, fuller
# version of this file.

# Do not change these directory settings - they are critical to Postfix
# operation.
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
setgid_group = postdrop
queue_directory = /var/spool/postfix

# appending .domain is the MUA's job.
append_dot_mydomain = no

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# Uncomment the next line to generate delayed mail warnings
#delay_warning_time = 4h

sendmail_path = /usr/sbin/sendmail

myhostname = debip124.wanadoo.home
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
###mydestination = debip124.wanadoo.home, localhost.wanadoo.home, localhost
#relayhost = mail.wanadoo.fren
#mynetworks = 127.0.0.0/8, 192.168.0.0/24, 192.168.1.0/24
mynetworks = 127.0.0.0/8
#mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
myorigin = /etc/mailname
home_mailbox = Maildir/
#mail_spool_directory = /var/spool/mail
relay_domains = $transport_maps
virtual_maps = hash:/etc/postfix/virtual
transport_maps = hash:/etc/postfix/transport

strict_rfc821_envelopes = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes

local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 2

# Content Filtering
content_filter = smtp-amavis:[127.0.0.1]:10024



debip124:/# cat /etc/postfix/master.cf (extrait)

......
# only used by postfix-tls
#tlsmgr   fifo  -       -       n       300     1       tlsmgr
#smtps    inet  n       -       n       -       -       smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#587      inet  n       -       n       -       -       smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes

# amavisd-new
smtp-amavis unix -      -       n     -       8  lmtp
    -o smtp_data_done_timeout=1200
    -o disable_dns_lookups=yes

127.0.0.1:10025 inet n  -       n     -       -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o smtpd_helo_restrictions=
    -o smtpd_client_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
discard   unix  -       -       -       -       -       discard



debip124:/# cat /etc/amavis/conf.d/15-content_filter_mode


use strict;

# You can modify this file to re-enable SPAM checking through spamassassin
# and to re-enable antivirus checking.

#
# Default antivirus checking mode
# Uncomment the two lines below to enable it back
#

@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);


#
# Default SPAM checking mode
# Uncomment the two lines below to enable it back
#

@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

1;  # insure a defined return



debip124:/# cat /etc/amavis/conf.d/15-av_scanners


use strict;

##
## AV Scanners (Debian version)
##

@av_scanners = (

 ### http://www.clamav.net/
 ['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
 # NOTE: remember to add the clamav user to the amavis group, and
 # to properly set clamd to init supplementary groups
 # When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"],
 #
);


@av_scanners_backup = (

  ### http://www.clamav.net/   - backs up clamd or Mail::ClamAV
  ['ClamAV-clamscan', 'clamscan',
    "--stdout --disable-summary -r --tempdir=$TEMPBASE {}",
    [0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

);


1;  # insure a defined return



debip124:/# cat /etc/clamav/clamd.conf (extrait)
Attention: ne pas oublier d'ajouter l'utilisateur clamav dans le groupe amavis puis redémarrer clamav-daemon, amavis

.....
User clamav
AllowSupplementaryGroups true
......



tail -f /var/log/mail.log



Envoi d'un mail propre depuis une autre machine:

Jul  6 19:48:21 debip124 postfix/smtpd[24173]: connect from srvweb.net.caen[192.168.0.23]
Jul  6 19:48:21 debip124 postfix/smtpd[24173]: 717782EB91: client=srvweb.net.caen[192.168.0.23]
Jul  6 19:48:21 debip124 postfix/cleanup[24177]: 717782EB91: message-id=<20080706175134.7001.qmail@pmenier.dynalias.net>
Jul  6 19:48:21 debip124 postfix/qmgr[17576]: 717782EB91: from=<root@pmenier.dynalias.net>, size=1110, nrcpt=1 (queue active)
Jul  6 19:48:21 debip124 postfix/smtpd[24173]: disconnect from srvweb.net.caen[192.168.0.23]
Jul  6 19:48:26 debip124 postfix/smtpd[24181]: connect from localhost[127.0.0.1]
Jul  6 19:48:26 debip124 postfix/smtpd[24181]: A2F522EB97: client=localhost[127.0.0.1]
Jul  6 19:48:26 debip124 postfix/cleanup[24177]: A2F522EB97: message-id=<20080706175134.7001.qmail@pmenier.dynalias.net>
Jul  6 19:48:26 debip124 postfix/qmgr[17576]: A2F522EB97: from=<root@pmenier.dynalias.net>, size=1560, nrcpt=1 (queue active)
Jul  6 19:48:26 debip124 postfix/smtpd[24181]: disconnect from localhost[127.0.0.1]
Jul  6 19:48:26 debip124 amavis[23377]: (23377-03) Passed CLEAN, [192.168.0.23] <root@pmenier.dynalias.net> -> <pme@wanadoo.home>, Message-ID: <20080706175134.7001.qmail@pmenier.dynalias.net>, mail_id: Zp5-PDFNDCEO, Hits: 0.264, queued_as: A2F522EB97, 5212 ms
Jul  6 19:48:26 debip124 postfix/lmtp[24178]: 717782EB91: to=<pme@wanadoo.home>, relay=127.0.0.1[127.0.0.1]:10024, delay=5.3, delays=0.04/0.01/0.12/5.1, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=23377-03, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as A2F522EB97)
Jul  6 19:48:26 debip124 postfix/qmgr[17576]: 717782EB91: removed
Jul  6 19:48:26 debip124 postfix/local[24182]: A2F522EB97: to=<pme@wanadoo.home>, relay=local, delay=0.12, delays=0.08/0.04/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
Jul  6 19:48:26 debip124 postfix/qmgr[17576]: A2F522EB97: removed

Envoi d'un spam depuis une autre machine:

Jul  6 19:49:49 debip124 postfix/smtpd[24173]: connect from srvweb.net.caen[192.168.0.23]
Jul  6 19:49:49 debip124 postfix/smtpd[24173]: A0B742EB91: client=srvweb.net.caen[192.168.0.23]
Jul  6 19:49:49 debip124 postfix/cleanup[24177]: A0B742EB91: message-id=<20080706175302.7083.qmail@pmenier.dynalias.net>
Jul  6 19:49:49 debip124 postfix/qmgr[17576]: A0B742EB91: from=<root@pmenier.dynalias.net>, size=1241, nrcpt=1 (queue active)
Jul  6 19:49:49 debip124 postfix/smtpd[24173]: disconnect from srvweb.net.caen[192.168.0.23]
Jul  6 19:49:53 debip124 amavis[23378]: (23378-03) Blocked SPAM, [192.168.0.23] <root@pmenier.dynalias.net> -> <pme@wanadoo.home>, quarantine: spam-kLPtLnKa5QOQ.gz, Message-ID: <20080706175302.7083.qmail@pmenier.dynalias.net>, mail_id: kLPtLnKa5QOQ, Hits: 1001.994, 3712 ms
Jul  6 19:49:53 debip124 postfix/lmtp[24178]: A0B742EB91: to=<pme@wanadoo.home>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.8, delays=0.08/0/0.07/3.7, dsn=2.5.0, status=sent (250 2.5.0 Ok <pme@wanadoo.home>, DSN suppressed (554 5.7.1 Rejected, id=23378-03 - SPAM))
Jul  6 19:49:53 debip124 postfix/qmgr[17576]: A0B742EB91: removed


Envoi d'un virus depuis une autre machine:

Jul  6 19:50:39 debip124 postfix/smtpd[24173]: connect from srvweb.net.caen[192.168.0.23]
Jul  6 19:50:39 debip124 postfix/smtpd[24173]: D2ACA2EB91: client=srvweb.net.caen[192.168.0.23]
Jul  6 19:50:39 debip124 postfix/cleanup[24177]: D2ACA2EB91: message-id=<20080706175352.7090.qmail@pmenier.dynalias.net>
Jul  6 19:50:39 debip124 postfix/qmgr[17576]: D2ACA2EB91: from=<root@pmenier.dynalias.net>, size=486, nrcpt=1 (queue active)
Jul  6 19:50:39 debip124 postfix/smtpd[24173]: disconnect from srvweb.net.caen[192.168.0.23]
Jul  6 19:50:40 debip124 postfix/smtpd[24187]: connect from localhost[127.0.0.1]
Jul  6 19:50:40 debip124 postfix/smtpd[24187]: 1289B2EB97: client=localhost[127.0.0.1]
Jul  6 19:50:40 debip124 postfix/cleanup[24177]: 1289B2EB97: message-id=<VAISEqpitzBvAO@debip124.wanadoo.home>
Jul  6 19:50:40 debip124 postfix/qmgr[17576]: 1289B2EB97: from=<>, size=2115, nrcpt=1 (queue active)
Jul  6 19:50:40 debip124 postfix/smtpd[24187]: disconnect from localhost[127.0.0.1]
Jul  6 19:50:40 debip124 amavis[23377]: (23377-04) Blocked INFECTED (Eicar-Test-Signature), [192.168.0.23] <root@pmenier.dynalias.net> -> <pme@wanadoo.home>, quarantine: virus-ISEqpitzBvAO, Message-ID: <20080706175352.7090.qmail@pmenier.dynalias.net>, mail_id: ISEqpitzBvAO, Hits: -, 272 ms
Jul  6 19:50:40 debip124 postfix/lmtp[24178]: D2ACA2EB91: to=<pme@wanadoo.home>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.3, delays=0.02/0/0.01/0.27, dsn=2.7.1, status=sent (254 2.7.1 Ok, discarded, id=23377-04 - VIRUS: Eicar-Test-Signature)
Jul  6 19:50:40 debip124 postfix/qmgr[17576]: D2ACA2EB91: removed
Jul  6 19:50:40 debip124 postfix/local[24188]: 1289B2EB97: to=<root@wanadoo.home>, orig_to=<postmaster@wanadoo.home>, relay=local, delay=0.1, delays=0.06/0.03/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
Jul  6 19:50:40 debip124 postfix/qmgr[17576]: 1289B2EB97: removed