Integrating Postfix with Spam Filter (Amavis + SpamAssassin + ClamAV) on Ubuntu 22.04

Introduction

In production, a mail server must filter spam emails and viruses.
If you only install Postfix + Dovecot, the system will work, but users will quickly be flooded with spam and malicious attachments.
To solve this, we integrate Amavis, SpamAssassin, and ClamAV with Postfix on Ubuntu 22.04.

  • Amavis: Works as a filter between Postfix and spam/virus scanners.
  • SpamAssassin: Detects spam mails using rules and scoring.
  • ClamAV: Scans attachments for viruses and malware.

When combined, these tools make a strong security layer for a production mail server.

Step 1: Install Required Packages

sudo apt update
sudo apt install -y amavisd-new spamassassin clamav clamav-daemon

Step 2: Enable SpamAssassin

Edit the SpamAssassin default file:

sudo nano /etc/default/spamassassin

Set the following:

ENABLED=1
OPTIONS="--create-prefs --max-children 5 --helper-home-dir"
CRON=1

Start and enable:

sudo systemctl enable spamassassin
sudo systemctl start spamassassin

Step 3: Enable ClamAV

Update virus database:

sudo freshclam

Enable and start ClamAV service:

sudo systemctl enable clamav-daemon
sudo systemctl start clamav-daemon

Step 4: Configure Amavis

Amavis acts as a policy filter for Postfix. Edit Postfix master configuration:

sudo nano /etc/postfix/master.cf

Add these lines at the end:

smtp-amavis unix -  -    -    -   2  smtp
  -o smtp_data_done_timeout=1200
  -o smtp_send_xforward_command=yes
  -o disable_dns_lookups=yes
  -o max_use=20

127.0.0.1:10025 inet n  -    -    -   -  smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_delay_reject=no
  -o smtpd_client_restrictions=permit_mynetworks,reject
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8
  -o strict_rfc821_envelopes=yes
  -o receive_override_options=no_header_body_checks
  -o smtpd_bind_address=127.0.0.1

Step 5: Configure Postfix Main.cf

Edit /etc/postfix/main.cf:

content_filter = smtp-amavis:[127.0.0.1]:10024

Step 6: Enable Amavis Services

Start and enable Amavis:

sudo systemctl enable amavis
sudo systemctl start amavis

Step 7: Restart All Services

sudo systemctl restart postfix
sudo systemctl restart amavis
sudo systemctl restart spamassassin
sudo systemctl restart clamav-daemon

Step 8: Testing the Setup

To test spam filtering, send an email containing the string:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

This is a test spam signature for SpamAssassin. The mail should be marked as spam.

To test ClamAV, download the EICAR test file:

wget https://secure.eicar.org/eicar.com.txt

Send it as an attachment. ClamAV should detect and block it.

Best Practices for Production

  • Always keep ClamAV virus database updated (freshclam runs automatically).
  • Regularly update SpamAssassin rules for better detection.
  • Monitor mail logs (/var/log/mail.log) and Amavis logs (/var/log/mail.log or /var/log/amavis.log).
  • Enable greylisting and RBLs (Realtime Blackhole Lists) in Postfix for extra spam protection.
  • Do not overload server – tune max-children values based on available CPU/RAM.

Conclusion

By integrating Postfix with Amavis + SpamAssassin + ClamAV, we created a strong spam and virus filtering system.
This is how production mail servers are secured in the real world.
Now, your Ubuntu 22.04 mail server is ready to handle spam safely and deliver clean emails to users.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Trends

Prometheus and Grafana Interview Questions and Answers
Force Linux User to Change Password at First Login and Periodically on Rocky Linux/RHEL-8
Create Bulk Zimbra Users Using Shell Script
Setup NFS Server and Client in Rocky Linux 8