Most of the config settings for [[Spamassassin]] and [[ClamAV]] are ignored when you use Amavis, but it shouldn’t leave any cruft behind either…


Install amavisd-new

apt-get install amavisd-new

Add the clamav user to the amavis group, and restart both amavis and clamav:

adduser clamav amavis
/etc/init.d/amavis restart
/etc/init.d/clamav-daemon restart



use strict;

# Place your configuration directives here.  They will override those in
# earlier files.
# See /usr/share/doc/amavisd-new/ for documentation and examples of
# the directives you can use in this file

$sa_tag_level_deflt = undef;

@lookup_sql_dsn = ( ['DBI:mysql:database=postfix;host=;port=3306', 'postfix', 'password'] );
$sql_select_policy = 'SELECT * FROM postfix_transport WHERE CONCAT("@", domain) IN (%k)';
$sql_select_white_black_list = undef;

$final_virus_destiny      = D_PASS;
$final_banned_destiny     = D_PASS;
$final_spam_destiny       = D_PASS;
$final_bad_header_destiny = D_PASS;

$sa_spam_report_header = 1;

#------------ Do not modify anything below this line -------------
1;  # ensure a defined return

The first line makes Amavis include the SpamAssassin status headers for all mail. The next three lines handle looking up the list of domains the server handles mail for - the first defines the database connection while the second modifies the DB query that Amavis performs. The third line of the group stops Amavis using the DB to store white/blacklist data.

The next four lines make Amavis pass mail through whatever happens, whether it is marked as containing viruses, spam, banned things (?) or bad headers (?).

Last line makes SpamAssassin include the X-Spam-Report header.


content_filter = amavis:[]:10024
receive_override_options = no_address_mappings


amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_bind_address=


Make sure the two lines are uncommented:

@bypass_virus_checks_maps = (...);
@bypass_spam_checks_maps = (...);

Then restart Postfix again.


The virus scanning part adds a different header to messages. If a message has a detected virus, it’ll have X-Amavis-Alert: INFECTED.

The redundant xfilter line should be removed/commented out and the header test changed appropriately:

if (/^X-Amavis-Alert: INFECTED/)



If a message contains the following, SA should give it a high enough score for the message to be flagged as spam:



To test, any message containing the string


should be flagged as a virus.