Sophos AV with Amavis and Postfix


Today i will show you how to install Sophos AV with Postfix. I assume that Postfix is ​​already configured.

Installation AMaViS

First of all we will install AMaViS.


apt-get install amavis

Installation Sophos AV on Linux

  1. We will download the installer on the website of Sophos first
  2. In the next step we need to copy the installer to our server
    scp <path-to.tgz> <user>@<server>:
  3. Connect to the server and change to the root user
    ssh <user>@<
    server>server# sudo su -
  4. With the tar comment we uncompress the installer in /tmp
    server# cd /tmp
    server# tar -xvfz <path-to>.tgz
  5. Now we start the installation
    server# cd /tmp/sophos-av
    server# ./
  6. Press <enter> and <space> to scroll through the terms and conditions. Press ‘Y’ to confirm.
  7. Install Sophos AV in the default location
    Where do you want to install Sophos Anti-Virus? [/opt/sophos-av]
  8. On the next step we will choose the running mode.
    On-Access: Scan runs in daemon mode. This mode needs more memory but scanning files faster.
    OnDemand: It use Sophos AV only when the file pushed to the scanner.
    I have choosen on-demand.
    Do you want to enable on-access scanning? Yes(Y)/No(N) [Y] n
  9. Select the update server
    Which type of auto-updating do you want? From Sophos(s)/From own server(o)/None(n) [s]
  10. Choose ‘f’ for the free sophos version (without support)
    Do you wish to install the Free (f) or Supported (s) version of SAV for Linux? [s] f
  11. If you are using an proxy server enter this in the next step.
    Do you need a proxy to access Sophos updates? Yes(Y)/No(N) [N]
  12. Now the installation is finished.

Connect postfix and AMaViS

  1. Edit postfix
    vi /etc/postfix/
  2. Add the content filter
    content_filter = smtp-amavis:[]:10024
  3. For Postfix to receive the mail from AMaViS again, two services must be defined in
    vi /etc/postfix/

    smtp-amavis  unix    -    -    n    -    2    smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes inet    n    -    n    -    -    smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o receive_override_options=no_header_body_checks

Connect AMaViS with Sophos

  1. In the AMaViS configuration we will configure the scanner
    vi /etc/amavis/conf.d/15-av_scanners
  2. Search for parameter av_scanners_backup
  3. In the array you will find Sophos Anti Virus (sweep)
  4. Comment the entry with #
  5. Copy the entry
  6. Paste the entry in the av_scanners parameter
  7. Uncomment the lines here
  8. Now AMaViS is connected with Sophos AV

Activate AV-Scans in AMaViS

  1. AMaViS needs to configure for virus scans
  2. So we will edit the file /etc/amavis/conf.d/15-content_filter_mode and uncomment the following files
    -#@bypass_virus_checks_maps = (
    -#   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
    +@bypass_virus_checks_maps = (
    +   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);

Restart services

systemctl restart postfix
systemctl restart amavis
Thats me

Leave a Reply

Your e-mail address will not be published. Required fields are marked *