How To - Cyberpanel - Clamav - Amavisd - Postfix

This howto will assume that you have already installed successfully spamassassin in Cyberpanel

Check the spamd user is present if not we are going to add it.

useradd spamd

Install Clamav as a daemon for better performance

yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

Now install amavisd

yum install amavisd-new

Clamav uses unrar to unpack any attachments so install this also

yum install unrar

Now we have everything installed let's get some fresh virus databases

sed -i -e 's/^Example/#Example/' /etc/freshclam.conf
freshclam -v

Next, let's enable Clam.d by editing the scan.conf file

nano /etc/clam.d/scan.conf

Change the following values. Uncomment any if required.

# Example
LogFile /var/log/clamd.scan
LogTime yes
LogSyslog yes
LogFacility LOG_MAIL
PidFile /var/run/clamd.scan/
LocalSocket /var/run/clamd.scan/clamd.sock

Create the log file

touch /var/log/clamd.scan
chown :clamscan /var/log/clamd.scan
chmod 0660 /var/log/clamd.scan

Now we are ready so let's start the clamd service
systemctl enable cla[email protected]
systemctl start [email protected]
systemctl status [email protected]

Now, setup amavisd

nano /etc/amavisd/amavisd.conf

Change the values to your hostname and main domain name

$mydomain = ‘’; # a convenient default for other settings
$myhostname = '’; # must be a fully-qualified domain name and same as reverse DNS lookup

Take a copy of your postfix configuration files

cp /etc/postfix/ /etc/postfix/
cp /etc/postfix/ /etc/postfix/

Edit the postfix

nano /etc/postfix/

add to the bottom

content_filter = smtp-amavis:

Edit the postfix

nano /etc/postfix/

and add to the bottom

# spam/virus section
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000

Now everything is set let's get ready to rumble.

systemctl start amavisd
systemctl restart postfix

Now check everything is running as it should

tail -f /var/log/maillog

Send a test email from a gmail or outside account to an email address on your Cyberpanel server

Once received check the message header/source for the following

X-Virus-Scanned: amavisd-new at

Now send another with the following to check that any virus is automagically removed

In the body use the following


The taillog output will show a result Blocked INFECTED. Your virus scanning has successfully picked up the Eicar virus test string and removed the email.

That is all you now have virus scanning on your Cyberpanel server
Cyberpanel Managed & Unmanaged Shared & VPS Hosting by Cyberpanel Experts.


  • content_filter = smtp-amavis:

    This part didnt work for me i had to rename to below to work.

    content_filter = amavis:
  • In or

    I believe if you have smtp-amavis in then you need to match the same in

    Cyberpanel Managed & Unmanaged Shared & VPS Hosting by Cyberpanel Experts.
  • Something that people may wish to consider is that Amavisd by default is set to D_DISCARD for both virus and spam flagged emails. Now if you are concerned that some email may not be spam then you need to change the line

    $final_spam_destiny = D_DISCARD; #!!! D_DISCARD / D_REJECT


    $final_spam_destiny = D_PASS; #!!! D_DISCARD / D_REJECT
    Cyberpanel Managed & Unmanaged Shared & VPS Hosting by Cyberpanel Experts.
  • edited September 2019
    Here is another update to my tutorial.

    I had noticed that this during my testing would remove headers from the emails which were previously present when just using spamassassin on its own.

    Depending on your requirements if you still require headers such as X-Spam-Flag then add the following to your amavisd.conf file in /etc/amavisd before the final line at the bottom

    @lookup_sql_dsn = (
    ['DBI:mysql:database=cyberpanel;host=;port=3306', 'cyberpanel', '***DATABASEPASSWORD***'],
    $sql_select_policy = 'SELECT domain FROM e_domains WHERE CONCAT("@",domain) IN (%k)';

    Also change the following setting;

    $sa_tag_level_deflt =

    and change the value to -999

    This will then add


    Useful for if you are using dovecot-pigeonhole and filtering rules to catch spam.
    Cyberpanel Managed & Unmanaged Shared & VPS Hosting by Cyberpanel Experts.
  • Thank you for this guide with so much in-depth instruction. Between my main career in clinical predictive analytics in Microsoft-land (my area of expertise), I have had very little time until lately to dive deeper in the world of Linux in my downtime as my hobby. This is really good stuff!
  • You will now find that the clamd packages listed some are no longer required/provided but will not cause an issue.
    Cyberpanel Managed & Unmanaged Shared & VPS Hosting by Cyberpanel Experts.
  • Please note if you wish to use the mailscanner option now available in Cyberpanel 2.0.1 you will need to do the complete reverse of this including uninstall of all the clamav packages.
    Cyberpanel Managed & Unmanaged Shared & VPS Hosting by Cyberpanel Experts.
Sign In or Register to comment.
CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!