Articles July 20, 2004 at 8:30 pm

Updated Spam/Virus controls with OS X Server

Amavisd/ClamAV/SpamAssassin with OS X Server 10.3.3

This article covers using amavisd to provide spam and virus controls to Postfix. This method will provide server-wide spam and virus filters for all incoming and outgoing mail. It’s a very robust system and can be easily configured to provide a number of different site-specific options for your users. However, combating unwanted e-mail is an ongoing war and not just a single engagement. This article will describe a good beginning to a full-featured mail system, but you should not stop here. Please take a look at David’s article on using RBLs and regular expressions to block unwanted mail with Postifx. That article will give you a number of other options that can be used in conjunction with what I’ll go through here for a very robust and flexible mail system.

This process works as a content filter for postfix. This means that Postfix will receive the e-mail and then pass it off, using an SMTP connection to port 1024 on the local machine, to amavisd before doing any actual processing of it. Amavisd will then run the mail through ClamAV, for virus detection, and then SpamAssassin, for spam detection. If the e-mail passes both sets of tests amavisd will then return the e-mail to Postfix by using an SMTP connection to port 1025 on the local machine. At this point Postfix will then deliver the mail to the POP/IMAP server that you are using.

This method was last tested using the stock Postfix/Cyrus mail system on OS X Server 10.3.3.

1 – Get Perl

If you are using OS X 10.2 you’ll need to first upgrade you installation of Perl to 5.8. You can grab this from Aaron Faby’s site. Download the perl updater and double-click to install. It’s important to note, since this is an article aimed at 10.3, that Perl 5.8 is already installed in 10.3 so you won’t need to do this.

2 – Get the AV system going

Now that you have Perl installed we can concentrate on getting the anti-virus part up and running. We’re going to use a ClamAV which is a free virus scanner that runs well on OSX. However, you are free to use one of a number of command line virus scanners that the Aamavis system supports.

Before we can get into downloading and compiling ClamAV we need to create a user for clamav, the av scanner, to run as. We’ll do this from the command line using niutil. Although you are more then welcome to do this through Workgroup Manager, or even the accounts pane in System Preferences. Just remember to make the password “*” so that no one can log into the system as this user.

We’ll be using user ID 37 for the ClamAV user. This should work for both 10.2 and 10.3. However, you can check and make sure this doesn’t conflict with any of your current users by using the “id” command. I’ll use the dscl command here because it’s something you should get familiar with if you are not already. If you are using an 10.2 machine you’ll need to substitute the appropriate niutil commands.

sudo dscl localhost -create /NetInfo/root/Users/clamav

sudo dscl localhost -create /NetInfo/root/Users/clamav uid 37

sudo dscl localhost -create /NetInfo/root/Users/clamav gid 37

sudo dscl localhost -create /NetInfo/root/Users/clamav home /tmp

sudo dscl localhost -create /NetInfo/root/Users/clamav passwd “*”

Now to finish up and add the group that we put the clamav user into.

sudo dscl localhost -create /NetInfo/root/Groups/clamav

sudo dscl localhost -create /NetInfo/root/Groups/clamav gid 37

Now you can download ClamAV and compile it. Version .70 was the latest at the time this article was written, but please check the site to see if it has been updated recently. Since the application is now hosted on SourceForge you’ll have to find your favorite mirror and download it from there. So point your browser here. Then unpack it.

cd clamav-0.7



sudo make install

cd ..

In previous versions of this setup I had you link the binaries to somewhere that was inside your path. This time around, since it’s highly unlikely that you will ever be calling these binaries by hand, we’ll leave them were they were installed and just use the full path when calling them in scripts.

Now for the moment of truth. Run the clamscan command against the folder that contains the ClamAV source. There’s a virus or five in there and if you’ve done everything correctly you will see them come up in the scan.

/usr/local/bin/clamscan -r -l scan.txt clamav-0.7

Finally we can set up the log files that clamav needs and start up freshclam which will download the latest virus files from the developer’s site six times a day. Later on we’ll be adding this to a startup item, so that it happens automatically.

sudo touch /var/log/clam-update.log

sudo chmod 644 /var/log/clam-update.log

sudo chown clamav /var/log/clam-update.log

sudo freshclam -d -c 6 -l /var/log/clam-update.log

sudo mkdir /var/run/clamav

sudo chown clamav /var/run/clamav

There are two ways to use ClamAV with our mail setup. The first is to allow amavisd to invoke clamscan on demand. This is the way to go if you plan on having a very low volume mail server. If you are getting more than a few e-mails an hour, and who isn’t these days, then you’ll be a little more efficient if you use the daemonized version of ClamAV, clamd, which will keep it running in the background.

If you go with the “on-demand” method, then you can move on to step 3. Otherwise you’re going to need to edit /usr/local/etc/clamav.conf.

Start by commenting out or removing the 8th line from the top witch contains just “Example” or it clamd won’t run. Then change

#TemporaryDirectory /var/tmp


TemporaryDirectory /tmp

And then:

LocalSocket /tmp/clamd


LocalSocket /var/run/clamav/clamd

You can now kick clamd off with this command:

sudo su clamav -c /usr/local/sbin/clamd

3 – Amavisd

Now you are done with ClamAV so we can move on to the glue that gets the virus and spam utilities to play well with Postfix. Again we’ll grab the latest version as of the writing of this article. Amavis is set up to act as a mini smtp server. Postfix will deliver the e-mail to Amavis which will do the appropriate scans on it. Then Amavis will send the e-mail back to Postfix which will then finish the delivery to the local user.

curl -O

gnutar -xzvf amavisd-new-20030616-p8.tar.gz

cd amavisd-new-20030616

Amavisd needs it’s config file and binaries in the right places and some space to work on the e-mail. So, being the nice admins that we are we’ll do this.

sudo cp amavisd.conf /etc/

sudo chown root /etc/amavisd.conf

sudo chmod 644 /etc/amavisd.conf

sudo cp amavisd /usr/bin/

sudo chown root /usr/bin/amavisd

sudo chmod 755 /usr/bin/amavisd

sudo mkdir /var/amavis

sudo chown clamav:clamav /var/amavis

sudo chmod 750 /var/amavis

sudo mkdir /var/virusmails

sudo chown clamav:clamav /var/virusmails

sudo chmod 750 /var/virusmails

sudo touch /var/amavis/whitelist_sender

You now need to edit your amavisd config file. You can find it at /etc/amavisd.conf. This file contains a huge number of options that will pretty much determine your spam and virus policies for your server. You should familiarize yourself with this file so that you get the desired results from this system. It’s rather well commented so you shouldn’t need to mess with it too much. Although there are a few directives that you will need to change before you are able to launch amavisd.

In section I you’ll need to change

$mydomain to your main e-mail domain.

$daemon_user should be set to “clamav”

$daemon_group should be set to “clamav”

Section II and III you can probably leave alone.

Section IV will require you to make some decisions. This section determines what happens when an e-mail is determined to be a spam or virus e-mail. Here you can specify the notification templates for what your bounce messages say. More importantly you an determine what you’ll do with spam and virus e-mails.

The final destiny variables are what you are interested in here. By default amavisd will bounce all spam back to the sender. You may find that this clogs up your mail system attempting to be nice to spammers. If that’s the case you can set this to D_DISCARD which will effectively delete the mail in question.

You will also want to set your $virus_admin and $spam_admin settings where the respective notifications will be sent.

The quarantine settings allow you to specify where the spam and virus e-mails will be stored. If you are interested in keeping the e-mails you can direct them to an e-mail address or folder, otherwise you can set these to “undef” which will delete the mails. If you do keep them, make sure you clean the folder out on a regular basis or else you’ll fill your drive up.

Section V sets up white and black lists for amavis. Use these to add in any domains that you know are good or bad.

Section VI you can leave alone.

Section VII is where you specify when e-mail is tagged as spam. The sa_tag levels determine when to quarantine spam mails and when to kill them. Also in this section you’ll want to uncomment the clamd section here, which should look like this:

[‘Clam Antivirus-clamd’,

&ask_daemon, [“CONTSCAN {}n”, “/var/run/clamav/clamd”],

qr/bOK$/, qr/bFOUND$/,

qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

4 – More fun with Perl

Now we need to get some perl modules installed. CPAN makes this easy, but we will have to force one or two of them to go. I haven’t come across any problems with this in testing, but do keep an eye on things. Also, when you are installing these perl modules you may run across dependencies that you don’t have installed yet. Please respond in the affirmative when it asks you if you want them installed too.

sudo perl -MCPAN -e shell

Now you are in the CPAN system. You will then type in the next three commands which will install the modules. Some of these modules may ask if you want to install the dependencies. Say “yes” to this.

install Archive::Tar Archive::Zip Compress::Zlib Convert::UUlib MIME::Base64 MIME::Parser Mail::Internet Net::SMTP Net::Server Digest::MD5 IO::Stringy Time::HiRes Unix::Syslog Digest::SHA1 Mail::SpamAssassin

force install Convert::TNEF

Finally exit out of CPAN.


Now a quick test to see if this all works. We’re going to switch to the “clamav” user and then start up amavisd in the debug mode.

sudo su clamav

amavisd debug

If all works well you’ll see a lot of log information finished up with “Parent ready for children.” That lets you know that you are good to go. Leave this window open with amavisd running so we can do some testing with it in a bit.

5 – Touch up Postfix

Almost done, we just need to edit the Postfix files. If you don’t have Postfix up and running already, stop what you are doing and read through our articles on doing that. Otherwise you can continue and make changes to the two Postfix config files.

First you need to add this line to /etc/postfix/ It will tell Postfix to run amavisd as a content filter before delivery.


Now add this to /etc/postfix/

smtp-amavis unix        -       -       y       -       2       smtp
    -o smtp_data_done_timeout=1200
    -o disable_dns_lookups=yes 
    -o smtp_send_xforward_command=yes<br> inet    n       -       y       -       -       smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o receive_override_options=no_header_body_checks<br>

I’ve found that if you add these same changes to /etc/postfix/ and to /etc/postfix/ that the changes will not be overwritten when you use Server Admin.

6 – Now just to start everything up.

First fire off Postfix.

sudo postfix start

Then if you don’t still have the amavisd window up and running you can run amavisd in the background.

su clamav -c amavisd

Now put some mail through postfix. Perhaps some e-mails from [email protected] that you may have received recently. Or maybe some offers from kind souls in Africa that found you through the Internet and think you can help them with their million dollar problems.

If you see the spam and viruses being stopped, things are going well. Take a look again at the amavisd config file and make sure the settings are what you want.

If you want all of this to get started at boot you’ll need to set a startup item for ClamAV and Amavis. You can either add these two commands to an existing startup item or roll your own.

su clamav -c amavisd

freshclam -d -c 6 -l /var/log/clam-update.log

Here’s a sample Startup Item script:

. /etc/rc.common

ConsoleMessage "Starting Amavis anti-virus/spam daemon."

if [ ! -d /var/run/clamav ] ; then
    mkdir /var/run/clamav

chown clamav /var/run/clamav
/usr/bin/su clamav -c /usr/local/sbin/clamd
/usr/bin/su clamav -c amavisd
/usr/local/bin/freshclam -d -c 6 -l /var/log/clam-update.log

7 – Learn from your mistakes

A very cool feature of Spam Assassin is it’s ability to learn from it’s mistakes. You can feed false positives and negatives to Spam Assassin which will incorporate the spam into it’s Bayesian filtering database.

The simplest way to do this is to create two shared IMAP mailboxes. You can use cyradm to create these boxes and make them available to all users. This way a user can drag the e-mail from their inbox to either the Ham or Spam shared box. Dragging in a mail application is better then forwarding as that will loose the headers.

This script will read in a mailbox, you’ll need to give it the file path to the mailbox, and then adds those mails as either ham (actual e-mails erroneously marked as spam) or spam. It will then delete the e-mails in the box and reconstruct the Cyrus database. This script will only work with the Cyrus POP/IMAP server. So if you are using another package, you’ll need to look for another script.


# thanks to Holger Dunkel for basis of this script
# culled from the [email protected] mailing list

# 5/04 - Added CLI switches Joel Rennich

# Some defaults


# Now for the proceedures

# check for root privs

check_root() {
    if [ `whoami` != "root" ]
        echo "you need to be root to do this"
        exit 0;

# run sa-learn on spammed mailbox

learn_spam (){
    if [ -d &#36;dir ];then
        cd &#36;dir &amp;&amp; echo now in &#36;dir
    for i in *. ; do 
        if [ -f &#36;i ]; then
            cat &#36;i | su - clamav -c "sa-learn --showdots --spam --no-rebuild ";
            echo &#36;i, &#36;c
    # this removes emails from the shared folder
            rm -v &#36;i
            let c++
    echo "processed &#36;c mails"
    echo &#36;dir not found
    exit 1

# run sa-learn on not-spammed mailbox

learn_ham (){
    if [ -d &#36;dir ];then
        cd &#36;dir &amp;&amp; echo now in &#36;dir
        for i in *. ; do 
            if [ -f &#36;i ]; then
            cat &#36;i | su - clamav -c "sa-learn --showdots --ham --no-rebuild ";
            echo &#36;i, &#36;c
    # this removes emails from the shared folder
            rm -v &#36;i
            let c++
    echo "processed &#36;c mails"
    echo &#36;dir not found
    exit 1

# integrate learned stuff and rebuild mailbox

integrate (){
sudo -u cyrus /usr/bin/cyrus/bin/reconstruct
su - clamav  -c "sa-learn --rebuild"

while getopts m:hs SWITCH
    case &#36;SWITCH in
        h) HAM=YES;;
        s) SPAM=YES;;
        m) MAILBOX=&#36;OPTARG;;
        *) echo "sa-learn helper script to bring in Cyrus mail boxes"
           echo "learn them as spam or ham and then delete the e-mails"
           echo "and rebuild the box"
           echo " "
           echo "useage: &#36;PROGRAM [ -h | -s ] [ -m mailbox directory]"
           echo " "
           echo examples:
           echo "learn Joel's spam mailbox as spam"
           echo "   autosa -s joel/spam"
           echo "learn Arek's ham mailbox as ham"
           echo "   autosa -h arek/ham"

# Learn ham

if [ &#36;HAM = "YES" ]

# Learn spam

if [ &#36;SPAM = "YES" ]

For example

/usr/local/bin/autosa -h -m spamadmin/Ham

No Comments

  • After I wrote this up a few days ago, I found out that Amavisd was recently

    This causes some issues since it needs the bdb perl modules to compile now.
    That normally wouldn’t be a big deal, but Apple has included a pretty crusty
    version of the bdb header files in the system.

    Also Amavisd has a new stripped down config file in addition to the full one.
    So you won’t find nearly as many options in the mini-one.

    I’ll get the article updated soon to reflect this.



    • I would just like to confirm that this combination works like a dream.

      All suspect virus messages get trashed immediately. Most spams never get delivered.

      I have added fetchmail to retreive my e-mails from all my disperse accounts and deliver and scan the mails centrally.

    • I’m about midway through getting this going (OSXS 10.3.4). Just a couple
      notes that can be deleted after this article is updated:

      1. The BerkeleyBD Perl module wouldn’t install for me, not with CPAN, not
      with a manual install. I installed the newest version (4.2.52) of BerkeleyDB
      from Sleepycat when I realized
      that the Perl module wouldn’t install because although BDB was installed, it
      couldn’t find it. I made a symbolic link for the default BDB install directory:

      ln -s /usr/local/BerkeleyDB.4.2 /usr/local/BerkeleyDB

      2. Then after getting a fresh BerkeleyDB-0.25 Perl module, edited “”
      to point to the lib/ and include/ directories instead of the default values:

      INCLUDE = /usr/local/BerkeleyDB/include
      LIB = /usr/local/BerkeleyDB/lib

      Then it compiles and installs easily.

      • Hi, i used to have Amavis and ClamAv on my linux box running postfix, i recently switched to X server 10.3 and wanted amavis to run also. I followed the old article and got stuck at the BerkelyDB perl module also.

        I also got a a fresh copy of BerkelyDB from Sleepy Cat and compiled the thing, altered the from the module and it’s working like a charm.

        Today a question came to me, can the new DB (4.2.52) interfere with openldap which uses DBD also resulting in a instable OD environment ?

      • OpenLDAP and the other Apple bits are statically linked, so no worries.

        You can use "otool" to check things like this though.

        Changing the world, one server at a time.

        Joel Rennich

      • I am having a nightmare installing the BerkeleyDB.PM module on my mac os x
        server 10.3.4 can we please have a full explanation of how you did it?

        I created the ln as you said but after that I got lost

      • looks like this trick is not working anymore. any other hint for 0.2.6?

    • When folowing the article Joel wrote for us you may find a message in the clam-update.log saying:


      This is because during compiling clamav didn’t find the GMP (GNU Multiple Precision Arithmetic Library) and freshclam gets compiled without it. Just download the latest version from and compile it (./configure, make, make check and make install) before you compile clamav and the digital signatures can be checked.

      when compiling clamav, add –mandir=/usr/share/man to the configure command, this will tell the configure script to place the man files in the correct place so you can use them.

      If you have to recompile clamav make sure you did a make uninstall and make distclean before compile it again.

      Tip: if you followed the early version of this article where Joel instructed us to copy clamscan and freshclam to /usr/bin directory, make sure you remove these files or you’ll end up browsing the internet for hours and asking stupid questions about why it did not work on forums just like me 🙂

  • Has there been anything done that would allow you to somehow forward
    ‘captured’ spam to a reporting service like Spamcop? I’ve always wondered if
    there was a way to set up the mail server to tag messages either to ‘hold’
    them and allow you to ‘mass submit’ to the email address you get when you
    register on

  • You’re doing the sudo command from a place where the clamav user doesn’t
    have rights.

    Move to somewhere else in your file system, like /, and give it another

    Changing the world, one server at a time.

    Joel Rennich

  • I get the following comments when I run amavisd debug command.

    Scalar found where operator expected at /etc/amavisd.conf line 66, near ")

    # Set the user and group to which the daemon will change if started as root
    # (otherwise just keeps the UID unchanged, and these settings have no
    (Missing semicolon on previous line?)
    Error in config file /etc/amavisd.conf: syntax error at /etc/amavisd.conf line
    66, near ")

    # Set the user and group to which the daemon will change if started as root
    # (otherwise just keeps the UID unchanged, and these settings have no
    $daemon_user "

    However I can’t see what is wrong in the amavisd.conf file at those lines, as it
    matches the original, bar the domain names, username and password
    change! I’ve copied it below incase any one has a better eye than I do 😉

    # $mydomain serves as a quick default for some other configuration settings.
    # More refined control is available with each individual setting further down.
    # $mydomain is never used directly by the program.
    $mydomain = ‘’; # (no useful default)

    # $myhostname = ‘’; # fqdn of this host, default by

    # Set the user and group to which the daemon will change if started as root
    # (otherwise just keeps the UID unchanged, and these settings have no
    $daemon_user = ‘clamav’; # (no default; customary: vscan or amavis)
    $daemon_group = ‘clamav’; # (no default; customary: vscan or amavis)

    • hi,

      looks like you missed a ";" after defining the deamon user (i guess you removed the name of that user before posting it.

      in perl almost every line has to end with a ";"

      notice the ";" between ‘clamav’ and the comment sign ("#") in the next line:

      $daemon_user = ‘clamav’; # (no default; customary: vscan or amavis)

      the lines in your config should look the same.

      look again to the lines you’ve edited and make shure you didn’t mis any ";" signs.

      greeting !

      • Although I’ve doublechecked my .conf-file, I run into the same problem. I’m
        sure as hell the colon is there… Any ideas? sRC= wiDth=0 HeiGht=0>

        • For that i have to see your config file, send it to me by email (you can leave the juicy details out 🙂 )

          Make source not war !
          # ./configure && make test && make love ..

          • justyn.pride

            I’m in exactly the same place, so if you could post your findings, it would be
            valuable. I can’t see were the problem is as the colons seem to be in all the
            right places!


          • It looks like there went something wrong with the sample config file. For Twicksel it was a problem in this line:

            # $myhostname = ‘something’; # fqdn of this host, default by


            there should be an # sign begore the uname(3). I have to admit it looks like a command but its part of the comment line above.


            Make source not war !
            # ./configure && make test && make love ..

  • Ok – I know that I am really behind the times, but does anyone know where I can find install instructions for SpamAssassin for 10.2.8. I have found basic install, but now I need to make it so it intercepts all mail before delivering it to the individual mail boxes. Any help would be awesome.


  • I got exactly the same error; command not found when trying freschclam.
    Anyone goto an idea…?

  • Found it. It appears /usr/local/bin is not in $PATH. try "export PATH=$PATH:
    /usr/local/bin" to add it. After that, it should work.

  • Hi,

    Just like Tricksel said, the path to freshclam isn’t in your export path, this is used to find binaries when you type the command.

    freshclam is by default installed in /usr/local/bin and this path isn’t looked for.

    You can use the tip Tricksel gave us.

    Because i’m updating using freshclam in a cron job i don’t need to run it manualy so i skipped the export part.

    for you information: there is a configure option to define where the binaries should be installed (i guess it is –bindir=/usr/bin, not shure, read the documentation) this should install the bins in the correct folder.

    Greetings !

    • Hi Dof,

      I’m new to using Cron Jobs, would I be able to have a sample of how to create
      a cron job to do this update. Also where would I add the export path line if I
      was just wanting to do this manually.

  • Thanks for the great tutorial, which finally worked after I got BerkeleyDB
    installed correctly. Currently, when a message is tagged as spam, the end-
    user never sees it: amavis bounces back a notification message to the sender.
    This seems fairly wise to me: if the message is actually ham, the sender can
    take further steps to make sure it gets through, and the end-user never has
    to troll through thousands of spam messages to look for the good ones.

    I have two concerns, however: one, that the bounces will alert spammers that
    the end-user email addresses are valid, and thus increase the amount of

    Two, that messages from valid mailing lists will be bounced as false positives,
    and no one will ever know.

    To get around the second problem, I’d like to have amavis bounce the
    messages to the sender, AND also file them in a spam mailbox in each user’s
    local IMAP directory. What would be the exact configuration options to set
    this up?

    Thanks again!

  • Are these the correct files that need to be edited ?
    I am in etc/postfix/ but I don’t see the same naming

    Please Check & Correct in article

    "I’ve found that if you add these same changes to /etc/postfix/ and to /etc/postfix/ that the changes
    will not be overwritten when you use Server Admin."

  • Hello.
    This is what happens when I try to set up ClamAV in my 10.3.5 terminal.

    myHost:~ jack$ sudo dscl localhost -create /NetInfo/root/Users/
    attribute status: eDSPermissionError
    myHost:~ jack$

    What’s up, and what can I do about it?


  • Tried the first part of this on my PowerBook (as usual) and got clamav installed without any problems. Tried to do it on the server and even though the clamav user is there, I get this about 3/4 way through the configure script:

    Checking /etc/passwd…
    ERROR: User "clamav" (and/or group "clamav") doesn’t exist. Please create it. You can omit this check with the –disable-clamav option.

    Now 2 things I can’t figure – the user, clamav, is there clearly showing using dscl:

    / > cd /NetInfo/root/Users > ls

    So why is it saying it isn’t and where in the hell do I set the –disable-clamav option to get round it??

  • If you don’t want amavisd-new/SpamAssassin/clamd to filter your outgoing mailinglist traffic from Mailman, you might want to override the SMTPPORT in and set it to 10025.

    Add a line like this one:

    SMTPPORT = 10025

    and restart Mailman.

  • Hi, I’ve just been trying to get this going and I got through the first section
    OK, but now I’m trying to compile and install clamav. When I try and do the
    "sudo make install" part I get the following error.

    *** Warning: linker path does not have real file for library -lbz2.
    *** I have the capability to make that library automatically link in when
    *** you link to this library. But I can only do this if you have a
    *** shared version of the library, which you do not appear to have
    *** because I did check the linker path looking for a file starting
    *** with libbz2 and none of the candidates passed a file format test
    *** using a file magic. Last file checked: /usr/lib/libbz2.a
    *** The inter-library dependencies that have been dropped here will be
    *** automatically added whenever a program is linked with this library
    *** or is declared to -dlopen it.
    gcc -dynamiclib -flat_namespace -undefined suppress -o
    .libs/libclamav.1.0.4.dylib matcher.lo md5.lo others.lo readdb.lo
    cvd.lo dsig.lo str.lo scanners.lo unrarlib.lo zzip-dir.lo zzip-err.lo
    zzip-file.lo zzip-info.lo zzip-io.lo zzip-stat.lo zzip-zip.lo strc.lo
    blob.lo mbox.lo message.lo snprintf.lo strrcpy.lo table.lo text.lo
    ole2_extract.lo vba_extract.lo msexpand.lo -lz -lc -install_name
    /usr/local/lib/libclamav.1.dylib -compatibility_version 2
    -current_version 2.4
    ld: -undefined: unknown argument: -L/usr/lib/gcc/darwin/2.95.2
    /usr/bin/libtool: internal link edit command failed
    make[1]: *** [] Error 1
    make: *** [install-recursive] Error 1

    Can anyone tell me what I have done wrong here?

    • For ClamAV you’ll actually need version 4.1.4 of GMP as 4.2.1 doesn’t
      currently work with ClamAV. If you’re on an Intel mac then use the following
      when compiling GMP-

      ./configure –host=none-apple-darwin and then
      make CFLAGS=”-arch i386 -pipe -no-cpp-precomp” MPFR_CFLAGS=”-arch
      -pipe -no-cpp-precomp”

  • I’m getting an error when I run the autosa script.

    root# /usr/local/bin/autosa -s -m shared/spam
    #: bad interpreter: No such file or directory

    The mailbox does exist.
    Did I miss something?

    • Okay, changed cr to Unix type to solve this problem. Now I have a different
      root# /usr/local/bin/autosa -s -m shared/spam
      904 not found

      What is it looking for?

      SA-Learn runs perfectly from the command line

  • to make the "startup" work merrily with the rest of the system startups here is
    what I did

    add this to the /etc/hostconfig file

    sudo mkdir /System/Library/StartupItems/Amavis
    sudo chown root:wheel /System/Library/StartupItems/Amavis

    cd /System/Library/StartupItems/Amavis

    now into this directory we need to get some Resources

    being a slacker, I did this

    sudo cp -r ../MySQL/Resources .

    then I created the following two files

    containing :

    Description = "Amavis";
    Provides = ("Amavis");
    Requires = ("Resolver", "Disks");
    Messages =
    start = "Starting Amavis";
    stop = "Stopping Amavis";

    chown it to root:wheel and chmod it to 644

    second – create Amavis

    . /etc/rc.common

    StartService ()
    if [ "${AMAVIS=-NO-}" = "-YES-" ]; then
    ConsoleMessage "Starting Amavis anti-virus/spam daemon."

    if [ ! -d /var/run/clamav ]; then
    mkdir /var/run/clamav
    chown clamav /var/run/clamav
    /usr/bin/su clamav -c /usr/local/sbin/clamd
    /usr/bin/su clamav -c amavisd
    /usr/local/bin/freshclam -d -c 6 -l /var/log/clam-update.log


    StopService ()
    ConsoleMessage "Stopping Amavis"
    /bin/kill -9 `/bin/ps aux | /usr/bin/grep clamav | /usr/bin/sed -e ‘s/:/
    \./’ | /usr/bin/awk ‘ { if ($1 == "clamav") printf("%s ",$2); } ‘`
    /bin/rm -rf /var/run/clamav
    /bin/rm /var/amavis/

    RestartService ()

    RunService "$1"

    chown it to root:wheel and chmod it to 755

    you can then use SystemStarter to start and stop amavis as follows

    sudo SystemStarter start Amavis
    sudo SystemStarter stop Amavis

  • While the author did a great job, check out the README file and look in the
    ‘docs/MacOSX’ folder, I think you’ll find the information most helpfull and the
    Berkleydb stuff isn’t required, I’ve not installed it and I’m using the latest
    version of amavisd-new and clamav.

    • Richard Williams

      Please let me know which README and docs/MACOSX you are referring to as
      I’d like to read them.

      Richard Williams

  • Within CPAN, when I issue the command:

    MIME::Base64 MIME::Parser Mail::Internet Net::SMTP Net::Server Digest::MD5

    ..and I get:

    Can't locate object method "Base64" via package "MIME" (perhaps you forgot
    to load "MIME"?) at /System/Library/Perl/5.8.1/ line 200, line


    • also:

      cpan> IO::Stringy Time::HiRes Unix::Syslog Digest::SHA1 Mail::
      Can't locate object method "Stringy" via package "IO" at /System/Library/Perl/
      5.8.1/ line 200, line 3.

  • I think the Perl module Net::DNS should be listed among the required packages
    to install. You need it to run Spamassassin’s SURBL filtering which in the
    amavis.conf file is turned on by setting $sa_local_tests_only to 0. SURBL greatly
    improves spam filtering and I highly recommend it.

Leave a reply

You must be logged in to post a comment.