This is a Docker image for an Amavisd-new mail scanner. The project is part of the docker-mailserver project but can run separately without the other components. The image listens at one port (10024) for mails to be scanned (using SMTP protocol) and forwards messages and results after the scan back to a SMTP server (usually the originating server on port 10025).
Related images:
- docker-mailserver - The main project, containing composition instructions
- docker-mailserver-postfix - Postfix/Dovecot image (mailserver component)
- docker-mailserver-opendkim - OpenDKIM image (DKIM signing milter component)
- docker-mailserver-postfixadmin - Image for PostfixAdmin (Web UI to manage mailboxes and domain in Postfix)
- docker-mailserver-roundcube - Roundcube Webmailer
The following versions are available from DockerHub. The image tag matches the Amavisd-new version.
- Amavis Checker v2.13.0
- Virus detection using ClamAV v1.0.3
- Spam detection using SpamAssassin v4.0.0
- Seamless integration in any SMTP mail chain
docker-mailserver-amavis is licensed under GNU LGPL 3.0. As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.
None
docker-mailserver-amavis requires various environment variables to be set. The container startup will fail when the setup is incomplete.
| Variable | Description | Default Value |
|---|---|---|
AV_MYDOMAIN |
The first and primary mail domain of your mailserver. Amavis uses this to add headers in a mail. | localdomain |
AV_POSTFIX_SERVICE_NAME |
The hostname or IP address of the SMTP server where Amavis will deliver scanned mails and results to. | 127.0.0.1 |
AV_POSTFIX_SERVICE_PORT |
The port of the SMTP server for delivering scanned mails and results. | 10025 |
AV_VIRUSADMIN_EMAIL |
The global administrator to be informed about virus detection and quarantines. | postmaster@AV_MYDOMAIN |
AV_NOTIFY_SENDER |
sender envelope address, from which notification reports are sent from | postmaster@AV_MYDOMAIN |
AV_NOTIFY_ADMIN |
sender envelope address, from which notification reports are sent from | postmaster@AV_MYDOMAIN |
You shall provide a data volume in order to secure your quarantine data from data loss. Map the volume to /var/virusmails folder inside the container.
docker-mailserver-amavis exposes port 10024. This is an unprotected SMTP listener port to request AntiVirus and AntiSpam scans. Attention! You need to make sure that this port is not accessible by any other host than your SMTP mail service. Otherwise it can be used for SPAM attacks.
The main mailserver project has examples of container configurations:
Every once in a while you will need to run sa-compile and freshclamin order to refresh you virus and spam detection rules. The current images does not do this yet (see #4)
You can further customize Amavis, ClamAV and SpamAssassin configuration files. Please follow these instructions:
- Check the
/usr/local/amavis/templatesfolder for already existing customizations. - If you configuration file is not present yet, take a copy of the file from
/etc/amavis,/etc/clamavor/etc/spamassassinfolders. - Customize your configuration file.
- Provide your customized file(s) back into the appropriate template folder at
/usr/local/amavis/templatesby using volume mappings. - (Re)Start the container. If you configuration was not copied correctly then log into the container (bash is available) and delete the changed files from the corresponding
/etcfolders. Then restart the container.
This Docker image is mature and provides scanning for my mailserver in production. However, several issues are still unresolved:
- #2 - DKIM support is missing
- #3 - SPF support is missing
- #4 - Add automatic SA and ClamAV rules refresh
Report a bug, request an enhancement or pull request at the GitHub Issue Tracker. Make sure you have checked out the Contribution Guideline