Recently I needed to turn off Amavis / Spamassassin on a server...
The server was running Postfix with DBMail and some custom extensions. Due to a botched FreeBSD PKG update, Spamassassin and Amavis were no longer installed or installable. So I really needed to turn them off as a first step of restoring mail functionality.
There's a nice howto about disabling / bypassing Amavis at this url: http://www200.pair.com/mecham/spam/bypassing.html
The problem is it explains 12 cases of how to turn it off for specific cases. There's no single letter about how to just NOT USE IT NOW RIGHT AWAY. For all non-emergency cases, go with the howto, it's the very best I could find.
Should you be here for this more urgent case though, just read on.
Steps to do simply disable it:
- Identify amavis connection errors in the _right_ logfile (I didn't the day before because it was a jailed system)
- Notify customer to alert users of increased chance of receiving spam / virus
- Stop the leftovers of the broken Amavis setup
- in master.cf, disable the call to Amavisd. More trivial setups are just having 2 lines in main.cf!
- check using postconf -n there's no remaining amavisd config
- reload/restart postfix (i.e. service postfix reload)
- run postsuper -R to rerun all queued messages
- watch the log for the amavis errors
- since they still occurred, search some more and find dbmail sql hook script referenced in main.cf.
- disable that, repeat steps 6,7,8
- Start dealing with the actual problem of broken software
What I disabled
Notice I did NOT need to change anything in the smtp / lmtp line at start of master.cf!
If it's configured directly from main.cf, you'll need to disable the following line:
If its' a more complex multi-tenant setup, you might need to remove the line calling the SQL function to return the right spamfilter instance
I hope this will help you get your services back online!
As for the actual amavis fix, I updated my ports tree and manually built all the missing packages so PKG would no further shred through this (not arguing this) horribly dated server. I just think it's not really helpful to have a package manager that destroys the whole box when you're trying to carefully update it :)
Once you re-enabled also check out the dcc-servers project who are doing a distributed spam hunt!