MailScanner is a tool that integrates your mail server (MTA = Postfix) with antivirus scanners and Spam Assassin.

MailScanner Gentoo latest package is obsolete, you must install manually.

Download generic 'Nix tarball from GitHub releases page

decompress and run install.sh

mkdir /opt/mailscanner
cd /opt/mailscanner
wget ...
tar xvf <downloaded file>
cd MailScanner-xxx
./install.sh
ln -s /usr/lib/MailScanner/init/msmilter-init /etc/init.d/
rc-update add msmilter-init default

follow instructions and answer the various questions.

MailScanner setup, see here. /etc/MailScanner.conf:

Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/MailScanner/milterin
Outgoing Queue Dir = /var/spool/MailScanner/milterout
MTA = msmail
MSMail Queue Type = short
MSMail Delivery Method = QMQP
MSMail Socket Type = inet
MSMail Socket Dir = /var/spool/postfix/public/qmqp
MSMail Relay Port = 628
MSMail Relay Address = 127.0.0.1

/etc/default:

run_mailscanner=1

Postfix setup. main.cf:

# MailScanner milter
#smtpd_milters = inet:127.0.0.1:33333
# MailScanner milter may use QMQP for delivery
qmqpd_authorized_clients = 127.0.0.1

master.cf:

628       inet  n       -       n       -       -       qmqpd

here.

Follow docs here.

/etc/MailScanner/MailScanner.conf:

Always Looked Up Last = &MailWatchLogging
Detailed Spam Report = yes
Quarantine Whole Message = yes
Quarantine Whole Messages As Queue Files = no
Include Scores In SpamAssassin Report = yes
Quarantine User = root
Quarantine Group = apache (this should be the same group as your web server)
Quarantine Permissions = 0660

Set queues permissions:

usermod -a -G postfix apache
chmod g+rx /var/spool/postfix/hold
chmod g+rx /var/spool/postfix/incoming/
chgrp postfix /var/spool/postfix/incoming
chgrp postfix /var/spool/postfix/hold