Say, if you have a mail server at your office or home it's never a good idea to have it open on the Internet. These days a lot of servers are being attacked by spammers who trying to feed spam to your domain users or use your server as a relay. The good practice to do is to have an Anti-Spam appliance as an email entry point, which will filter spam and viral infected mails , and then send good messages to the proper mail server. This instruction will guide you through a step-to-step process on how to build an Anti-spam appliance using free open-source tools.
Initial checklist involve the following materials:

• One Computer with OpenSUSE installed.
• Following Packages installed on the OpenSUSE machine: amavis-new, postfix, clamav, spamassassin.
• Mail Server.
• Firewall.

The networking setup should look similar to this:

So, on this diagram you can see that the external address for this network is 60.60.60.60, Modem/Router have an internal address of 10.0.0.1, Spam-Appliance has 10.0.0.20 address, and the Mail Server is 10.0.0.21.
So the port forwarding scheme in this method is quite simple - On your firewall forward port 25 to your Anti-Spam appliance, and it will be configured in a way to filter and forward emails to 10.0.0.21, which is your mail server. Looks simple enough, right?
Now, configure the appliance itself. If you are not sure that you have these packages installed open YaST and search for each one of them. If they are not installed, set them for the installation.
Once the packages are installed, have them configured.
1. Amavis
Open for editing /etc/amavis.conf
Set your domain (in this example I use weakmachines.org ) in this line:

   $mydomain = 'weakmachines.org';   # a convenient default for other settings

Then, enable the Anti-virus. In this example I use ClamAV, but if you are using some commercial AV, feel free to unhash (remove # before beginning of the line) that (as long as you have a license)

   # ['ClamAV-clamd',
#\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
#qr/\bOK$/, qr/\bFOUND$/,
#qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

2. ClamAV
You will need to set-up ClamAV for an update. If you use any other AV, skip this step, refer to documentation from your vendor.
in /etc/freshclam.conf
Find an entry called "DatabaseMirror", unhash it and insert a mirror of your country. You can find it here.
I use the one from Australia, so my entry looks like this:

DatabaseMirror db.au.clamav.net

3. Postfix
Go to YaST -> Network Services -> Mail Transfer Agent
Select Standard configuration, and then tick Enable Virus Scanning (Amavis).
Then go to /etc/postfix/transport locate this line and correct it:

mydomain.com    smtp:[10.0.12.45]
->
weakmachines.org    smtp:[10.0.0.21]

Last thing to do is edit /etc/sysconfig/postfix and add that:

POSTFIX_ADD_RELAY_DOMAINS="weakmachines.org"

4. Testing

The appliance should be configured correctly by now. Restart amavis and postfix
# /etc/init.d/postfix restart
# /etc/init.d/amavis restart

Send an email from an external host, and see if it will reach the destination on your 10.0.0.21 server.
If not, check the postfix mail queue with
# mailq
And see if email arrived at all. You can check /var/log/mail for any errors.

Important things to note!
By default, postfix checks the mail domains, if your spam-appliance don't have access to working DNS, you might want to switch this option off, but it is not recommended to keep it that way, since AV updates will not work too.

Groupwise Admins
This configuration is working on SLES/Groupwise machines too. What I usually do is to set GWIA on port 26 and Postfix on 25, and make postfix relay to 26, but be very careful and test the configuration before you apply it to a production machine.

So this is how you build an anti-spam appliance using open source tools.