I try to install CLAMAV, on Slack 9.1, with sendmail and milter, .... My installation: 1.
sendmail -d0 | grep MILTER
on my PC: Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
2. User clamav, ...: group clamav useradd -g clamav -d /dev/null clamav mkdir /var/clamav chown clamav:clamav /var/clamav
3 Install...
./configure \ --prefix=/usr --sysconfdir=/etc --datadir=/var/clamav \ --enable-milter make make install
4. Cofig /etc/clamav.conf
# By default the log file is locked for writing - the lock protects against # running clamd multiple times (if want to run another clamd, please # copy the configuration file, change the LogFile variable, and run # the daemon with --config-file option). That's why you shouldn't uncomment # this option. LogFileUnlock
# Maximal size of the log file. Default is 1 Mb. # Value of 0 disables the limit. # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size # in bytes just don't use modifiers. LogFileMaxSize 2M
# Log time with an each message. LogTime
# Log also clean files. May be useful in debugging but will drastically # increase the log size. LogClean
# Use system logger (can work together with LogFile). LogSyslog
# Enable verbose logging. LogVerbose
# This option allows you to save the process identifier of the listening # daemon (main thread). PidFile /var/clamav/clamd.pid
# Optional path to the global temporary directory. # Default is system specific - usually /var/tmp or /tmp. TemporaryDirectory /var/tmp
# Path to the database directory. # Default is the hardcoded directory (mostly /usr/local/share/clamav, # but it depends on installation options). DatabaseDirectory /var/clamav
# The daemon works in local or network mode. Currently the local mode is # recommended for security reasons.
# Path to the local socket. The daemon doesn't change the mode of the # created file (portability reasons). You may want to create it in a directory # which is only accessible for a user running daemon. LocalSocket /var/clamav/clamd.sock
# Remove stale socket after unclean shutdown. FixStaleSocket
# TCP port address. #TCPSocket 3310
# TCP address. # By default we bind to INADDR_ANY, probably not wise. # Enable the following to provide some degree of protection # from the outside world. #TCPAddr 127.0.0.1
# Maximum length the queue of pending connections may grow to. # Default is 15. MaxConnectionQueueLength 90
# When activated, input stream (see STREAM command) will be saved to disk before # scanning - this allows scanning within archives. StreamSaveToDisk
# Close the connection if this limit is exceeded. StreamMaxLength 10M
# Maximal number of a threads running at the same time. # Default is 5, and it should be sufficient for a typical workstation. # You may need to increase threads number for a server machine. MaxThreads 100
# Waiting for data from a client socket will timeout after this time (seconds). # Default is 120. Value of 0 disables the timeout. ReadTimeout 300
# Maximal depth the directories are scanned at. MaxDirectoryRecursion 25
# Follow a directory symlinks. # SECURITY HINT: You should have enabled directory recursion limit to # avoid potential problems. #FollowDirectorySymlinks
# Follow regular file symlinks. #FollowFileSymlinks
# Do internal checks (eg. check the integrity of the database structures) # By default clamd checks itself every 3600 seconds (1 hour). SelfCheck 600
# Execute a command when a virus is found. In the command string %v will # be replaced by the virus name. # VirusEvent /bin/mail -s "VIRUS ALERT: %v" root
# Run as selected user (clamd must be started by root). # By default it doesn't drop privileges. User clamav
# Initialize the supplementary group access (for all groups in /etc/group # user is added in. clamd must be started by root). #AllowSupplementaryGroups
# Don't fork into background. Useful in debugging. #Foreground
# Enable debug messages in libclamav. #Debug
## ## Document scanning ##
# This option enables scanning of Microsoft Office document macros. ScanOLE2
## ## Mail support ##
# Uncomment this option if you are planning to scan mail files. ScanMail
## ## Archive support ##
# Comment this line to disable scanning of the archives. ScanArchive
# By default the built-in RAR unpacker is disabled by default because the code # terribly leaks, however it's probably a good idea to enable it. ScanRAR
# Options below protect your system against Denial of Service attacks # with archive bombs.
# Files in archives larger than this limit won't be scanned. # Value of 0 disables the limit. # WARNING: Due to the unrarlib implementation, whole files (one by one) in RAR # archives are decompressed to the memory. That's why never disable # this limit (but you may increase it of course!) ArchiveMaxFileSize 10M
# Archives are scanned recursively - e.g. if Zip archive contains RAR file, # the RAR file will be decompressed, too (but only if recursion limit is set # at least to 1). With this option you may set the recursion level. # Value of 0 disables the limit. ArchiveMaxRecursion 15
# Number of files to be scanned within archive. # Value of 0 disables the limit. ArchiveMaxFiles 1000
# Mark potential archive bombs as viruses (0 disables the limit) ArchiveMaxCompressionRatio 200
# Use slower decompression algorithm which uses less memory. This option # affects bzip2 decompressor only. ArchiveLimitMemoryUsage
# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). #ArchiveBlockEncrypted
## ## Clamuko settings ## WARNING: This is experimental software. It is very likely it will hang ## up your system !!! ##
# Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running. #ClamukoScanOnAccess
# Set access mask for Clamuko. ClamukoScanOnOpen ClamukoScanOnClose ClamukoScanOnExec
# Set the include paths (all files in them will be scanned). You can have # multiple ClamukoIncludePath options, but each directory must be added # in a seperate option. All subdirectories are scanned, too. ClamukoIncludePath /home #ClamukoIncludePath /students
# Set the exclude paths. All subdirectories are also excluded. #ClamukoExcludePath /home/guru
# Limit the file size to be scanned (probably you don't want to scan your movie # files ;)) # Value of 0 disables the limit. 1 Mb should be fine. ClamukoMaxFileSize 1M
# Enable archive support. It uses the limits from clamd section. # (This option doesn't depend on ScanArchive, you can have archive support # in clamd disabled). ClamukoScanArchive
5. Update Virus Database freshclam --quiet --stdout --datadir /var/clamav --log /var/clamav/clamav.log
6. Test
cd /usr/src/clamav/test clamscan test1 -the test is OK
7. Sendmail
In sendmail.cf, in section Mail Filtres
Xclmilter, S=local:/var/clamav/clmilter.sock,F=, T=S:4m;R:4m
8. Start daemon
clamd clamav-milter -blo /var/clamav/clmilter.sock /etc/rc.d/rc.sendmail restart
-my test ls -l /var/clamav/*sock
srwxrwxrwx 1 clamav clamav 0 May 13 09:17 /var/clamav/clamd.sock
srwx------ 1 clamav clamav 0 May 13 09:17 /var/clamav/clmilter.sock
ps -aux|grep cla clamav 920 0.0 10.2 14300 13020 ? S 09:17 0:00 clamd clamav 924 0.0 0.6 4368 860 ? S 09:17 0:00 clamav-milter -blo /var/clamav/clmilter.sock
9. Mail test(with file test1 , the same as point 6.)
cat test1 | mail -s "Vir" root and the mail test go on my mailbox, without any problems! In my logs, no errors, warnings,...What is wrong ?!
Thanks!
------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
