rpms / clamav

Created 3 years ago
Maintained by sergiomb
Clam AntiVirus is an anti-virus toolkit for UNIX
Members 8
Please note for Fedora and EPEL 7+ we use only systemd. upstart and sysvinit only apply to EPEL 6. A clamav-milter setup consists of the following three components: * the clamav-milter itself --> this is provided by the 'clamav-milter' package plus (alternatively) 'clamav-milter-upstart' or 'clamav-milter-sysvinit' The main configuration is in /etc/mail/clamav-milter.conf and MUST be changed before first use. This can be enabled with: 'systemctl enable clamav-milter.service' The -sysvinit package is managed by the traditional tools, but -upstart requires modification of /etc/event.d/clamav-milter to enable automatic startup. See comments there for more details. * a clamav scanner daemon --> this is in the clamd package (or on EL6: 'clamav-scanner-upstart' or 'clamav-scanner-sysvinit') The daemon is configured by /etc/clamd.d/scan.conf (which MUST be edited before first use). This can be enabled with: 'systemctl enable clamd@scan.service' The -sysvinit package is managed by the traditional tools, but -upstart requires modification of /etc/event.d/clamd.scan to enable automatic startup. See comments there for more details. * the MTA (sendmail/postfix) --> you should know how to install this... When communicating across unix sockets with the clamav-milter, it is suggested to use the /run/clamav-milter/clamav-milter.socket path. You have to add something like INPUT_MAIL_FILTER(`clamav', `S=local:/run/clamav-milter/clamav-milter.socket, F=, T=S:4m;R:4m')dnl to your sendmail.mc. EXAMPLE ======= For clamav-milter, a possible setup might be created by A) On the MTA (assumed hostname 'host-mta') 1. Add to sendmail.mc | INPUT_MAIL_FILTER(`clamav', `S=inet:6666@host-milter, F=, T=S:4m;R:4m')dnl 2. Rebuild sendmail.cf B) On the clamav-milter host (assumed hostname 'host-milter') 1. Install clamav-milter + clamav-milter-upstart packages 2. Set in /etc/mail/clamav-milter.conf | MilterSocket inet:6666 | ClamdSocket tcp:host-scanner:6665 and all the other options which are required on your system 3. Enable clamav-milter.service: | systemctl enable clamav-milter.service Restart your system or execute | systemctl start clamav-milter.service 4. Add something like | iptables -N IN-cmilt | iptables -A IN-cmilt -s host-mta -j ACCEPT | iptables -A IN-cmilt -j DROP | iptables -A INPUT -p tcp --dport 6666 -j IN-cmilt to your firewall setup C) On the clamav-scanner host (assumed hostname 'host-scanner') 1. Install clamd 2. Add to /etc/clamd.d/scan.conf | TCPSocket 6665 | TCPAddr host-scanner comment out possible 'LocalSocket' lines and set all the other options which are required on your system 3. Enable clamd@scan.service: | systemctl enable clamd@scan.service Restart your system or execute | systemctl start clamd@scan.service 4. Add something like | iptables -N IN-cscan | iptables -A IN-cscan -s host-milter -j ACCEPT | iptables -A IN-cscan -j DROP | iptables -A INPUT -p tcp --dport 6665 -j IN-csan to your firewall setup