Results 1 to 18 of 18

Thread: Virus Scan for FreeBSD 6.2 using Dovecot

  1. #1
    Join Date
    May 2005
    Location
    In this Forum at the moment.
    Posts
    32

    Virus Scan for FreeBSD 6.2 using Dovecot

    Hi Guys,

    Does anyone have a how to for installing an email virus scanner on FreeBSD 6.2 using Dovecot?

    I see all sorts of how to's for Exim, but they don't seem to apply for exim. <-- I mean dovecot here sorry

    Any help is greatly appreciated!!

    Cheers!!
    Last edited by Webgecko; 08-29-2008 at 06:53 AM. Reason: Error in text.
    Webgecko
    --

  2. #2
    Join Date
    Jul 2005
    Posts
    2,008
    Code:
    cd /usr/ports/security/clamav
    make install clean
    
    /usr/local/sbin/clamd
    /usr/local/bin/freshclam -d
    
    echo "
    /usr/local/sbin/clamd
    /usr/local/bin/freshclam -d
    " >> /etc/rc.local
    
    cat /usr/local/etc/clamd.conf | grep 'LocalSocket' | awk '{print "av_scanner = clamd:" $2}' >> /etc/exim.conf
    
    /usr/local/etc/rc.d/exim restart

  3. #3
    Join Date
    May 2005
    Location
    In this Forum at the moment.
    Posts
    32
    Thanks Chatwizard, but I'm not using Exim. I'm using Dovecot (or is there a connection I'm not making?)

    Cheers!!
    Webgecko
    --

  4. #4
    Join Date
    Jul 2005
    Posts
    2,008
    Dovecot is the pop3 and imap part of the mail system exim is the mta which sends the mail out.

  5. #5
    Join Date
    May 2005
    Location
    In this Forum at the moment.
    Posts
    32
    Fantabulous. I'll give it a go and see how we make out.

    Thanks for that!!

    Cheers!!
    Webgecko
    --

  6. #6
    Join Date
    May 2005
    Location
    In this Forum at the moment.
    Posts
    32
    Hi Chatwizard,

    I updated my ports collection before trying to install and this is what I'm getting.===> clamav-0.93.3 depends on file: /usr/local/bin/libtool - found
    ===> clamav-0.93.3 depends on shared library: gmp.7 - not found
    ===> Verifying install for gmp.7 in /usr/ports/math/libgmp4
    ===> Building for libgmp-4.2.3
    cd: can't cd to /usr/ports/math/libgmp4/work/gmp-4.2.3
    *** Error code 2

    Stop in /usr/ports/math/libgmp4.
    *** Error code 1

    Stop in /usr/ports/security/clamav.
    *** Error code 1

    Stop in /usr/ports/security/clamav.

    Not sure why this wouldn't work.

    Cheers!!
    Webgecko
    --

  7. #7
    Join Date
    Jul 2005
    Posts
    2,008
    try:

    cd /usr/ports/math/libgmp4
    make install clean

    Then go back to trying to install clamav

  8. #8
    Join Date
    May 2005
    Location
    In this Forum at the moment.
    Posts
    32
    It appears as though my ports collection is all messed up so I'm in the process of removing it and re-installing the entire collection.

    For some reason, when I would do a make install clean in libgmp4 it would fail. I check the make file and it's referencing 4.2.3 in the work directory, but in the work directory, it's still 4.2.1.

    I checked the /usr/ports/clamav directory as well and it's the same thing. It was referencing 0.93.3 but in the work directory it was still 0.92.1 so.

    This is the same with every port that I checked so no matter what I was trying to install (even joe) it was failing.

    Very strange. Will update when I can.

    Thanks for your help so far.

    Cheers!!
    Last edited by Webgecko; 08-29-2008 at 10:04 PM. Reason: Spelling mistake
    Webgecko
    --

  9. #9
    Join Date
    May 2005
    Location
    In this Forum at the moment.
    Posts
    32
    Hi Chatwizard.

    I've managed to get it installed, however, I've got a few questions.

    1. When I restart exim, I get this message

    2008-08-30 21:15:32 Exim configuration error in line 888 of /etc/exim.conf:
    unknown or malformed retry error "="

    When I edit /etc/exim.conf and go down to line 888, it's this line...

    av_scanner = clamd:/var/run/clamav/clamd.sock

    This was generated by running your 'cat' command. This looks alright to me, but it's producing an error.

    2. What is rc.local for? Until I ran your command, rc.local didn't exist.
    3. Do I need to put anything into /etc/rc.conf to tell it to start clamav on a reboot or anything?

    Thanks again!
    Webgecko
    --

  10. #10
    Join Date
    Sep 2006
    Location
    Larisa, Greece
    Posts
    236
    To enable clamav put these lines in /etc/rc.conf
    clamav_clamd_enable="YES"
    clamav_freshclam_enable="YES"

    put this in /etc/crontab to update every day
    20 1 * * * clamav /usr/local/bin/freshclam --quiet -l /var/log/clamav/freshclam.log 2>&1


    which version of exim.conf are you using? look for something like :
    SpamBlocker with Optional VirusBlocker #
    # Dovecot Only #
    # Version 3.1-beta

    at the top of /etc/exim.conf
    always RTFM at the end.

  11. #11
    Join Date
    May 2005
    Location
    In this Forum at the moment.
    Posts
    32
    Hi there. This is at the top of my /etc/exim.conf file....

    SpamBlocker.exim.conf.2.1.1-release

    I've added av_scanner = clamd:/var/run/clamav/clamd.sock to the very top of the file and restarted exim with no complaints so I'm assuming that it's working fine. Is there a way to test this other than sending myself a virus?

    Cheers!!
    Webgecko
    --

  12. #12
    Join Date
    Sep 2006
    Location
    Larisa, Greece
    Posts
    236
    First of all check if
    /var/run/clamav/clamd.sock
    exists. Mine for example was /var/run/clamav/clamd.
    To avoid some problems i had with the socket file i'm using the
    av_scanner = clamd:127.0.0.1 3310
    and the rc.conf from the previous post to enable deamon use of clamav.

    To test it you should download eicar test virus (is only for test purposes it doesn't infect your pc) after you disable your pc antivirus
    url http://www.eicar.org/anti_virus_test_file.htm
    and send an email to yourself.
    always RTFM at the end.

  13. #13
    Join Date
    May 2005
    Location
    In this Forum at the moment.
    Posts
    32
    Hi there.

    Yes, /var/run/clamav/clamd.sock exists.
    I've sent myself a test message using the eicar.com.txt file and it came through easy. Nothing stopped it or marked it as a virus.

    Did you put av_scanner - clamd:127.0.0.1 3310 at the bottom or top of your exim.conf file?

    Cheers!!
    Webgecko
    --

  14. #14
    Join Date
    Jul 2005
    Posts
    2,008
    /etc/rc.local doesnt exist by default. It is a file that loads programs on boot. You could try moving the av_scanner = clamd:/var/run/clamav/clamd.sock line up in the exim.conf I didnt think it would matter where it was at but maybe it does. Try adding it under primary_hostname =

  15. #15
    Join Date
    Sep 2006
    Location
    Larisa, Greece
    Posts
    236
    Quote Originally Posted by Webgecko View Post

    Did you put av_scanner - clamd:127.0.0.1 3310 at the bottom or top of your exim.conf file?
    put it as a replacement for av_scanner = clamd:/var/run/clamav/clamd.sock
    then enable it in rc.conf
    clamav_clamd_enable="YES"
    clamav_freshclam_enable="YES"

    then start the service :
    /usr/local/etc/rc.d/clamav-clamd start

    and re-test.

    but i suggest to download the latest exim.conf and edit it.
    always RTFM at the end.

  16. #16
    Join Date
    Sep 2005
    Posts
    366
    Quote Originally Posted by tsiou View Post
    put this in /etc/crontab to update every day
    20 1 * * * clamav /usr/local/bin/freshclam --quiet -l /var/log/clamav/freshclam.log 2>&1
    I'm not a FreeBSD user, but isn't freshclam daemonized? We're not using cronjobs for ClamAV/Freshclam at all.

  17. #17
    Join Date
    Aug 2008
    Posts
    4,697
    You can run freshclam either as a daemon or in a cron.

  18. #18
    Join Date
    Sep 2006
    Location
    Larisa, Greece
    Posts
    236
    Quote Originally Posted by getUP View Post
    I'm not a FreeBSD user, but isn't freshclam daemonized? We're not using cronjobs for ClamAV/Freshclam at all.
    You 're right, i suggested both ways
    always RTFM at the end.

Similar Threads

  1. scan aliased emails
    By mo.mentum in forum E-Mail
    Replies: 0
    Last Post: 01-07-2007, 10:50 PM
  2. scan email alias
    By duke28 in forum System-Level Technical Discussion
    Replies: 0
    Last Post: 12-06-2006, 02:50 AM
  3. FreeBSD 5.2.x Email Virus Scanning
    By Webgecko in forum E-Mail
    Replies: 0
    Last Post: 06-20-2005, 04:45 AM
  4. Replies: 1
    Last Post: 07-10-2004, 12:52 AM
  5. Replies: 0
    Last Post: 07-01-2004, 01:36 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •