ClamAV exim include script 1.3

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
9,158
Hello,

We'd made changes to the exim clamav config files:
/etc/exim.clamav.conf 1.3
/etc/exim.clamav.load.conf 1.1

Changes were made to allow the use of:
Code:
/etc/virtual/skip_av_domains
The implementation quickly got messy due to the acl_check_message section not knowing the "specific" recipient domain, but rather the list of all recipients. So a 2nd ACL was added to the bottom of the exim.clamav.conf (like a function call) where the recipients list is looped through, to go through each recipient domain. If a match is found in the skip_av_domains, then clamav is not run on this message, even if other recipients are not in the skip_av_domains list.

The old files are still availble as /services/exim.clamav.conf.1.2 (for example) on the files servers.
The /services/exim.clamav.conf is a symlink to exim.clamav.conf.1.3.

Let us know if you spot any issues, but after testing it locally, and by the client who reported the issue, no problems have been found.

To get the changes, either download those 2 files manually, or just re-run
Code:
./build update
./build clamav
once your mirror is synced from files1.

John
 
Can't ./build clamav because of some zlib version checking bug:

Code:
configure: error: The installed zlib version may contain a security bug. Please upgrade to 1.2.2 or later: http://www.zlib.net. You can omit this check with --disable-zlib-vcheck but DO NOT REPORT any stability issues then!

OS is FreeBSD 11.1. It could be this old bug:

https://bugzilla.clamav.net/show_bug.cgi?id=11711

Code:
root@srv2:/usr/local/directadmin/custombuild # ./build versions | grep lib
Latest version of libtool: 2.4.6
Installed version of libtool: 2.4.6
Latest version of libpng: 1.6.34
Installed version of libpng: 1.6.34
Latest version of libspf2: 1.2.10
Installed version of libspf2: 1.2.10
Latest version of libxml2: 2.9.7
Installed version of libxml2: 2.9.7
Latest version of libxslt: 1.1.32
Installed version of libxslt: 1.1.32

root@srv2:/usr/local/directadmin/custombuild # portmaster -L | grep lib
===>>> giflib-5.1.4
===>>> libedit-3.1.20170329_2,1
===>>> libiconv-1.14_11
===>>> libltdl-2.4.6
===>>> liblz4-1.8.0,1
===>>> libnghttp2-1.29.0
===>>> libpaper-1.1.24.4
===>>> libunwind-20170113_1
===>>> libuv-1.18.0
===>>> libxml2-2.9.7
===>>> libyaml-0.1.6_2
===>>> libarchive-3.3.2,1
===>>> libffi-3.2.1_2
===>>> libgcrypt-1.8.2
===>>> libgd-2.2.4_1,1
===>>> libgpg-error-1.27
===>>> libidn2-2.0.4
===>>> libunistring-0.9.8
===>>> libxslt-1.1.29_1
===>>> libatomic_ops-7.6.0_1
===>>> libidn-1.33_1
===>>> libtool-2.4.6
 
Last edited:
New configs are working fine but I noticed that I don't receive any info in the logs anymore about freshclam updates. Clamd & freshclam is running normally (freshclam every 2 hours) because the database is reloaded every ~6 hours or so:

Jan 16 07:56:14 web01 clamd: SelfCheck: Database modification detected. Forcing reload.
Jan 16 07:56:15 web01 clamd: Reading databases from /usr/local/share/clamav
Jan 16 07:56:27 web01 clamd: Database correctly reloaded (6386669 signatures)

But what I don't see anymore is logs like this;

Jan 15 20:55:55 web01 freshclam[1166]: Received signal: wake up
Jan 15 20:55:55 web01 freshclam[1166]: ClamAV update process started at Mon Jan 15 20:55:55 2018
Jan 15 20:55:55 web01 freshclam[1166]: main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Jan 15 20:55:55 web01 freshclam[1166]: daily.cld is up to date (version: 24224, sigs: 1825614, f-level: 63, builder: neo)
Jan 15 20:55:55 web01 freshclam[1166]: bytecode.cld is up to date (version: 319, sigs: 75, f-level: 63, builder: neo)

I can't seem to find what's wrong.. Is this behavior (like verbose log) changed recently with new configs? Before this rebuild i haven't rebuild clamav since the last release.
 
I can't seem to find what's wrong.. Is this behavior (like verbose log) changed recently with new configs? Before this rebuild i haven't rebuild clamav since the last release.

I didn't have any problems with the new configuration. Did you check /var/log/freshclam.log?

Please check also /etc/freshclam.conf and then this options:

# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/freshclam.log

# Log time with each message.
# Default: no
LogTime yes
 
UpdateLogFile,LogTime was disabled because all update messages were logged to the System Log:

# Use system logger (can work together with UpdateLogFile).
# Default: no
LogSyslog yes

But that didn't work at all after the ./build clamav:confused: So something has changed in the configs but I don't know what:confused:. I disabled LogSyslog and created the /var/log/clamav/freshclam.log file and enabled UpdateLogFile and that's working perfectly :) Actually after configuring this I prefer it, instead of dumping everything to syslog messages file.
 
Last edited:
Back
Top