I decided to write this summary because there is a lot of dispersed
information and no a real howto. This is not exactly a howto but a sort
of guide, made with the purpose of making you save some time.
Summary: Exim/Exiscan 4.43 + Clamav 0.80
This is a summary of what I did today (oct/19) for having ClamAV 0.80
(final) running with the latest Exim 4.43 rpm from Direct Admin.
I installed all this in a Redhat 9.0 box.
0. Don´t forget, make backup of anything before you change it...
1. Upgrade your version of Exim to 4.43
First than anything you should know that the last version of Exim's rpm
provided by DirectAdmin is already patched for Exiscan.
So according to
http://www.directadmin.com/forum/sh...860&perpage=20&highlight=exiscan&pagenumber=2
follow these steps
2. Install ClamaAV 0.80 Final
If you try to install version 0.80rc4 from rpms, you may find a lot
of dependency problems, so the way I found to go around them was installing
from the tar.gz.
So I went to http://sourceforge.net/project/showfiles.php?group_id=86638
got the file clamav-0.80.tar.gz and compiled and installed it according
to these instructions http://www.clamav.net/doc/0.80/html/node14.html
Quite easy for a novice like me
Once installed I noticed that clamd was not in my /usr/bin directory
so if the same happens to you look for the directory where you extracted
your clamav tar.gz and try copying the file clamav-0.80/clamd/clamd
to the /usr/bin directory ,have no fear, it worked for me.
By default, clamd is not configured for using sockets in the port 3310
but for Local Sockets, so due to this, my example considers using
Local Sockets.
You can read further here:
http://www.gossamer-threads.com/lists/clamav/users/13092?page=last
Once installed clamav, try executing clamscan
you will be prompted to do small changes to clamav.conf files (just comment a couple of lines, quite painless).. After that clamscan
should work and you will have
clamav installed.
You can also run freshclam for
updating the AV databases.
3. Edit Exim.conf
Now we are going to edit exim.conf
vi /etc/exim.conf
At the end of comments section add this (it is different to other
samples as it uses local sockets):
av_scanner = clamd:/tmp/clamd
Read the post by "skruf" in this thread
http://www.directadmin.com/forum/showthread.php?s=&threadid=3860
if in doubt.
Then continue editing the same file, search for the second instance
of check_message
Change:
# ACL that is used after the DATA command
check_message:
accept
To this:
# ACL that is used after the DATA command
check_message:
# Virus Check
deny message = This message contains a virus or other malware ($malware_name)
demime = *
malware = *
accept
We now need to make clamav has access to mail files so type:
vi /etc/group
Change:
mail:x:12:mail (or as in my case mail::12:mail)
to:
mail:x:12:mail,clamav
save.
Restart Clamd
/usr/bin/clamd
Restart Exim
/etc/init.d/exim restart
It should work now...
Regards
Alejandro Lengua
Virtual Orbis Hosting http://www.virtualorbis.com
on Linux and Win2003 Platforms http://www.vohosting.com
information and no a real howto. This is not exactly a howto but a sort
of guide, made with the purpose of making you save some time.
Summary: Exim/Exiscan 4.43 + Clamav 0.80
This is a summary of what I did today (oct/19) for having ClamAV 0.80
(final) running with the latest Exim 4.43 rpm from Direct Admin.
I installed all this in a Redhat 9.0 box.
0. Don´t forget, make backup of anything before you change it...
1. Upgrade your version of Exim to 4.43
First than anything you should know that the last version of Exim's rpm
provided by DirectAdmin is already patched for Exiscan.
So according to
http://www.directadmin.com/forum/sh...860&perpage=20&highlight=exiscan&pagenumber=2
follow these steps
Code:
wget [url]http://files.directadmin.com/services/da_exim-4.43-1.src.rpm[/url]
rpm -ivh da_exim-4.43-1.src.rpm
rpmbuild -bb /usr/src/redhat/SPECS/exim.spec
rpm -Uvh /usr/src/redhat/RPMS/i386/da_exim-4.43-1.i386.rpm
2. Install ClamaAV 0.80 Final
If you try to install version 0.80rc4 from rpms, you may find a lot
of dependency problems, so the way I found to go around them was installing
from the tar.gz.
So I went to http://sourceforge.net/project/showfiles.php?group_id=86638
got the file clamav-0.80.tar.gz and compiled and installed it according
to these instructions http://www.clamav.net/doc/0.80/html/node14.html
Quite easy for a novice like me
Once installed I noticed that clamd was not in my /usr/bin directory
so if the same happens to you look for the directory where you extracted
your clamav tar.gz and try copying the file clamav-0.80/clamd/clamd
to the /usr/bin directory ,have no fear, it worked for me.
By default, clamd is not configured for using sockets in the port 3310
but for Local Sockets, so due to this, my example considers using
Local Sockets.
You can read further here:
http://www.gossamer-threads.com/lists/clamav/users/13092?page=last
Once installed clamav, try executing clamscan
you will be prompted to do small changes to clamav.conf files (just comment a couple of lines, quite painless).. After that clamscan
should work and you will have
clamav installed.
You can also run freshclam for
updating the AV databases.
3. Edit Exim.conf
Now we are going to edit exim.conf
vi /etc/exim.conf
At the end of comments section add this (it is different to other
samples as it uses local sockets):
av_scanner = clamd:/tmp/clamd
Read the post by "skruf" in this thread
http://www.directadmin.com/forum/showthread.php?s=&threadid=3860
if in doubt.
Then continue editing the same file, search for the second instance
of check_message
Change:
# ACL that is used after the DATA command
check_message:
accept
To this:
# ACL that is used after the DATA command
check_message:
# Virus Check
deny message = This message contains a virus or other malware ($malware_name)
demime = *
malware = *
accept
We now need to make clamav has access to mail files so type:
vi /etc/group
Change:
mail:x:12:mail (or as in my case mail::12:mail)
to:
mail:x:12:mail,clamav
save.
Restart Clamd
/usr/bin/clamd
Restart Exim
/etc/init.d/exim restart
It should work now...
Regards
Alejandro Lengua
Virtual Orbis Hosting http://www.virtualorbis.com
on Linux and Win2003 Platforms http://www.vohosting.com
Last edited: