DA, exim and clamAV- oh my!

Shark

Shark

Verified User
Joined
Aug 8, 2005
Messages
57
Location
Ohio
Hello to everyone, first time caller. New server now 72 hours old, migrating from the Cobalts. A shout out to my *peeps* whom I saw leave the washing machines behind only to see your smiling faces here. Sup Jeff Lansman, been a long time (CobaltRaq4/Dave~ here).

Now that I got that out of my system... Spent many hours reading this forum and finding my way back to the 1-2 posts that stand out about installing clamAV. Learning that my version of exim has exiscan already installed I went to grab a current clamAV rpm. I find out the latest 0.86.2 needs libcurl.so.2 and I have libcurl.so.3. Time to install from source. *Somehow* I accomplished this. Added the few lines to exim to make it work. Had a bad file descripter til I realized there was no virus database so I ran freshclam and bingo we have virus scanning- atleast it caught the Eicar test.

Now, the problem I have is:

# chkconfig clamd on
error reading information on service clamd: No such file or directory

Does that only work for rpms? Did I not install from source properly? How do I get clamd to start automatically?

DaveR~ (a.k.a webdesignerforcedintosysadmin :)

P.S. Sorry to babble on in the post. Came from a user's group where if you didn't show you tried to help yourself first, you got no responses...
 
Dave, if you've set up SpamAssassin the way the DA documentation shows, you've got spamd running and it gets started/stopped by the exim start/stop command.

But hopefully you didn't, because if you did you're running spamd twice.

So you can either set up your own set of scripts in /etc/rc.d/init.d/ and in /etc/rc.d/rc3.d, or you can just add the startup line to rc.local.
Jeff
 
SpamAssassin was setup through DA and stopping and starting exim is fine. Unless I'm missing something Mr. L, I was asking about clamAV & clamd.

I can probably figure out how to:

>So you can either set up your own set of scripts in /etc/rc.d/init.d/ and in /etc/rc.d/rc3.d, or you can just add the startup line to rc.local.

Also wondering why it's installed, catching virii and seems to be working yet:

# chkconfig clamd on
error reading information on service clamd: No such file or directory

If you answered Jeff, I can't really read between the spamd lines :)

On a more general note, while getting clamd & exim working i must have uncomentted and re-commented lots-o-stuff in clamd.conf and freshclam.conf. While I learm my settings if anyone knows uf a setting I need to check/change that makes me vulnerable I'm all ears...

DaveR~
 
Sorry. You wrote clamd and for some reason known only to the fates, I read spamd.

I don't know if it runs as a service or not; our version of VirusBlocker is very different from clamAV as installed following instructions on the forums, and I'm not too well versed on it.

Jeff
 
On all RH based servers, we've added (in the same way as spamd is called) a clamd startup script in the exim startup.
On Debian it is added automatically to /etc/init.d/clamd or something, but RH doesn't do this when installing from source.

However, if you've removed the example thingy's in the clam configs, it will work fine, if you haven't the daemon might fail after half a sec.

(Good to see someone migrating from Cobalts to DA :))

Shark: it's a good way to learn, if you try something yourself first (or just use the search, most people still can't find), however asking a question that has been asked before if you couldn't find it, is no problem ;) - As far as I know, we're still all human.

One word of advice: I've got our clamd set up to use TCP connections, because the socket didn't really want to work together with Exim, but you should limit the access to the daemon to 127.0.0.1 only, otherwise I would know a great way to DoS you...

(Webdesigners forced into sysadmin ? - hmm, other way around here)
 
Last edited:
but you should limit the access to the daemon to 127.0.0.1 only, otherwise I would know a great way to DoS you...
Click to expand...

#netstat -tupan shows:

tcp 127.0.0.1:3310 0.0.0.0:* LISTEN 16155/clamd

is this correct or am I askin' for that DoS ? :)


And while it's on my mind, I was in /home/tmp when I installed it. Now everything is in /home/tmp. Can I just move those files to a more appropriate directrory or do I need to delete those files, crons and dirs and re-install/make (makes no sense lol)???

Webdesigners forced into sysadmin? - hmm, other way around here.
Click to expand...

Alrighty then- keep answering/helping with my newbie geek questions. Need any graphics help??? :)

DaveR~
 
#netstat -tupan shows:

tcp 127.0.0.1:3310 0.0.0.0:* LISTEN 16155/clamd

is this correct or am I askin' for that DoS ?


And while it's on my mind, I was in /home/tmp when I installed it. Now everything is in /home/tmp. Can I just move those files to a more appropriate directrory or do I need to delete those files, crons and dirs and re-install/make (makes no sense lol)???
Click to expand...
It shows the same here, haven't had any problems so far ;).

So your source is stored in /home/tmp ?
Not a real issue, after you gave make install, the installer moved it to /usr/local or the dir provided in ./configure with --prefix.
So in human language, you're safe to move the source. However, you shouldn't touch the stuff make install did. So mv /home/tmp/exim<something> /<other>/<directory> is safe :).

Alrighty then- keep answering/helping with my newbie geek questions. Need any graphics help??? :)
Click to expand...
Well, as a matter of fact ;)
What will that cost me? ;)
 
You must log in or register to reply here.
Back
Top