Virus Scan for FreeBSD 6.2 using Dovecot

Webgecko

Verified User
Joined
May 2, 2005
Messages
32
Location
In this Forum at the moment.
Hi Guys,

Does anyone have a how to for installing an email virus scanner on FreeBSD 6.2 using Dovecot?

I see all sorts of how to's for Exim, but they don't seem to apply for exim. <-- I mean dovecot here sorry

Any help is greatly appreciated!!

Cheers!!
 
Last edited:

chatwizrd

Verified User
Joined
Jul 3, 2005
Messages
2,007
Code:
cd /usr/ports/security/clamav
make install clean

/usr/local/sbin/clamd
/usr/local/bin/freshclam -d

echo "
/usr/local/sbin/clamd
/usr/local/bin/freshclam -d
" >> /etc/rc.local

cat /usr/local/etc/clamd.conf | grep 'LocalSocket' | awk '{print "av_scanner = clamd:" $2}' >> /etc/exim.conf

/usr/local/etc/rc.d/exim restart
 

chatwizrd

Verified User
Joined
Jul 3, 2005
Messages
2,007
Dovecot is the pop3 and imap part of the mail system exim is the mta which sends the mail out.
 

Webgecko

Verified User
Joined
May 2, 2005
Messages
32
Location
In this Forum at the moment.
Hi Chatwizard,

I updated my ports collection before trying to install and this is what I'm getting.===> clamav-0.93.3 depends on file: /usr/local/bin/libtool - found
===> clamav-0.93.3 depends on shared library: gmp.7 - not found
===> Verifying install for gmp.7 in /usr/ports/math/libgmp4
===> Building for libgmp-4.2.3
cd: can't cd to /usr/ports/math/libgmp4/work/gmp-4.2.3
*** Error code 2

Stop in /usr/ports/math/libgmp4.
*** Error code 1

Stop in /usr/ports/security/clamav.
*** Error code 1

Stop in /usr/ports/security/clamav.

Not sure why this wouldn't work.

Cheers!!
 

chatwizrd

Verified User
Joined
Jul 3, 2005
Messages
2,007
try:

cd /usr/ports/math/libgmp4
make install clean

Then go back to trying to install clamav
 

Webgecko

Verified User
Joined
May 2, 2005
Messages
32
Location
In this Forum at the moment.
It appears as though my ports collection is all messed up so I'm in the process of removing it and re-installing the entire collection.

For some reason, when I would do a make install clean in libgmp4 it would fail. I check the make file and it's referencing 4.2.3 in the work directory, but in the work directory, it's still 4.2.1.

I checked the /usr/ports/clamav directory as well and it's the same thing. It was referencing 0.93.3 but in the work directory it was still 0.92.1 so.

This is the same with every port that I checked so no matter what I was trying to install (even joe) it was failing.

Very strange. Will update when I can.

Thanks for your help so far.

Cheers!!
 
Last edited:

Webgecko

Verified User
Joined
May 2, 2005
Messages
32
Location
In this Forum at the moment.
Hi Chatwizard.

I've managed to get it installed, however, I've got a few questions.

1. When I restart exim, I get this message

2008-08-30 21:15:32 Exim configuration error in line 888 of /etc/exim.conf:
unknown or malformed retry error "="

When I edit /etc/exim.conf and go down to line 888, it's this line...

av_scanner = clamd:/var/run/clamav/clamd.sock

This was generated by running your 'cat' command. This looks alright to me, but it's producing an error.

2. What is rc.local for? Until I ran your command, rc.local didn't exist.
3. Do I need to put anything into /etc/rc.conf to tell it to start clamav on a reboot or anything?

Thanks again!
 

tsiou

Verified User
Joined
Sep 15, 2006
Messages
236
Location
Larisa, Greece
To enable clamav put these lines in /etc/rc.conf
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"

put this in /etc/crontab to update every day
20 1 * * * clamav /usr/local/bin/freshclam --quiet -l /var/log/clamav/freshclam.log 2>&1


which version of exim.conf are you using? look for something like :
SpamBlocker with Optional VirusBlocker #
# Dovecot Only #
# Version 3.1-beta

at the top of /etc/exim.conf
 

Webgecko

Verified User
Joined
May 2, 2005
Messages
32
Location
In this Forum at the moment.
Hi there. This is at the top of my /etc/exim.conf file....

SpamBlocker.exim.conf.2.1.1-release

I've added av_scanner = clamd:/var/run/clamav/clamd.sock to the very top of the file and restarted exim with no complaints so I'm assuming that it's working fine. Is there a way to test this other than sending myself a virus?

Cheers!!
 

tsiou

Verified User
Joined
Sep 15, 2006
Messages
236
Location
Larisa, Greece
First of all check if
/var/run/clamav/clamd.sock
exists. Mine for example was /var/run/clamav/clamd.
To avoid some problems i had with the socket file i'm using the
av_scanner = clamd:127.0.0.1 3310
and the rc.conf from the previous post to enable deamon use of clamav.

To test it you should download eicar test virus (is only for test purposes it doesn't infect your pc) after you disable your pc antivirus
url http://www.eicar.org/anti_virus_test_file.htm
and send an email to yourself.
 

Webgecko

Verified User
Joined
May 2, 2005
Messages
32
Location
In this Forum at the moment.
Hi there.

Yes, /var/run/clamav/clamd.sock exists.
I've sent myself a test message using the eicar.com.txt file and it came through easy. Nothing stopped it or marked it as a virus.

Did you put av_scanner - clamd:127.0.0.1 3310 at the bottom or top of your exim.conf file?

Cheers!!
 

chatwizrd

Verified User
Joined
Jul 3, 2005
Messages
2,007
/etc/rc.local doesnt exist by default. It is a file that loads programs on boot. You could try moving the av_scanner = clamd:/var/run/clamav/clamd.sock line up in the exim.conf I didnt think it would matter where it was at but maybe it does. Try adding it under primary_hostname =
 

tsiou

Verified User
Joined
Sep 15, 2006
Messages
236
Location
Larisa, Greece
Did you put av_scanner - clamd:127.0.0.1 3310 at the bottom or top of your exim.conf file?
put it as a replacement for av_scanner = clamd:/var/run/clamav/clamd.sock
then enable it in rc.conf
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"

then start the service :
/usr/local/etc/rc.d/clamav-clamd start

and re-test.

but i suggest to download the latest exim.conf and edit it.
 

ju5t

Verified User
Joined
Sep 14, 2005
Messages
384
put this in /etc/crontab to update every day
20 1 * * * clamav /usr/local/bin/freshclam --quiet -l /var/log/clamav/freshclam.log 2>&1
I'm not a FreeBSD user, but isn't freshclam daemonized? We're not using cronjobs for ClamAV/Freshclam at all.
 

scsi

Verified User
Joined
Aug 19, 2008
Messages
4,695
You can run freshclam either as a daemon or in a cron.
 
Top