Clam

about

ClamAV® is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.

Using ClamAV with a mail server... on a Debian System... is fairly simplistic to set up.

First: install these packages...

Name Description
clamav anti-virus utility for Unix - command-line interface
clamav-base anti-virus utility for Unix - base package
clamav-daemon anti-virus utility for Unix - scanner daemon
clamav-freshclam anti-virus utility for Unix - virus database update utility
clamdscan anti-virus utility for Unix - scanner client
clamsmtp virus-scanning SMTP proxy

Then add the appropriate lines to your MTA configuration file(s). In exim it would look something like this...

av_scanner= clamd:/var/run/clamav/clamd.ctl
spamd_address= 127.0.0.1 783

These are the defaults... if you are running clamav on another server substitute the local host/port for the ip/port of that server.

CREATED 2020-12-31 11:29:37.0

010-00-04-D0

UPDATED 2020-12-31 11:29:48.0

Config Parameters

Clam AV configuration file is /etc/clamav/clamd.conf

PhishingSignatures - checks url signatures against known phishing sites

PhishingScanURLs - cal cause artificial rejections or false positives if the href in the URL does not match the element data. For example:

<a href="paypal.badGuy.com"/>paypal.com</a>

However, this option sometimes causes valid mail to be rejected.

CREATED 2020-12-31 11:29:51.0

010-00-04-D1

UPDATED 2020-12-31 11:30:02.0

Knowledge
Man Page
L
I
N
K
S

DBID: db.wam

Page Server: Ithica

©2012 Leistware Data Systems
      Hello anonymous