[Mimedefang] Adding virus scanning after MIMEDefang installation

Aleksandar Milivojevic amilivojevic at pbl.ca
Fri Oct 29 14:27:23 EDT 2004


Mark Osbourne wrote:
>>From what I can tell, it looks like I probably need to update
> /usr/bin/mimedefang.pl and change $Features{'Virus:CLAMD'} so that it is
> set to 1 and make sure that the clamd processes is running as the defang
> user and writing it's socket in /var/spool/MIMEDefang/clamd.sock.

I'm not sure if you are going to need to reinstall MIMEDefang.

However, documentation for MIMEDefang is proposing some not needed 
changes for it to interoperate with ClamAV.  I don't know why.

All clamd needs is read access to the file that it is supposed to scan. 
  That can be done by adding user clamav (that clamd is running under) 
to group defang (/var/spool/MIMEDefang is owned and readable by group 
defang, if not than make it that way).

Also you don't need to change ClamAV socket.  Actually, you can't 
because /var/spool/MIMEDefang will not be writtable for clamd.  You can 
leave it at its default value (/var/run/clamav/clamd.sock) and use 
$ClamdSock variable in mimedefang-filter to point MIMEDefang to the 
right place.

That way you will achieve:

- two daemon processes (MIMEDefang and ClamAV) will be separated, which 
is nice from security point of view

- you run ClamAV in more or less default mode, which makes it easier to 
maintain

- makes it possible to use clamd from other appliactions 
(/var/spool/MIMEDefang is not world accessible, /var/run/clamav is world 
accessible)

IMHO, this is better and much cleaner configuration than the one 
proposed by MIMEDefang documentation.

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7



More information about the MIMEDefang mailing list