[Mimedefang] How do I have mimedefang-filter to use the Clamav
Thomas Barnes
Thomas.Barnes at barnestormer.com
Wed Sep 8 12:09:57 EDT 2004
> I recompiled Mimedefang (2.39) after compiling clamav and it recognized
> that clamav was there. I went into the clamav-milter directory and
> compiled clamav-milter. Do I need this? Is it possible to just run the
> clamav binary- not as a milter and have Mimedefang call it to scan the
> mailboxes?
The way I did it was to have the milter scan it as soon as it arrives to
the mail server; that is the idea of using the milter
> Also, what is the difference between clamscan and clamd scan?
clamd is supposed to be faster and runs as a deamon
> I found the binary clamd and ran it.
Just make sure you run it as user defang (I think it should be defang)
> Now ps -ef reports:
You need to start the milter too
e.g. /usr/local/sbin/clamav-milter --max-children=2 -olb
local:/var/spool/MIMEDefang/clmilter.sock
(This is the sock sendmail looks at, make sure it is the same in your
sendmail.cf)
Make sure you have the local sock (for clamd --> clamav-milter )
specified in clamav. Mine looks llike this
#LogFile /tmp/clamd.log
#LogFileUnlock
#LogFileMaxSize 2M
#LogTime
#LogClean
#LogSyslog
#LogFacility LOG_MAIL
#LogVerbose
#PidFile /var/run/
#TemporaryDirectory /var/tmp
#DatabaseDirectory /var/lib/clamav
LocalSocket /var/spool/MIMEDefang/clamd.sock
FixStaleSocket
#TCPSocket 3310
#TCPAddr 127.0.0.1
#MaxConnectionQueueLength 30
StreamSaveToDisk
#StreamMaxLength 10M
#MaxThreads 10
#ReadTimeout 300
MaxDirectoryRecursion 15
#FollowDirectorySymlinks
#FollowFileSymlinks
#SelfCheck 600
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
User defang
#AllowSupplementaryGroups
#Foreground
#Debug
#LeaveTemporaryFiles
ScanOLE2
ScanMail
ScanArchive
#ScanRAR
ArchiveMaxFileSize 10M
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000
ArchiveMaxCompressionRatio 200
#ArchiveLimitMemoryUsage
#ArchiveBlockEncrypted
# Set access mask for Clamuko.
ClamukoScanOnOpen
ClamukoScanOnClose
ClamukoScanOnExec
ClamukoIncludePath /home
#ClamukoIncludePath /students
#ClamukoExcludePath /home/guru
ClamukoMaxFileSize 1M
ClamukoScanArchive
/usr/local/sbin/clamav-milter --max-children=2 -olb
local:/var/spool/MIMEDefang/clmilter.sock
> I edited /etc/mail/mimedefang-filter to have it look for clamd - but
> mimedefang complains:
what did you change? It worked out of the box for me. . no modification
required.
> to clamd daemon at /var/spool/MIMEDefang/clamd.sock
make sure it is specified in the clamav.conf correctly , user defang has
wrx on that dir and is the user under which the process runs.
> How do I get the socket - there - the default is /tmp/clamd:
clamd is the socket for clamd and clamav-milter. sendmail does not use
this. make sure you specify the path when you start the milter. . see above.
> If I do so, will Mimedefang then call up clamd and scan messages, or do
> I need the milter entries in sendmail?
you need the milter in sendmail for both clamav-milter and mimedefang.
(make sure you use the m4 to build sendmail.mc)
> Also, where is the init.d script - I can not find it.
ifor clamav? It is in clamav-0.75.1/contrib/init/
sorry. . seems only linux scripts. I use solaris so I had a bit of
tweeking to do
More information about the MIMEDefang
mailing list