Solved

ClamAV

Posted on 2004-08-06
10
1,872 Views
Last Modified: 2013-11-13
Okay, I look for some documentation online to install ClamAV, but didn’t find any that was useful.

This is what I have done so far

install rpm
                  clamav-db-0.75.1-1.1.fc2.dag.i386.rpm
                  clamav-0.75.1-1.1.fc2.dag.i386.rpm
                  clamd-0.75.1-1.1.fc2.dag.i386.rpm
                  clamav-milter-0.75.1-1.1.fc2.dag.i386.rpm
                  clamav-devel-0.75.1-1.1.fc2.dag.i386.rpm

Then I tried a bunch of other stuff with no luck.
I am not sure how the socket thing works.

Can someone send me a good site to set this up with step by step instruction or just tell me?

I am on FC2

I am also getting this when I restart sendmail

Aug  6 16:17:39 ns3 sendmail[12761]: STARTTLS=server: file /etc/mail/certs/cert.pem unsafe: No such file or directory
0
Comment
Question by:clintonm9
  • 5
  • 4
10 Comments
 
LVL 36

Assisted Solution

by:grblades
grblades earned 30 total points
Comment Utility
Hi clintonm9,
If you installed clamav rpm then you have it installed.
You normally have a cron job to run 'freshclam' every couple of hours to keep the virus definitions up to date.
Then you can use 'clamscan' to scan files for viruses.

If you want to use it to scan emails then I highly recomend you forget about Sendmail and install Postfix instead as it is far more configurable. You can use amavisd-new as the virus scanning engine.


I have Postfix, clamav, spanassassin, procmail and amavisd-new irunning at work to scan all emails for viruses and spam.
0
 
LVL 17

Accepted Solution

by:
owensleftfoot earned 100 total points
Comment Utility
Download mailscanner from www.mailscanner.info. Install the rpm, then edit /etc/MailScanner/MailScanner.conf and change 2 options. One is whether MailScanner actually scans for viruses & the other one is to tell mailscanner which anti-virus program to use..
The first one is

 Virus Scanning = yes

The second one is

 Virus Scanners = clamav
0
 

Author Comment

by:clintonm9
Comment Utility
MailScanner worked great.

I am now using sendmail, clamav, and spanassassin.

Thanks

When I try and put this in my cron I get an error message

/usr/bin/freshclam --quiet -l /var/log/clamav/db-update.log
ERROR: Can't open /var/log/clamav/db-update.log in append mode.
ERROR: Problem with internal logger.

grblades, you say Sendmail is less configurable then other app, if I have it configured now, is there other downfalls to sendmail that you would still highly recommend switching?
0
 
LVL 36

Expert Comment

by:grblades
Comment Utility
Check the permissions on /var/log/clamav/db-update.log. Normally clamav switches to the 'clamav' user or whatever it is configured to run as so the log file should be owned by that user.

If you have sendmail configured then it is not worth changing. The most problems I have with sendmail is you cannot limit the maximum number of emails which can be sent simultaneously so if someone send multiple large email the internet access for everyone slows down considerably if you have a slow link.
0
 

Author Comment

by:clintonm9
Comment Utility
I think it worked, is there anyway to test?
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 36

Expert Comment

by:grblades
Comment Utility
You could just manually run the command.
/usr/bin/freshclam --quiet -l /var/log/clamav/db-update.log
0
 

Author Comment

by:clintonm9
Comment Utility
/usr/bin/freshclam --quiet -l /var/log/clamav/db-update.log
ERROR: Can't get information about db.us.clamav.net host.
ERROR: Connection with db.us.clamav.net (IP: ???) failed.
0
 
LVL 36

Expert Comment

by:grblades
Comment Utility
It looks like DNS lookups are not working. Try typing "host db.us.clamav.net" and you should get back a list of IP addresses for that host. If you get an error then check your DNS configuration.
0
 

Author Comment

by:clintonm9
Comment Utility
Yeah, it worked, thanks!
0
 

Author Comment

by:clintonm9
Comment Utility
Now that i have MailScanner installed sm-client does not run any more. Is that correct?
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

One of the frequent problems with the installations is when some file or registry entry is not removed from the system upon un-installation of the product. Clean removal is always highly desirable. One major reason for that is badly authored inst…
If you don't know how to downgrade, my instructions below should be helpful.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now