The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Anyone using Exiscan mail scanner?

Discussion in 'E-mail Discussions' started by haze, Oct 2, 2003.

  1. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Just curious if anyone has had a chance to try out exiscan on their cpanel system? Apparently it will be coming out as an option for cpanels exim.. i believe. I really need to implement a solution ASAP, and so far cpanels mailscanner just ain't working. So.. what are your thoughts on this system?

    http://duncanthrax.net/exiscan-acl/

    cPanel.net Support Ticket Number:
     
  2. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    Haven't tried it yet, but it would be great if we could have this as an alternative to mailscannner.

    As it's written specifically for Exim (unlike mailscanner) it might be a better choice for CPanel.

    cPanel.net Support Ticket Number:
     
  3. TCSLEA

    TCSLEA Active Member

    Joined:
    Oct 29, 2003
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, T E X A S
    Using EXISCAN with no problems so far

    Several days ago I configured exiscan, and out of curiosity I did a search in these forums to see if anyone else was using it, or anyone else was having any problems, etc. Looks like it may not be as popular as MailScanner for now.

    Turns out that the version of exim that comes with the current cPanel installation already has this feature, it's just that it's not configured to use it in the exim configuration file. Further, you need some type of antivirus to point it to, and most (but not all) of those are pay-for-it services.

    I'm using it with ClamAV, which is free, and have a cron job to update the virus definitions every night. So far it's working beautifully, and I've yet to receive any virus-contaminated email since I started using exiscan.

    And I was concerned that cPanel would overwrite my exim config file every night, but it hasn't happened yet. However, it looks like if you use WHM to manually edit the config file, and there happens to be a syntax error in the file, it will cause WHM to overwrite the config file with the default.

    If anyone wants to try exiscan, and has problems, I'd be more than happy to post the changes I made here. I'm on a FreeBSD box, so the paths might be different, and your mileage may vary...
     
  4. mccollin

    mccollin Member

    Joined:
    Jun 11, 2003
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    I'd love to know what you did on FreeBSD... getting bombarded with viruses and am disappointed that there isn't a solution for MailScan.
     
  5. Marty

    Marty Well-Known Member

    Joined:
    Oct 10, 2001
    Messages:
    630
    Likes Received:
    1
    Trophy Points:
    18
    I would like to see the changes you made. I am not on FreeBSD but it would be interesting if the peices are already there to see how this works.
     
  6. TCSLEA

    TCSLEA Active Member

    Joined:
    Oct 29, 2003
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, T E X A S
    Exim with exiscan and clamav

    Okay, at this point I'm trying out a trial version of another mail server, and have so many irons in the fire lately that my head is not as clear on this as it was right after I did it. I was using Exim version 4.24.3 at the time, if that matters. Having said that, here is what I can piece together from my notes:

    Installed clamav from /usr/ports/security/clamav

    Created a new user on the server called "clamav" with:
    shell = noshell
    home directory = /nonexistent
    belongs to group = mail

    chown /var/spool/exim/scan to clamav:mail
    but I later noticed it was chown to mailnull:mailnull (maybe cPanel did that?? I also just noticed that cPanel overwrote my Exim configuration file eventually - if that happens, it circumvents the a/v software (clamav) and you have to put the modified configure file back. I made a copy of it after I modified it, and maybe you could create a cron job to copy your modified version over each night, in case cPanel overwrites the configuration file like it eventually did mine)

    chmod /var/spool/exim/scan to 770

    clamav conf file: /usr/local/etc/clamav.conf

    clamav data directory: /usr/local/share/clamav

    clamav command: /usr/local/sbin/clamd

    clamav unix socket: /var/run/clamav/clamd

    clamav update command: /usr/local/bin/freshclam

    clamav clamscan command: /usr/local/bin/clamscan

    exim config file: /usr/local/etc/exim/configure

    This configure file needs some editing, but I can't find my notes on what I changed. I didn't even bother to comment my changes, it seems. *sigh*

    I'll try to attach the configure file I was using at the time. Remember that cPanel may overwrite the file periodically, so keep a copy of it in that same directory if you want, BUT give it some other name. Every so often, make sure your modified version is present, and/or have cron do it.

    Good luck,
    Chris
     

    Attached Files:

    #6 TCSLEA, Jan 27, 2004
    Last edited: Jan 27, 2004
  7. smarcellini

    smarcellini Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    6
    I get an error message "can not find av_scanner" when I add this line.

    #!!# Added to enable clamav
    av_scanner = clamd:/var/run/clamav/clamd

    Did I miss something?
     
  8. TCSLEA

    TCSLEA Active Member

    Joined:
    Oct 29, 2003
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, T E X A S
    I guess it just needs to know exactly where to find clamd, and perhaps that path is not where it is. Try locating clamd like this:

    locate clamd

    and if that doesn't find it:

    find / -name clamd -ls

    and use that path. I noticed on my box that the /var/run path is actually a hard link to this path:

    /usr/local/sbin/clamd

    so try changing the path to the /usr/local... path above, and see if that works.

    Let me know how it goes!

    Chris
     
  9. smarcellini

    smarcellini Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    6
    "av_scanner unknown" is the actually message and i still get it with the config below.

    #!!# Added to enable clamav
    av_scanner = clamd:/usr/local/sbin/clamd

    I did the "find" command and it is in /usr/local/sbin
     
  10. TCSLEA

    TCSLEA Active Member

    Joined:
    Oct 29, 2003
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Austin, T E X A S
  11. smarcellini

    smarcellini Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    6
    Well i must say, i thought i was the only one in this world smart enough to use google to troubleshoot error messages. Yes I saw that post but was at work and passed it off. I will take a closer look now and report back.

    Thx for your time.
     
  12. mr.wonderful

    mr.wonderful BANNED

    Joined:
    Feb 1, 2004
    Messages:
    345
    Likes Received:
    0
    Trophy Points:
    0
    If Cpanels version of MailScanner is not working why are you wasting time with it? Install it maually and configure it manually. Then you dont have to rely on their version and you have a full version that works. Provided of course you know how to install and set it up!
     
  13. smarcellini

    smarcellini Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    6
  14. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    16
    Apparantly, Mailscanner can be installed on FreeBSD servers. After I attempted to do this today (which screwed up my server for 3 hours and now I have over 13,000 emails in the queue) I realized it was only for Linux. I submitted a feature request and Michael Photakis replied back with:

    If you build the exim port with "WITHOUT_ALT_CONFIG_PREFIX=yes" set, mailscanner installed from the ports collection should work for you.

    I would really like to put a virus scanner on the server because of all the problems with the MyDoom virus. After what I went through today, I'm a little hesitant about trying it again. If anybody else has the balls to try it please let me know how it went!

    smarcellini,

    The article on the site you posted looks like it's only for Linux users.
     
  15. Dillard

    Dillard Well-Known Member

    Joined:
    Feb 26, 2003
    Messages:
    114
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    The Netherlands
    Somewhat delayed, but if you still need to look for a antivirus solution on FreeBSD, look here ( http://forums.cpanel.net/showthread.php?s=&threadid=24541 ). In the meantime, I've installed the modified version on several production boxes, and it's working quite well !! FINALLY :D
     
Loading...

Share This Page