The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

clam av connector

Discussion in 'cPanel Developers' started by kevin2004, Sep 19, 2004.

  1. kevin2004

    kevin2004 Member

    Joined:
    May 2, 2004
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    Forgive my ignorance but I need a little help. I have cPanel Pro installed, license activated. Now I install the clamavconnector. I see nothing new, how to you operate it, or what am I supposed to do to use it?

    Thanks, Kevin
     
  2. brentp

    brentp Well-Known Member

    Joined:
    Mar 11, 2004
    Messages:
    324
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Ayr, North Queensland, Australia
    Clamavconnector

    enable the feature in the users cpanels and you'll see a little "Virus Scan" icon the bottom right hand corner. make sure you have cpanel pro installed etc etc.

    Regards.
    Brent
     
  3. kevin2004

    kevin2004 Member

    Joined:
    May 2, 2004
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    Now no e-mail in

    2004-09-20 12:50:40 1C9SJa-0007DG-BV malware acl condition: unable to connect to sophie UNIX socket (/var/run/sophie). errno$
    2004-09-20 12:50:40 1C9SJa-0007DG-BV H=(sproxy.google.com) [64.233.170.130] F=<googlealerts-noreply@google.com> temporarily $

    If you look in the logs before you disabled clamav it was giving unable to connect to UNIX socket /var/run/clamav/clamd (Namd (No such file or directory), then it went to malware acl condition: clamd: unable to connect to UNIX socket /var/run/clamav/clamd (Permmission denied), now it is malware acl condition: unable to connect to sophie UNIX socket (/var/run/sophie). errno=2


    had this remark in exim: av_scanner = clamd:/var/run/clamav/clamd, after disabling this I started getting the last of the 3 errors above.

    Did clamavconnector change something with clamav?

    tried uninstalling camavconnector, didn't work, tried reinstallin, still no e-mail :mad:
     
    #3 kevin2004, Sep 20, 2004
    Last edited: Sep 20, 2004
  4. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    Just a query...

    Were you running Anand's version. If yes then no need to run both. Only one needs to be there. /var/run/clamav/clamd is from Anand's install as clamconector puts that somewhere else. Just chk your clamav.conf file...

    And BTW, few may have opinions about Anand's version, but do not forget that it has been out of it's beta stage and i have been running it ever since first version and have been error free right throughout ... (from 0.ClamAV 0.67 onwards if i remeber correctly). Personally i hate running any beta stuff....

    Anup
     
    #4 anup123, Sep 20, 2004
    Last edited: Sep 20, 2004
  5. kevin2004

    kevin2004 Member

    Joined:
    May 2, 2004
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    Don't know about whose version, I actually cannot remember, I think I got it form these forums. Anyhow can you elaborate a little more? Here is a cut of my clamav.conf file:


    # Path to the database directory.
    # Default is the hardcoded directory (mostly /usr/local/share/clamav,
    # but it depends on installation options).
    #DatabaseDirectory /var/lib/clamav

    # The daemon works in local or network mode. Currently the local mode is
    # recommended for security reasons.

    # Path to the local socket. The daemon doesn't change the mode of the
    # created file (portability reasons). You may want to create it in a directory
    # which is only accessible for a user running daemon.
    LocalSocket /var/clamd

    # Remove stale socket after unclean shutdown.
    FixStaleSocket

    I downgraded to release version from current, that did nothing. This is the error now:
    unable to connect to UNIX socket /var/run/clamav/clamd (Permission denied)
    What should the permission be?
     
  6. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    Edit your exim.conf from config editor and put the following:

    av_scanner = clamd:/var/clamd

    and restart and see after a restart

    This is what i have in clamav.conf (not clamavconnector) but Anand's installer:

    ##
    ## Example config file for the Clam AV daemon
    ## Please read the clamav.conf(5) manual before editing this file.
    ##


    # Comment or remove the line below.
    #Example

    # Uncomment this option to enable logging.
    # LogFile must be writable for the user running the daemon.
    # Full path is required.
    LogFile /var/log/clamd.log

    # By default the log file is locked for writing - the lock protects against
    # running clamd multiple times (if want to run another clamd, please
    # copy the configuration file, change the LogFile variable, and run
    # the daemon with --config-file option). That's why you shouldn't uncomment
    # this option.
    #LogFileUnlock

    # Maximal size of the log file. Default is 1 Mb.
    # Value of 0 disables the limit.
    # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
    # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
    # in bytes just don't use modifiers.
    LogFileMaxSize 2M

    # Log time with an each message.
    LogTime

    # Use system logger (can work together with LogFile).
    #LogSyslog

    # Enable verbose logging.
    #LogVerbose

    # This option allows you to save the process identifier of the listening
    # daemon (main thread).
    #PidFile /var/run/clamd.pid

    # Path to a directory containing .db files.
    # Default is the hardcoded directory (mostly /usr/local/share/clamav,
    # it depends on installation options).
    #DataDirectory /var/lib/clamav

    # The daemon works in local or network mode. Currently the local mode is
    # recommended for security reasons.

    # Path to the local socket. The daemon doesn't change the mode of the
    # created file (portability reasons). You may want to create it in a directory
    # which is only accessible for a user running daemon.
    LocalSocket /var/run/clamav/clamd

    # TCP port address.
    #TCPSocket 3310

    # Maximum length the queue of pending connections may grow to.
    # Default is 15.
    #MaxConnectionQueueLength 30

    # When activated, input stream (see STREAM command) will be saved to disk before
    # scanning - this allows scanning within archives.
    #StreamSaveToDisk

    # Close the connection if this limit is exceeded.
    #StreamMaxLength 10M

    # Maximal number of a threads running at the same time.
    # Default is 5, and it should be sufficient for a typical workstation.
    # You may need to increase threads number for a server machine.
    MaxThreads 10

    # Thread (scanner - single task) will be stopped after this time (seconds).
    # Default is 180. Value of 0 disables the timeout. SECURITY HINT: Increase the
    # timeout instead of disabling it.
    #ThreadTimeout 500

    # Maximal depth the directories are scanned at.
    MaxDirectoryRecursion 15

    # Follow a directory symlinks.
    # SECURITY HINT: You should have enabled directory recursion limit to
    # avoid potential problems.
    #FollowDirectorySymlinks

    # Follow regular file symlinks.
    #FollowFileSymlinks

    # Do internal checks (eg. check the integrity of the database structures)
    # By default clamd checks itself every 3600 seconds (1 hour).
    #SelfCheck 600

    # Run as selected user (clamd must be started by root).
    # By default it doesn't drop privileges.
    #User clamav

    # Initialize the supplementary group access (for all groups in /etc/group
    # user is added in. clamd must be started by root).
    #AllowSupplementaryGroups

    # Don't fork into background. Useful in debugging.
    #Foreground

    ##
    ## Mail support
    ##

    # Uncomment this option if you are planning to scan mail files.
    ScanMail

    ##
    ## Archive support
    ##


    # Comment this line to disable scanning of the archives.
    ScanArchive

    # Options below protect your system against Denial of Service attacks
    # with archive bombs.

    # Files in archives larger than this limit won't be scanned.
    # Value of 0 disables the limit.
    # WARNING: Due to the unrarlib implementation, whole files (one by one) in RAR
    # archives are decompressed to the memory. That's why never disable
    # this limit (but you may increase it of course!)
    ArchiveMaxFileSize 10M

    # Archives are scanned recursively - e.g. if Zip archive contains RAR file,
    # the RAR file will be decompressed, too (but only if recursion limit is set
    # at least to 1). With this option you may set the recursion level.
    # Value of 0 disables the limit.
    ArchiveMaxRecursion 5

    # Number of files to be scanned within archive.
    # Value of 0 disables the limit.
    ArchiveMaxFiles 1000

    # Use slower decompression algorithm which uses less memory. This option
    # affects bzip2 decompressor only.
    #ArchiveLimitMemoryUsage

    ##
    ## Clamuko settings
    ## WARNING: This is experimental software. It is very likely it will hang
    ## up your system !!!
    ##

    # Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.
    #ClamukoScanOnLine

    # Set access mask for Clamuko.
    ClamukoScanOnOpen
    ClamukoScanOnClose
    ClamukoScanOnExec

    # Set the include paths (all files in them will be scanned). You can have
    # multiple ClamukoIncludePath options, but each directory must be added
    # in a seperate option. All subdirectories are scanned, too.
    ClamukoIncludePath /home
    #ClamukoIncludePath /students

    # Set the exclude paths. All subdirectories are also excluded.
    #ClamukoExcludePath /home/guru

    # Limit the file size to be scanned (probably you don't want to scan your movie
    # files ;))
    # Value of 0 disables the limit. 1 Mb should be fine.
    ClamukoMaxFileSize 1M

    # Enable archive support. It uses the limits from clamd section.
    # (This option doesn't depend on ScanArchive, you can have archive support
    # in clamd disabled).
    ClamukoScanArchive

    ======
    BTW in case you would want to switch back to Anand's version, here is the site:
    http://cpanelappz.com

    Uninstall clamavconnector (it's going to be a pain when file uploading scanning shoots your server load sky high) and then install from the above url following directions clearly. It's straightforward and works right out of the box .... RH linux...
    ======


    Anup
     
    #6 anup123, Sep 20, 2004
    Last edited: Sep 20, 2004
  7. kevin2004

    kevin2004 Member

    Joined:
    May 2, 2004
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    Ok, I tried that, didn't work so I unistalled clamavconnector, upgraded exim and I followed the instructions for the clamav package on cpanelapps. This is what I had before. and after the new install I get this:

    malware acl condition: clamd: unable to connect to UNIX socket /var/run/clamav/clamd (No such file or directory)

    Now there is no clamd in the clamav directory.

    This darn thing has had my e-mail broke since yest. Anything else I can try?

    Thanks, Kevin
     
  8. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    Not too sure but raead it on forums that uninstall of clamavconnector doesn't see to remove the clamav.conf file.

    Just check that the clamav.conf file has that path of

    LocalSocket /var/run/clamav/clamd
    instead of what clamavconnector puts it at like
    LocalSocket /var/clamd

    =======
    Just Chk This Thread from here on:
    http://forums.cpanel.net/showpost.php?p=136970&postcount=706
    Seems to be duplicate of your problem.
    ======

    Anup
     
    #8 anup123, Sep 20, 2004
    Last edited: Sep 20, 2004
  9. kevin2004

    kevin2004 Member

    Joined:
    May 2, 2004
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    I understand that part. however after re-installing the cpanelapps package there is no clamd file located in var/run/clamav.

    So, would it be bestter to just uninstall everything as far as clamav, and exiscan? If so what would be the best way to do that? Then do a complete re-install of the package?

    Is there no way to use this package and clamavconnector without breaking everything? Is it just a one or the other deal? The only real reason I liked clamavconnector was it gave the ability to scan from cpanel, just something for clients to toy with.

    Thanks, Kevin
     
  10. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    Be on CURRENT
    Have a non clamavconnector no cpanelappz exim working first ensuring that you have commented all exiscan related stuff in the configuration editor and mails are moving in/out.
    Remove clamav.conf ....safe to rename it to clamav.conf.bak
    DO a fresh install from cpanelappz following instructions
    Restart exim

    clamd should be there when Exim with calmav restarts (ie exim with clamd)
    Do you see clamd as there when you restart exim as of now?

    As on which version you chose is upto you.
    I would have chosen clamavconnector if there wsa an option to switch off filescan during ftp. For me that's the worry....

    Get your install working with whatever you feel comfortable with. I have seen many users switching back to cpanelappz version after having problems with clamavconnector.

    If nothing works open a support ticket as last resort but do not give it up so easily. I know it can be frustrating but then that's a part of learning curve :)

    Anup
     
  11. kevin2004

    kevin2004 Member

    Joined:
    May 2, 2004
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
  12. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
  13. kevin2004

    kevin2004 Member

    Joined:
    May 2, 2004
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    Well it is all working agian. I wish I could say it was on my own, but thanks for the help!! :p





    Thanks again, Kevin
     
  14. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    Glad that you got it working back again :)
    Even i learnt things the hard way. Yup it was definitely on your own but it worked when you abandoned the path of doing it in haste :)

    Cheers
    Anup
     
  15. vwchosting

    vwchosting Registered

    Joined:
    Sep 21, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Does this service scan all incoming/outgoing email? I see how to scan manuly, but no indacation that its scanning mail as it comes in or out.
     
  16. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    First use either clamavconnector or clam package from cpanelappz.com, don't try to use both.

    Second yes it scans both incoming and outgoing mails, just tail your exim_main log file and see all incoming and outgoing mails being scanned.
     
  17. qubixandy

    qubixandy Member

    Joined:
    Mar 19, 2004
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    I followed your guide (had the same problem, thought i could run the addon along with your script :( ) but I still can't receive any mail...
     
  18. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    remove /etc/clamav.conf and then reinstall using the cpanelappz.com script, everything should get fixed.
     
  19. qubixandy

    qubixandy Member

    Joined:
    Mar 19, 2004
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    I just did that again, and it still doesn't work... :(
     
  20. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    what is the error you see in exim_main log file ?
     

Share This Page