The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

clamav - Does it actually work?

Discussion in 'General Discussion' started by CamerMan, Nov 23, 2009.

  1. CamerMan

    CamerMan Registered

    Joined:
    Apr 3, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    I attempting to use WHM/cpanel as an offering for our VPS servers. One of the key things we are looking for is anti-virus for incoming email.

    I searched the forums and found out the clamav can be installed in the cpanel->manage plugins section, which I did.

    I then went to plugins->configure ClamAV scanner, and enabled all the options, including "scan mail".

    To test clamav, I uploaded a virus test file from "http://www.eicar.org/anti_virus_test_file.htm" and uploaded to a site on the server. When I scan this folder in the sites cpanel, under "Virus scanne", it fails to detect the file. I also sent the file in an email attachment, but when using "scan mail" it fails to detect the file again.

    Is there a better way to test that its working? Or is more configuration needed?

    Im using cPanel 11.24.5-S38506 - WHM 11.24.2 - X 3.9 on CENTOS 5.4
     
  2. d_t

    d_t Well-Known Member

    Joined:
    Sep 20, 2003
    Messages:
    243
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Bucharest
    If you install clamavconnector from WHM Plugins section then you have clamav integrated with exim mail server. Try to restart exim to see if it also restart clamavd. It should detect and block EICAR test virus.
     
  3. web-project

    web-project Member

    Joined:
    Nov 23, 2007
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    it's out of date, as I haven't see any database of viruses updates...
     
  4. CamerMan

    CamerMan Registered

    Joined:
    Apr 3, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    After some more testing, it appears that emails containing the anti-virus test file in an executable or the executable in a zip file are not being delievered, so perhaps it is removing them.

    However the text file version of the test file is not being detected or removed.

    Is there way to check to see if clamav did in fact remove the emails containing the executables?
     
Loading...

Share This Page