The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

clamav - Does it actually work?

Discussion in 'General Discussion' started by CamerMan, Nov 23, 2009.

  1. CamerMan

    CamerMan Registered

    Joined:
    Apr 3, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    51
    I attempting to use WHM/cpanel as an offering for our VPS servers. One of the key things we are looking for is anti-virus for incoming email.

    I searched the forums and found out the clamav can be installed in the cpanel->manage plugins section, which I did.

    I then went to plugins->configure ClamAV scanner, and enabled all the options, including "scan mail".

    To test clamav, I uploaded a virus test file from "http://www.eicar.org/anti_virus_test_file.htm" and uploaded to a site on the server. When I scan this folder in the sites cpanel, under "Virus scanne", it fails to detect the file. I also sent the file in an email attachment, but when using "scan mail" it fails to detect the file again.

    Is there a better way to test that its working? Or is more configuration needed?

    Im using cPanel 11.24.5-S38506 - WHM 11.24.2 - X 3.9 on CENTOS 5.4
     
    #1 CamerMan, Nov 23, 2009
  2. d_t

    d_t Well-Known Member

    Joined:
    Sep 20, 2003
    Messages:
    243
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Bucharest
    If you install clamavconnector from WHM Plugins section then you have clamav integrated with exim mail server. Try to restart exim to see if it also restart clamavd. It should detect and block EICAR test virus.
     
    #2 d_t, Nov 24, 2009
  3. web-project

    web-project Member

    Joined:
    Nov 23, 2007
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    51
    it's out of date, as I haven't see any database of viruses updates...
     
    #3 web-project, Nov 24, 2009
  4. CamerMan

    CamerMan Registered

    Joined:
    Apr 3, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    51
    After some more testing, it appears that emails containing the anti-virus test file in an executable or the executable in a zip file are not being delievered, so perhaps it is removing them.

    However the text file version of the test file is not being detected or removed.

    Is there way to check to see if clamav did in fact remove the emails containing the executables?
     
    #4 CamerMan, Nov 24, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - clamav Does actually
  1. Steve Kessler

    What to do About ClamAV False Positives

    Steve Kessler, May 27, 2017, in forum: Security
    Replies:
    5
    Views:
    119
    rpvw
    May 28, 2017
  2. dubweb

    Clamav Malformed database

    dubweb, May 16, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    202
    cPanelJasonT
    May 17, 2017
  3. Keith Becker

    ClamAV installed cannot find clamscan

    Keith Becker, Apr 19, 2017, in forum: Security
    Replies:
    1
    Views:
    133
    cPanelMichael
    Apr 19, 2017
  4. Nirjonadda

    SOLVED Configure ClamAV Scanner

    Nirjonadda, Apr 3, 2017, in forum: General Discussion
    Replies:
    1
    Views:
    197
    cPanelMichael
    Apr 4, 2017
  5. bugetarul

    ClamAV Not Installed Properly

    bugetarul, Dec 21, 2016, in forum: General Discussion
    Replies:
    1
    Views:
    297
    cPanelMichael
    Dec 22, 2016

Share This Page