The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

clamd - does it integrate with exim?

Discussion in 'E-mail Discussions' started by santrix, Feb 10, 2009.

  1. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    18
    I installed Clamav via "Main >> cPanel >> Manage Plugins" within WHM.

    All seems fine, but it's not clear how/if this is integrated with exim.

    Sure enough, clamav shows up in user's control panels, so they can do a manual scan of their home directory/mail etc, but what I was hoping for is some indication that it has hooked into exim, and will scan mail that passes through.

    So, the question is, does clamav installed in this way automatically scan messages handled by exim or not, and if not is there a documented way of making it so? It seems pretty pointless installing it if all it does is allow manual scanning via individual users' cpanels.

    This also brings the question - in "Main >> Service Configuration >> Exim Configuration Editor" - what does "Attachments: Filter dangerous attachments" do exactly? It's not documented anywhere I can see... does this option have any impact on the operation of clamav?

    Thanks.
     
  2. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    18
    come on guys... this must be a simple yes or no - I still can't get a straight answer from googling about.
     
  3. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    It interfaces with exim, though I'm just not sure if it automatically creates the necessary configuration lines in the exim.conf file when the clamav plugin is installed. I think it does, but I would not necessarily hold me to that.

    Send yourself a test message with the Eicar test string

    http://www.eicar.org/anti_virus_test_file.htm

    grep the exim_mainlog when you send this and see if it is reported:

    tail -f /var/log/exim_mainlog | grep virus
     
  4. britsenigma

    britsenigma Well-Known Member

    Joined:
    Dec 14, 2008
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    6
    I might be wronb, but I'm pretty sure you have to actively scan for a virus. So the user actives the scanner from the control panel.

    ASSP Deluxe uses ClamD as part of it's filtering process, so that's one way to do it, but it will cost you.
     
  5. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    18
    I have seen ASSP and am interested in knowing how good it is, in terms of stability, integration with cpanel/whm, and most importantly for me, if it is manageable by someone with intermediate linux skills?
     
  6. John W

    John W Member

    Joined:
    Aug 24, 2007
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Orlando
    Well, for what it's worth I have less than intermediate skills and ASSP Deluxe has great instructions and it's worked amazingly well for me since Nov 07 and continues to improve. The cost seems well worth it to me.
     
  7. chrishorgan

    chrishorgan Registered

    Joined:
    Mar 31, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    WA
    I'm trying to get Exim to work with ClamAV (clamd) too.

    Done the usual install - ran plugin in "Main >> cPanel >> Manage Plugins".
    Gone into WHM>>Plugins>>Configure ClamAW Scanner and checked all the boxes.

    A line is put in the exim.conf file...
    av_scanner = clamd:/var/clamd

    The scanner works when manually scanning.

    So you think you are safe - BUT NO!

    I've successfully sent the virus test file from one mail account to another undetected.

    So something else needs doing.

    Not sure what to do - but I'm looking at these leads...

    The Exim docs has some info on Clamd here...
    http://www.exim.org/exim-html-current/doc/html/spec_html/ch41.html

    Then there is the ClamAV plugin for Spamassassin
    http://wiki.apache.org/spamassassin/ClamAVPlugin

    I though CPanel comes with free virus scanning? Surely it can't be this hard.
     
Loading...

Share This Page