The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

clamd - does it integrate with exim?

Discussion in 'E-mail Discussions' started by santrix, Feb 10, 2009.

  1. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    68
    I installed Clamav via "Main >> cPanel >> Manage Plugins" within WHM.

    All seems fine, but it's not clear how/if this is integrated with exim.

    Sure enough, clamav shows up in user's control panels, so they can do a manual scan of their home directory/mail etc, but what I was hoping for is some indication that it has hooked into exim, and will scan mail that passes through.

    So, the question is, does clamav installed in this way automatically scan messages handled by exim or not, and if not is there a documented way of making it so? It seems pretty pointless installing it if all it does is allow manual scanning via individual users' cpanels.

    This also brings the question - in "Main >> Service Configuration >> Exim Configuration Editor" - what does "Attachments: Filter dangerous attachments" do exactly? It's not documented anywhere I can see... does this option have any impact on the operation of clamav?

    Thanks.
     
    #1 santrix, Feb 10, 2009
  2. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    68
    come on guys... this must be a simple yes or no - I still can't get a straight answer from googling about.
     
    #2 santrix, Feb 12, 2009
  3. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,422
    Likes Received:
    30
    Trophy Points:
    178
    cPanel Access Level:
    Root Administrator
    It interfaces with exim, though I'm just not sure if it automatically creates the necessary configuration lines in the exim.conf file when the clamav plugin is installed. I think it does, but I would not necessarily hold me to that.

    Send yourself a test message with the Eicar test string

    http://www.eicar.org/anti_virus_test_file.htm

    grep the exim_mainlog when you send this and see if it is reported:

    tail -f /var/log/exim_mainlog | grep virus
     
    #3 sparek-3, Feb 12, 2009
  4. britsenigma

    britsenigma Well-Known Member

    Joined:
    Dec 14, 2008
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    56
    I might be wronb, but I'm pretty sure you have to actively scan for a virus. So the user actives the scanner from the control panel.

    ASSP Deluxe uses ClamD as part of it's filtering process, so that's one way to do it, but it will cost you.
     
    #4 britsenigma, Feb 12, 2009
  5. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    68
    I have seen ASSP and am interested in knowing how good it is, in terms of stability, integration with cpanel/whm, and most importantly for me, if it is manageable by someone with intermediate linux skills?
     
    #5 santrix, Feb 12, 2009
  6. John W

    John W Member

    Joined:
    Aug 24, 2007
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    Orlando
    Well, for what it's worth I have less than intermediate skills and ASSP Deluxe has great instructions and it's worked amazingly well for me since Nov 07 and continues to improve. The cost seems well worth it to me.
     
    #6 John W, Feb 16, 2009
  7. chrishorgan

    chrishorgan Registered

    Joined:
    Mar 31, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    WA
    I'm trying to get Exim to work with ClamAV (clamd) too.

    Done the usual install - ran plugin in "Main >> cPanel >> Manage Plugins".
    Gone into WHM>>Plugins>>Configure ClamAW Scanner and checked all the boxes.

    A line is put in the exim.conf file...
    av_scanner = clamd:/var/clamd

    The scanner works when manually scanning.

    So you think you are safe - BUT NO!

    I've successfully sent the virus test file from one mail account to another undetected.

    So something else needs doing.

    Not sure what to do - but I'm looking at these leads...

    The Exim docs has some info on Clamd here...
    http://www.exim.org/exim-html-current/doc/html/spec_html/ch41.html

    Then there is the ClamAV plugin for Spamassassin
    http://wiki.apache.org/spamassassin/ClamAVPlugin

    I though CPanel comes with free virus scanning? Surely it can't be this hard.
     
    #7 chrishorgan, Mar 11, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - clamd does integrate
  1. Michaelit

    Clamd - Spamd Memory usage

    Michaelit, May 23, 2017, in forum: General Discussion
    Replies:
    9
    Views:
    179
    Infopro
    May 25, 2017
  2. linux4me2

    Malware ACL Condition: Clamd

    linux4me2, May 16, 2017, in forum: E-mail Discussions
    Replies:
    3
    Views:
    118
    linux4me2
    May 19, 2017
  3. urgido

    SOLVED clamd can't start after /scripts/upcp --force

    urgido, Apr 12, 2017, in forum: General Discussion
    Replies:
    14
    Views:
    614
    yitwail
    Apr 14, 2017
  4. Trane Francks

    SOLVED clamd not running after upcp --cron

    Trane Francks, Mar 3, 2017, in forum: General Discussion
    Replies:
    6
    Views:
    533
    Trane Francks
    Mar 4, 2017
  5. Mehrpouyan

    how to stop clamd service ?

    Mehrpouyan, Oct 18, 2016, in forum: General Discussion
    Replies:
    3
    Views:
    736
    cPanelMichael
    Oct 24, 2016

Share This Page