Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

clamd - does it integrate with exim?

Discussion in 'E-mail Discussion' started by santrix, Feb 10, 2009.

  1. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    68
    I installed Clamav via "Main >> cPanel >> Manage Plugins" within WHM.

    All seems fine, but it's not clear how/if this is integrated with exim.

    Sure enough, clamav shows up in user's control panels, so they can do a manual scan of their home directory/mail etc, but what I was hoping for is some indication that it has hooked into exim, and will scan mail that passes through.

    So, the question is, does clamav installed in this way automatically scan messages handled by exim or not, and if not is there a documented way of making it so? It seems pretty pointless installing it if all it does is allow manual scanning via individual users' cpanels.

    This also brings the question - in "Main >> Service Configuration >> Exim Configuration Editor" - what does "Attachments: Filter dangerous attachments" do exactly? It's not documented anywhere I can see... does this option have any impact on the operation of clamav?

    Thanks.
     
    #1 santrix, Feb 10, 2009
  2. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    68
    come on guys... this must be a simple yes or no - I still can't get a straight answer from googling about.
     
    #2 santrix, Feb 12, 2009
  3. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,750
    Likes Received:
    111
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    It interfaces with exim, though I'm just not sure if it automatically creates the necessary configuration lines in the exim.conf file when the clamav plugin is installed. I think it does, but I would not necessarily hold me to that.

    Send yourself a test message with the Eicar test string

    http://www.eicar.org/anti_virus_test_file.htm

    grep the exim_mainlog when you send this and see if it is reported:

    tail -f /var/log/exim_mainlog | grep virus
     
    #3 sparek-3, Feb 12, 2009
  4. britsenigma

    britsenigma Well-Known Member

    Joined:
    Dec 14, 2008
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    56
    I might be wronb, but I'm pretty sure you have to actively scan for a virus. So the user actives the scanner from the control panel.

    ASSP Deluxe uses ClamD as part of it's filtering process, so that's one way to do it, but it will cost you.
     
    #4 britsenigma, Feb 12, 2009
  5. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    68
    I have seen ASSP and am interested in knowing how good it is, in terms of stability, integration with cpanel/whm, and most importantly for me, if it is manageable by someone with intermediate linux skills?
     
    #5 santrix, Feb 12, 2009
  6. John W

    John W Member

    Joined:
    Aug 24, 2007
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    Orlando
    Well, for what it's worth I have less than intermediate skills and ASSP Deluxe has great instructions and it's worked amazingly well for me since Nov 07 and continues to improve. The cost seems well worth it to me.
     
    #6 John W, Feb 16, 2009
  7. chrishorgan

    chrishorgan Registered

    Joined:
    Mar 31, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    WA
    I'm trying to get Exim to work with ClamAV (clamd) too.

    Done the usual install - ran plugin in "Main >> cPanel >> Manage Plugins".
    Gone into WHM>>Plugins>>Configure ClamAW Scanner and checked all the boxes.

    A line is put in the exim.conf file...
    av_scanner = clamd:/var/clamd

    The scanner works when manually scanning.

    So you think you are safe - BUT NO!

    I've successfully sent the virus test file from one mail account to another undetected.

    So something else needs doing.

    Not sure what to do - but I'm looking at these leads...

    The Exim docs has some info on Clamd here...
    http://www.exim.org/exim-html-current/doc/html/spec_html/ch41.html

    Then there is the ClamAV plugin for Spamassassin
    http://wiki.apache.org/spamassassin/ClamAVPlugin

    I though CPanel comes with free virus scanning? Surely it can't be this hard.
     
    #7 chrishorgan, Mar 11, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - clamd does integrate
  1. marjwyatt

    Increase in clamd failures after manually updating

    marjwyatt, Sep 17, 2018, in forum: General Discussion
    Replies:
    18
    Views:
    140
    marjwyatt
    Sep 19, 2018 at 3:13 PM
  2. Rakaris Bakaris

    clamd takes around 100% CPU

    Rakaris Bakaris, Jul 3, 2018, in forum: E-mail Discussion
    Replies:
    1
    Views:
    248
    cPanelLauren
    Jul 4, 2018
  3. Aarson Adam

    SOLVED Clamd is down

    Aarson Adam, May 27, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    565
    cPanelMichael
    May 29, 2018
  4. rjsnyder

    The service “clamd” appears to be down.

    rjsnyder, Feb 27, 2018, in forum: General Discussion
    Replies:
    5
    Views:
    1,290
    cPanelMichael
    Mar 2, 2018
  5. Havri

    SOLVED clamd filling /tmp directory

    Havri, Jan 26, 2018, in forum: E-mail Discussion
    Replies:
    2
    Views:
    636
    Havri
    Jan 26, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice