The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to install 'ClamAVG mail scanner' ?

Discussion in 'E-mail Discussions' started by billau, Jul 31, 2004.

  1. billau

    billau Well-Known Member

    Dec 24, 2003
    Likes Received:
    Trophy Points:
    Brisbane, Australia
    How to install 'ClamAVG mail scanner' for cpanel ::

    Here are the steps i have listed to install 'ClamAVG' mail scanner in exim sever ::

    1 --> Go to and find out 'mailscanner-autoinstall-x.xx.tar.gz' there.

    2 --> Download the tar ball inside your ' /usr/src/ ' directory and untar it ::

    [/usr/src/] # tar zxvf mailscanner-autoinstall-x.xx.tar.gz

    [/usr/src/] # cd mailscanner-autoinstall

    [/usr/src/mailscanner-autoinstall-x.xx] #

    (Then install your mail scanner using the 'install' script)

    [/usr/src/mailscanner-autoinstall-x.xx] # ./install

    (This will install your clamAVG tar ball inside the existing directory)

    Then after that ::

    [/usr/src/mailscanner-autoinstall-x.xx] # cd clamav-x.xx

    [/usr/src/mailscanner-autoinstall-x.xx/clamav-x.xx] #./configure

    [/usr/src/mailscanner-autoinstall-x.xx/clamav-x.xx] # make all

    [/usr/src/mailscanner-autoinstall-x.xx/clamav-x.xx] # make install

    (Thats it!! you have now successfully installed 'ClamAVG' mail scanner for exim server, but after that you need to tweak some of the configuration settings to bind 'ClamAVG' mail scanner with exim deamon)

    Ok!! before configuring your exim mail scanner test wheather you have installed clamav correctly or not by doing this following ::

    Usually they have give some virues files inside the ::

    /usr/src/mailscanner-autoinstall-x.xx/clamav-x.xx/test/ dircrctory to test virues scanner so just use the command ::

    [/usr/src/mailscanner-autoinstall-x.xx/clamav-x.xx/test]# clamscan test1

    This should display the following lines ::

    test1: ClamAV-Test-Signature FOUND

    ----------- SCAN SUMMARY -----------
    Known viruses: 22551
    Scanned directories: 0
    Scanned files: 1
    Infected files: 1
    Data scanned: 0.00 Mb
    I/O buffer size: 131072 bytes
    Time: 1.077 sec (0 m 1 s)

    Ok!! that's fine now we need to configure '/etc/clamav.conf' file to run clamav with exim mail server ::

    So just edit that file ::

    vi /etc/clamav.conf

    Here is the conf file it should look like this::


    ## Example config file for the Clam AV daemon
    ## Please read the clamav.conf(5) manual before editing this file.

    # Comment or remove the line below.

    (NOTE that you need to remove this 'Example' word from your conf file)

    # Uncomment this option to enable logging.
    # LogFile must be writable for the user running the daemon.
    # Full path is required.

    LogFile /tmp/clamd.log (Uncommand this line)

    # By default the log file is locked for writing - the lock protects against
    # running clamd multiple times (if want to run another clamd, please
    # copy the configuration file, change the LogFile variable, and run
    # the daemon with --config-file option). That's why you shouldn't uncomment
    # this option.


    # Maximal size of the log file. Default is 1 Mb.
    # Value of 0 disables the limit.
    # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
    # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
    # in bytes just don't use modifiers.

    LogFileMaxSize 2M (Uncommand this line)

    # Log time with an each message.

    # Use system logger (can work together wit

    # Use system logger (can work together with LogFile).

    # Enable verbose logging.

    # This option allows you to save the process identifier of the listening
    # daemon (main thread).

    PidFile /var/run/ (Uncommand this line)

    # Path to a directory containing .db files.
    # Default is the hardcoded directory (mostly /usr/local/share/clamav,
    # it depends on installation options).

    DataDirectory /var/lib/clamav (Uncommand this line)

    # The daemon works in local or network mode. Currently the local mode is
    # recommended for security reasons.

    # Path to the local socket. The daemon doesn't change the mode of the
    # created file (portability reasons). You may want to create it in a directory
    # which is only accessible for a user running daemon.

    #LocalSocket /tmp/clamd (IMPORTANT COMMENT out this line)

    # TCP port address.

    TCPSocket 3310 (IMPORTANT UN-COMMENT this line)

    # Maximum length the queue of pending connections may grow to.

    Default is 15.

    MaxConnectionQueueLength 30

    # When activated, input stream (see STREAM command) will be saved to disk before
    # scanning - this allows scanning within archives.

    # Maximal depth the directories are scanned at.

    MaxDirectoryRecursion 15

    # Follow a directory symlinks.
    # SECURITY HINT: You should have enabled directory recursion limit to
    # avoid potential problems.


    # Follow regular file symlinks.

    # Do internal checks (eg. check the integrity of the database structures)
    # By default clamd checks itself every 3600 seconds (1 hour).
    SelfCheck 600

    # Run as selected user (clamd must be started by root).
    # By default it doesn't drop privileges.

    User clamav

    # Initialize the supplementary group access (for all groups in /etc/group
    # user is added in. clamd must be started by root).

    # Uncomment this option if you are planning to scan mail files.

    ScanMail (IMPORTANT uncomment this line to enable mail scanning support)

    ## Archive support

    # Comment this line to disable scanning of the archives.


    # Options below protect your system against Denial of Service attacks
    # with archive bombs.

    # Files in archives larger than this limit won't be scanned.
    # Value of 0 disables the limit.
    # WARNING: Due to the unrarlib implementation, whole files (one by one) in RAR
    # archives are decompressed to the memory. That's why never disable
    # this limit (but you may increase it of course!)

    ArchiveMaxFileSize 10M

    # Archives are scanned recursively - e.g. if Zip archive contains RAR file,
    # the RAR file will be decompressed, too (but only if recursion limit is set
    # at least to 1). With this option you may set t

    ## Clamuko settings
    ## WARNING: This is experimental software. It is very likely it will hang
    ## up your system !!!

    # Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.

    # Set access mask for Clamuko.

    # Set the include paths (all files in them will be scanned). You can have
    # multiple ClamukoIncludePath options, but each directory must be added
    # in a seperate option. All subdirectories are scanned, too.
    ClamukoIncludePath /home

    #ClamukoIncludePath /students

    # Set the exclude paths. All subdirectories are also excluded.

    #ClamukoExcludePath /home/guru

    # Limit the file size to be scanned (probably you don't want to scan your movie
    # files Wink)
    # Value of 0 disables the limit. 1 Mb should be fine.

    ClamukoMaxFileSize 1M

    # Enable archive support. It uses the limits from clamd section.
    # (This option doesn't depend on ScanArchive, you can have archive support
    # in clamd disabled).



    Now you have configured your clamavg deamon then restarted your exim service by ::

    service exim restart

    (You can see the clamav deamon with exim service)

    Shutting down clamd: [ OK ]
    Shutting down exim: [ OK ]
    Shutting down antirelayd: [ OK ]
    Shutting down spamd: [ OK ]
    Starting clamd: [ OK ]
    Starting exim: [ OK ]
    Starting exim-26: [ OK ]
    Starting exim-outgoing: [ OK ]
    Starting exim-smtps: [ OK ]
    Starting antirelayd: [ OK ]
    Starting spamd: [ OK ]
  2. chirpy

    chirpy Well-Known Member

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    This is a seriously bad way to do this. You don't point out that you're not just installing ClamAV (there's no G in it), but also an email scanning system that will cause conflicts with cPanel's SpamAssassin implementation.

    It also installs a non-supported version of ClamAV (v0.60) which no longer receives virus definition updates and is therefore woefully out of date.

    It also installs an extremely old version of MailScanner which could cause as many problems as it cures (including overloading your server).

    Can you please stop posting such drivel! Some of your HOWTO's are helpful, but there is a lot of miss-information here that is likely to lead many down the right path to seriously fucking up their servers!
  3. chirpy

    chirpy Well-Known Member

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    Ooh, new toys :)
  4. dgbaker

    dgbaker Well-Known Member

    Sep 20, 2002
    Likes Received:
    Trophy Points:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider

    My thought exactly!
  5. goodmove

    goodmove Well-Known Member

    May 12, 2003
    Likes Received:
    Trophy Points:
    The Mailscanner install file doesn't seem to be available in layer1 any longer.
  6. chirpy

    chirpy Well-Known Member

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess

Share This Page