wmeyer said:
Login into WHM / Exim Configuration Editor, switch to Advanced Mode. In the first textarea
add;
av_scanner = clamd:/var/clamd
Then Scroll down to the begin acl section middle textarea, scroll to the bottm
and between (paste here)
check_message:
require verify = header_sender
(paste Here)
accept
Add the following
##
# Reject messages with serious MIME container errors
##
deny message = This message contains malformed MIME ($demime_reason).
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
##
# Reject messages attach attach a file with a CLSID in the name
# which causes Windows to hide the file extension.
##
deny message = Hiding of file extensions(CLSID hidden) is not allowed.
regex = ^(?i)Content-Disposition:
.*?)filename=\\s*"+((\{[a-hA-H0-9-]{25,}\})|((.*?)\\s{10,}(.*?)))"+\$##
# Reject messages attach illegal extension files
##
deny message = We do not accept ".$found_extension" attachments here. If you meant to send this file then please package it up as a zip file and resend it.
# You might need to remove some of these extensions if you want to allow your user get these files
demime = ade:adp:bas:bat:chm:cmd:com:cpl:crt:eml:exe:hlp:hta:inf:ins:isp:jse:lnk:mdb:mde:msc:msi:msp:pcd:pif:reg:scr:sct:shs:url:vbs:vbe:wsf:wsh:wsc
##
# Reject email contains Virus
##
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = */defer_ok
##
# Add X-Scanned Header
##
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
So it will look like this;
===============
#!!# ACL that is used after the DATA command
check_message:
require verify = header_sender
##
# Reject messages with serious MIME container errors
##
deny message = This message contains malformed MIME ($demime_reason).
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
##
# Reject messages attach attach a file with a CLSID in the name
# which causes Windows to hide the file extension.
##
deny message = Hiding of file extensions(CLSID hidden) is not allowed.
regex = ^(?i)Content-Disposition:
.*?)filename=\\s*"+((\{[a-hA-H0-9-]{25,}\})|((.*?)\\s{10,}(.*?)))"+\$##
# Reject messages attach illegal extension files
##
deny message = We do not accept ".$found_extension" attachments here. If you meant to send this file then please package it up as a zip file and resend it.
# You might need to remove some of these extensions if you want to allow your user get these files
demime = ade:adp:bas:bat:chm:cmd:com:cpl:crt:eml:exe:hlp:hta:inf:ins:isp:jse:lnk:mdb:mde:msc:msi:msp:pcd:pif:reg:scr:sct:shs:url:vbs:vbe:wsf:wsh:wsc
##
# Reject email contains Virus
##
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = */defer_ok
##
# Add X-Scanned Header
##
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
accept
Click save
Then from root, restart clamd
#killall clamd
#clamd
Now smtp will scan for virus.
Got this from rvskins and works great;
http://www.rvskin.com/index.php?page=public/antispam#3
Last edited:
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| L | Do I still require ClamAV plugins in WHM/cPanel when I already have it installed it in CentOS7? | Security | 2 | |
| D | ClamAV installed in different path | Security | 13 | |
| K | ClamAV installed cannot find clamscan | Security | 1 | |
| B | ClamAV Not Installed Properly | Security | 1 | |
| M | Pro + ClamAVConnector Installed - Now What? | Security | 0 |