The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is it possible to have Clamav Plugin with email scanning disabled?

Discussion in 'E-mail Discussions' started by albatroz, Sep 5, 2012.

Thread Status:
Not open for further replies.
  1. albatroz

    albatroz Well-Known Member

    Joined:
    Mar 6, 2003
    Messages:
    258
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Virtual Orbis / Peru
    cPanel Access Level:
    Root Administrator
    Hello,
    I managed to install the Clamav plugin for WHM/CPanel, however I would like to disable the email scanning
    as I only want to use it for scanning customers files because it is usually a memory hog.
     
  2. albatroz

    albatroz Well-Known Member

    Joined:
    Mar 6, 2003
    Messages:
    258
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Virtual Orbis / Peru
    cPanel Access Level:
    Root Administrator
    I am inside this option Main >> Service Configuration >> Exim Configuration Manager
    and found the following line:
    av_scanner = clamd:/var/clamd

    I wonder if it is safe to change it for
    av_scanner =
     
    #2 albatroz, Sep 5, 2012
    Last edited: Sep 5, 2012
  3. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Just to clarify, you do have WHM > Exim Configuration Manager > Scan messages from authenticated senders (exiscan) set to Off, right?

    The option for virus scanner in cPanel accounts isn't configurable for what it allows to restrict mail scanning for customers there. You could simply deselect Virus Scanner in WHM > Packages > Feature Manager area so that customers don't have the option themselves in their feature list. You could then instead cron run the scan and only include the type of scan you want to perform.

    Something like the following might be good:

    Code:
    clamscan -ir --copy=/root/claminfected --scan-mail=no /home
    You'd need to create /root/claminfected and then chown to clamav:clamav user:

    Code:
    mkdir /root/claminfected
    chown clamav:clamav /root/claminfected
    The above will recursively scan /home directory, print infected files and copy them into /root/claminfected and it does not remove the files. It also doesn't scan mail, so hopefully this means /home/username/mail folder files that are mail files won't be scanned.
     
  4. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    I used this command but it's still scanning for emails

    here is the output
    Code:
    /home/user/mail/userdomain.com/info/.spam/new/1345219529.H528014P10668.server.hostname.net,S=7305: Email.Trojan-371 FOUND
    /home/user/mail/userdomain.com/info/.spam/new/1345219529.H528014P10668.server.hostname.net,S=7305: copied to '/root/claminfected/1345219529.H528014P10668.server.hostname.net,S=7305'
    /home/user/mail/userdomain.com/info/.spam/new/1345083218.H499337P17808.server.hostname.net,S=7266: Email.Trojan-371 FOUND
    /home/user/mail/userdomain.com/info/.spam/new/1345083218.H499337P17808.server.hostname.net,S=7266: copied to '/root/claminfected/1345083218.H499337P17808.server.hostname.net,S=7266'
     
Loading...
Thread Status:
Not open for further replies.

Share This Page