Is it possible to have Clamav Plugin with email scanning disabled?

Status
Not open for further replies.

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
40
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
Just to clarify, you do have WHM > Exim Configuration Manager > Scan messages from authenticated senders (exiscan) set to Off, right?

The option for virus scanner in cPanel accounts isn't configurable for what it allows to restrict mail scanning for customers there. You could simply deselect Virus Scanner in WHM > Packages > Feature Manager area so that customers don't have the option themselves in their feature list. You could then instead cron run the scan and only include the type of scan you want to perform.

Something like the following might be good:

Code:
clamscan -ir --copy=/root/claminfected --scan-mail=no /home
You'd need to create /root/claminfected and then chown to clamav:clamav user:

Code:
mkdir /root/claminfected
chown clamav:clamav /root/claminfected
The above will recursively scan /home directory, print infected files and copy them into /root/claminfected and it does not remove the files. It also doesn't scan mail, so hopefully this means /home/username/mail folder files that are mail files won't be scanned.
 

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
I used this command but it's still scanning for emails

here is the output
Code:
/home/user/mail/userdomain.com/info/.spam/new/1345219529.H528014P10668.server.hostname.net,S=7305: Email.Trojan-371 FOUND
/home/user/mail/userdomain.com/info/.spam/new/1345219529.H528014P10668.server.hostname.net,S=7305: copied to '/root/claminfected/1345219529.H528014P10668.server.hostname.net,S=7305'
/home/user/mail/userdomain.com/info/.spam/new/1345083218.H499337P17808.server.hostname.net,S=7266: Email.Trojan-371 FOUND
/home/user/mail/userdomain.com/info/.spam/new/1345083218.H499337P17808.server.hostname.net,S=7266: copied to '/root/claminfected/1345083218.H499337P17808.server.hostname.net,S=7266'
 
Status
Not open for further replies.