October 24, 2014
 
 
RSSRSS feed

Feed Your Virus Worries to a Clam - page 3

Configuring Postfix To Use Amavisd-new

  • September 16, 2004
  • By Carla Schroder
Now open /etc/clamav/clamav.conf and /etc/amavis/amavisd.conf, and make sure lamav.conf:

## /etc/clamav/clamav.conf 
LocalSocket /var/run/clamav/clamd.ctl

##/etc/amavis/amavisd.conf
### http://www.clamav.net/
['Clam Antivirus-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
....

Now you must change the ownership of all directories that ClamAV uses to the "amavis" user. It won't work otherwise. If an amavis user and group were not created by the installer, create them now. In most installations, ClamAV creates these directories:

LogFile /var/log/clamav/clamav.log
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/lib/clamav/

Change ownership like this:

# chown -R amavis:amavis /var/log/clamav/

Be careful! Only change directories that belong only to ClamAV, don't do this with any shared directories. Now open /etc/clamav/freshclam.conf, and do the same with any other directories you find listed there.

Next, locate any files belonging to ClamAV in /etc/logrotate.d/:

/etc/logrotate.d/clamav-daemon
/etc/logrotate.d/clamav-freshclam

The filenames may vary a bit, depending on your Linux distribution. Inside the files, find this line:

create 640 clamav adm

change it to

create 640 clamav amavis

Save your changes, and restart both clamd and freshclam. On Debian:

# /etc/init.d/clamav-daemon reload
# /etc/init.d/clamav-freshclam reload

On Red Hat/Fedora:

# /etc/init.d/clamd reload
# /etc/init.d/freshclam reload

And you're done. Now you can start sending test messages and watching your logs.

You'll save yourself a lot of work if you install from packages, rather than sources. If you must install from sources, read all the documentation. You'll have to manually create all kinds of users and directories and init scripts.

The two ClamAV components of greatest interest are clamd, the scanning daemon, and freshclam, which automatically fetches virus definition updates. These are configured in /etc/clamav/clamav.conf, and /etc/clamav/freshclam.conf. The defaults should be fine, there really isn't much to tweak. Except you should find a different update mirror for freshclam.conf, at http://www.clamav.net/mirrors.html. Be kind -- don't use the default mirror.

Next Week

Next week, in Part 3, we'll go more in-depth into the role Postfix plays in all this, and look at how to test and monitor your nice new anti-spam, anti-virus gateway for effectiveness.

Resources

[Editor's Note: This article originally appeared on CrossNodes, a JupiterWeb site. -BKP]

Sitemap | Contact Us