ClamAV

繁體中文版

[ Current Release: 0.98.7 ]


2015/04/30

Version 0.98.7 rpm files for Fedora 21 available here .

Version 0.98.7 rpm files for CentOS-5.11 available here .


2015/02/05

Version 0.98.6 rpm files for Fedora 20 available here .

Version 0.98.6 rpm files for CentOS-5.11 available here .


2014/11/19

Version 0.98.5 rpm files for Fedora 20 available here .

Version 0.98.5 rpm files for CentOS-5.10 available here .


2014/06/17

Version 0.98.4 rpm files for Fedora 20 available here .

Version 0.98.4 rpm files for CentOS-5.10 available here .


2014/05/08

Version 0.98.3 rpm files for Fedora 20 available here .

Version 0.98.3 rpm files for CentOS-5.10 available here .


2014/01/16

Version 0.98.1 rpm files for Fedora 19 available here .

Version 0.98.1 rpm files for CentOS-5.10 available here .


2013/09/20

Version 0.98 rpm files for Fedora 19 available here .

Version 0.98 rpm files for CentOS-5.9 available here .


2011/06/17

If you have upgraded to Fedora 15 and are using the clamav rpm packages that I built, then clamav will not work anymore. In Fedora 15 the directory /run which is mounted in /var/run is now a virtual file system just like /proc. So when you turn off or reboot the computer, the directory /var/run/clamav disappears. But clamav requires this directory to place it's pid and sock files. So the problem.

To remedy this situation just create the file clamav.conf and the content is just 1 line:

d /var/run/clamav 0700 clamav clamav -

Place this file in the directory /etc/tmpfiles.d/

Reboot the computer and clamav will work without any problem.

Fedora 15 is now using systemd instead of the traditional SysVinit. Initscripts (unit files) are now placed in /lib/systemd/system/ instead of /etc/rc.d/init.d. I have rebuilt clamav-0.97.1 rpm packages using the systemd requirements.

You may download it here.

And, of course, the commands have changed. Below is the table of comparison:

systemd

SysVinit

systemctl start name.service service name start
stop name.service name stop
restart name.service name restart
status name.service name status
reload name.service name reload
try-restart name.service name condrestart
enable name.service chkconfig name on
disable name.service name off

For reference: http://fedoraproject.org/wiki/SysVinit_to_Systemd_Cheatsheet


I never thought I would be writing this how to install ClamAV article because installing ClamAV is really quite simple. But I decided just for the sake of completeness, (Total Email Solution: Sendmail + milter-greylist + ClamAV Anti-Virus + SpamAssassin), that I might as well write it now.

People might be asking why install an anti-virus program on a Linux server? After all, no virus has been written to attack Linux. It is, of course, well known that Microsoft Windows has been the sole target of virus attack for the last few years. The answer to this is: although the email server resides in Linux but the email users are, most probably, using Windows. So, just to protect your users from the harm caused by these virii, you might as well install an anti-virus program.

As I am using Fedora 14, I have built clamav packages and will be installing the ClamAV version for Fedora 14.

I have made these rpm packages available here. I also made CentOS rpm packages available here.

Since Fedora 14 supports ClamAV, you may, of course, use the rpm packages provided by Fedora 14. I build my own rpm packages because I find that the Fedora 14 maintainer for ClamAV is very slow in updating to the new version.

Note: If you are not using Fedora, you can download the binary packages for your distribution at http://www.clamav.net/download/packages

Install/Update

Fedora recommends using yum to install/update rpm packages. So to install/update from rpm files you should execute:

yum install rpmfile1 [rpmfile2] [...]
yum update rpmfile1 [rpmfile2] [...]

Because Fedora now supports ClamAV, and if you want to install/update ClamAV rpm packages I provide, you must exclude clamav from the repos: add a line "exclude=clamav*" in /etc/yum.repos.d/fedora.repo and /etc/yum.repos.d/fedora-updates.repo.

To install, execute:

yum install --nogpgcheck clamav-server-0.97.1-3.i686.rpm clamav-0.97.1-3.i686.rpm clamav-milter-0.97.1-3.i686.rpm

To update, execute:

yum update --nogpgcheck clamav-server-0.97.1-3.i686.rpm clamav-0.97.1-3.i686.rpm clamav-milter-0.97.1-3.i686.rpm

Note: I have merged clamav-devel package to clamav package. (2010/04/02 clamav-0.96).

Configuration files:

/etc/clamd.conf
/etc/freshclam.conf
/etc/clamav-milter.conf

There is really no need to tinker with these configuration files as the default configurations are ready to go without any problem, unless, of course, you have some special requirements.

Now, we can start clamav-milter, clamd and freshclam:

chkconfig   clamav-milter   on
chkconfig   clamd   on
chkconfig   freshclam   on
service   clamav-milter   start
service   clamd   start
service   freshclam   start

Since we are using a milter (clamav-milter), we have to tell sendmail to call the milter to process mail. We do this by editing /etc/mail/sendmail.mc.

First set the milter environment. Add the following lines right after OSTYPE(`linux')dnl

define(`confMILTER_MACROS_CONNECT', `H, j, _, {daemon_name}, {daemon_port}, {if_name}, {if_addr}, {client_addr}')
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')
define(`confMILTER_MACROS_ENVFROM', `i, {auth_type}, {auth_authen}, {auth_ssf}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}, {rcpt_addr}')
define(`confMILTER_MACROS_EOM', `{msg_id},?{mail_addr}, {rcpt_addr}, i')
define(`confMILTER_MACROS_ENVRCPT', `{rcpt_mailer}, {rcpt_host}, {rcpt_addr}')

And then tell sendmail to call clamav-milter by adding the 2 lines below:

INPUT_MAIL_FILTER(`clamav-milter',`S=local:/var/run/clamav/clamav-milter.sock,F=, T=S:4m;R:4m')
define(`ConfINPUT_MAIL_FILTERS', `clamav-milter')

Note that if you are also using milter-greylist, put the configuration of milter-greylist before that of clamav-milter. This ensures that when an email arrives, Sendmail will call milter-greylist first and then clamav-milter. The whole configuration should be:

INPUT_MAIL_FILTER(`greylist',`S=local:/var/run/milter-greylist/milter-greylist.sock')
define(`ConfINPUT_MAIL_FILTERS', `greylist')
INPUT_MAIL_FILTER(`clamav-milter',`S=local:/var/run/clamav/clamav-milter.sock,F=, T=S:4m;R:4m')
define(`ConfINPUT_MAIL_FILTERS', `clamav-milter')

Recreate sendmail.cf and restart sendmail:

m4   /etc/mail/sendmail.mc   >   /etc/mail/sendmail.cf
service   sendmail   restart

Now your users can enjoy virus-free emails.

Fr. Visminlu Vicente L. Chua, S.J.
2005/03/23
Updated: 2014/11/19