Who is Chirpy? ConfigServer Services
cPanel Server Services from Way to The Web Ltd		  
Home Site Blog Services Support Terms & Conditions Privacy Policy Contact Us
cPanel Server Services
cPanel MailScanner Service
Server Recovery Service
Anti-Spammer/Exploit Service
General Server Management
Services FAQ
cPanel MailScanner Front-End
 
ConfigServer Scripts Forum
ConfigServer Firewall
ConfigServer Explorer
ConfigServer Mail Queues
ConfigServer Mail Manage
 
Why you should use :fail:
Searching for Spammers
Latest Vulns & Viruses
 
Free MailScanner Installer
Free Exim Dictionary Attack ACL
Free ClamAV install for MS
Upgrading MS and ClamAV
Rvskin MS integration
 
Way to the Web Limited

Installing ClamAV with MailScanner

Installing ClamAV is fairly straightforward*. These instructions will configure ClamAV to use the clamd daemon which is more efficient than running clamav alone.**

  • Make sure clamavconnector is NOT installed in WHM > Manage Plugins.

  • If you would like to verify ClamAV's digital signatures on the virus definition files as they are updated through freshclam, you need to install GMP first:
    /scripts/ensurerpm gmp gmp-devel

  • Next you will need to create a user for clamav to use:
    useradd clamav
    Some OS's require you to add the group as well:
    groupadd clamav
    Don't worry if the user and/or group already exist.

  • Download the latest stable ClamAV distribution from http://www.clamav.net
    Note: If you are running Fedora Core 4 or earlier, you cannot install any version of ClamAV later than 0.91.2 because of a broken gcc.

  • Expand the distribution and cd into the resultant directory and build ClamAV using:
    tar -xzf clamav-*
    cd clamav*
    ./configure --disable-zlib-vcheck
    make
    make install

  • pico -w /usr/local/etc/freshclam.conf
    Comment out the line (put a # as the first character on the line) near the top that says simply:
    Example

  • pico -w /usr/local/etc/clamd.conf
    Comment out the line (put a # as the first character on the line) near the top that says simply:
    Example

  • pico -w /usr/local/etc/clamd.conf
    Change the following line:
    LocalSocket /tmp/clamd.socket
    to this:
    LocalSocket /tmp/clamd

  • Run ldconfig to create the necessary links and cache to most recent shared libraries
    ldconfig

  • Run freshclam to download the latest definitions:
    freshclam

  • Set up the clamd init file and service:
    /bin/cp -fv contrib/init/RedHat/clamd /etc/init.d/clamd
    chown root:root /etc/init.d/clamd
    chmod +x /etc/init.d/clamd
    chkconfig clamd on
    service clamd restart

  • pico -w /etc/chkserv.d/clamav
    Add the following line:
    service[clamav]=x,x,x,service clamd restart,clamd,root
  • Create an empty log file for clamav updates:
    touch /var/log/clam-update.log
    chown clamav:clamav /var/log/clam-update.log
  • Add clamav to chkservd so that it will be monitored:
    pico -w /etc/chkserv.d/chkservd.conf
    clamav:1

  • At this point you can setup clamd in the MailScanner configuration:
    pico -w /usr/mailscanner/etc/MailScanner.conf
    Virus Scanners = clamd

  • Then restart MailScanner with:
    service MailScanner restart

  • You can now set what domains you want scanned for viruses in:
    /usr/mailscanner/etc/rules/virus.scanning.rules
    or in the WHM MailScanner Front-End if you have purchased it.

That's it. If you don't feel confident doing any of this yourself, or if you get into a horrible mess, we offer a cheap package to do it all for you, and more, over here.

*Remember that adding virus scanning of emails to MailScanner will add load to your server.

**If you want to use the Mail::ClamAV perl module, follow the instructions above and then follow the steps in this FAQ. Do note that Mail::ClamAV is not always updated when ClamAV is updated and there can be compatibility issues which can actually break MailScanner. (This is the primary reason we switched to using clamd rather than clamavmodule.)

©1998-2007, Way to the Web Limited
ConfigServer, Way to the Web, WebUMake and WebUMake Hosting are trademarks of Way to the Web Limited