Friday, October 25, 2013

Fedora 19 systemctl sendmail clamav milter


http://awbsworld.de/archives/125

http://serverfault.com/questions/513005/clamav-warning-no-clamd-server-appears-to-be-available/513006#513006
http://savs.hcc.edu.tw/~chuavv/articles/ClamAV-en.html
http://forums.fedoraforum.org/showthread.php?t=235160

Step 1: Install the necessary rpm packages

sudo yum install clamav-scanner clamav-server clamav-milter clamav-update

Step 2: Configure clamav

Edit /etc/freshclam.conf and remove or comment out the following line and adjust the 
values according to your needs : 


# Comment or remove the line below.
Example
Run freshclam to get an initial virus database.Edit " /etc/clamd.d/scan.conf " and remove or comment out the following line and again adjust the values according to your needs. The values for TCPSocket and TCPAddr need to be enabled.

Step 3: Enabled clamav and regular virus database updates via freshclam

Start the clamav scanner deamon with 
            systemctl start clamd@scan.service. 
Check if the service is running via 
            systemctl status clamd@scan.service. 

To permanently enabled the clamav scanner deamon at startup run 
            systemctl enable clamd@scan.service.

In /etc/mail/clamav-milter.conf:
I also added a line:

AddHeader Add
So it adds 'X-Virus-Status:' and 'X-Virus-Scanned:' headers to the e-mails (so I would know it was working)

And then tell sendmail to call clamav-milter by adding the 2 lines below:
INPUT_MAIL_FILTER(`clamav',`S=local:/var/run/clamav-milter/clamav-milter.socket,F=, T=S:4m;R:4m')
define(`ConfINPUT_MAIL_FILTERS', `clamav')

~ ~ ~ ~ ~ ~ ~ ~ ~ 
IMPORTANT : 

LocalSocket from " /etc/clamd./scan.conf " 

must be the same compared with 
ClamdSocket from " /etc/mail/clamav-milter.conf "

If the sockets are not the same , in /var/log/messages appears the error :

" clamav-milter : WARNING : No clamd server appears to be available "  

IF we leave "LocalSocketGroup virusgroup" and do not set "LocalSocketGroup clamscan" 

in "/etc/clamd./scan.conf" 
in the logs will appear something like this : 
<< 
 TCP: Bound to address 127.0.0.1 on port 3310
 clamd : TCP: Setting connection queue length to 200
 clamd : LOCAL: Unix socket file /var/run/clamd.scan/clamd.sock
 clamd : LOCAL: Setting connection queue length to 200
 clamd : Unknown group virusgroup
 clamd : Socket file removed.
 clamd : ERROR: Unknown group virusgroup
 clamd : Socket file removed.
 systemd : clamd@scan.service: main process exited, code=exited, status=1/FAILURE
 systemd : Unit clamd@scan.service entered failed state.
>> 

~ ~ ~ ~ ~ ~ ~ ~ ~ 


/etc/clamd./scan.conf 

# Comment or remove the line below.
# Example
LogFile /var/log/clamd.scan
PidFile /var/run/clamd.scan/clamd.pid
LocalSocket /var/run/clamd.scan/clamd.sock
LocalSocketGroup clamscan
TCPSocket 3310
TCPAddr 127.0.0.1

~ ~ ~ 


/etc/mail/clamav-milter.conf 

# Comment or remove the line below.
#Example
MilterSocket /var/run/clamav-milter/clamav-milter.socket
MilterSocket inet:7357
#ClamdSocket tcp:localhost:3310
ClamdSocket unix:/var/run/clamd.scan/clamd.sock
AddHeader Add


~ ~ ~ 


# rpm -qa | grep clam

clamav-update-0.98-2.fc19.x86_64
clamav-server-systemd-0.98-2.fc19.noarch
clamav-server-0.98-2.fc19.x86_64
claws-mail-plugins-clamd-3.9.2-7.fc19.x86_64
clamav-milter-0.98-2.fc19.x86_64
clamav-scanner-0.98-2.fc19.noarch
clamav-lib-0.98-2.fc19.x86_64
clamav-filesystem-0.98-2.fc19.noarch
clamtk-4.45-1.fc19.noarch
clamav-0.98-2.fc19.x86_64
clamav-milter-systemd-0.98-2.fc19.noarch
clamav-data-empty-0.98-2.fc19.noarch
clamav-scanner-systemd-0.98-2.fc19.noarch

# uname -a

Linux 3.11.6-200.fc19.x86_64 #1 SMP Fri Oct 18 22:34:18 UTC 2013 x86_64 GNU/Linux
# cat /etc/fedora-release 
Fedora release 19 (Schrödinger’s Cat)


if there's no log file ( /var/log/clamd.scan ) or it has owner and group root 
instead of clamscan , then ~ in the logs will appear something like this : 

Feb  6 21:50:30 abxrds systemd[1]: Starting Generic clamav scanner daemon...
Feb  6 21:50:30 abxrds systemd[1]: Started Generic clamav scanner daemon.
Feb  6 21:50:30 abxrds clamd[20802]: ERROR: Can't initialize the internal logger
Feb  6 21:50:30 abxrds clamd[20802]: ERROR: Can't open /var/log/clamd.scan in append mode (check permissions!).
Feb  6 21:50:30 abxrds systemd[1]: clamd@scan.service: main process exited, code=exited, status=1/FAILURE
Feb  6 21:50:30 abxrds systemd[1]: Unit clamd@scan.service entered failed state.
Feb  6 21:50:30 abxrds systemd[1]: clamd@scan.service holdoff time over, scheduling restart.
Feb  6 21:50:30 abxrds systemd[1]: Stopping Generic clamav scanner daemon...
Feb  6 21:50:30 abxrds systemd[1]: Starting Generic clamav scanner daemon...
Feb  6 21:50:30 abxrds systemd[1]: clamd@scan.service start request repeated too quickly, refusing to start.
Feb  6 21:50:30 abxrds systemd[1]: Failed to start Generic clamav scanner daemon.
Feb  6 21:50:30 abxrds systemd[1]: Unit clamd@scan.service entered failed state.

1 comment:

  1. "Book cheap flight tickets in India
    through Indian Airline and save upto rs. 2500. Call us at: +919870400143"

    ReplyDelete