blob: 209fb1cde157e2b28f84fbd724246149db62db84 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
The following steps will enable clamd malware scanning using exiscan ACLs.
It is important to follow them in sequence.
* Install security/clamav from the ports tree.
* Confirm that user clamav was added to the mail group in /etc/group.
* Confirm that /var/log/clamav and /var/run/clamav exist and are owned
by clamav:clamav.
* In Exim's configure file, set av_scanner=clamd:/var/run/clamav/clamd
* Adjust the exiscan ACLs in Exim's configure file. Make sure you use
the demime option with the malware check, e.g.:
deny message = This message contains malware ($malware_name)
demime = *
malware = *
* Edit clamav.conf as follows:
LogFile /var/log/clamav/clamd.log
PidFile /var/run/clamav/clamd.pid
LocalSocket /var/run/clamav/clamd
User clamav
AllowSupplementaryGroups
ScanArchive
ScanMail
You may wish to make other changes as well.
* Make sure clamd_enable="YES" has been added to /etc/rc.conf; this is
required by the clamav port's startup script,
%%RC_DIR%%/clamd%%RC_SUFX%% .
* Run freshclam.
* Add a cron job that runs freshclam --daemon-notify --quiet at least
once a day.
* Start clamd with %%RC_DIR%%/clamd%%RC_SUFX%% start .
* Start Exim with %%RC_DIR%%/exim%%RC_SUFX%% start .
Sheldon Hearn <sheldonh@FreeBSD.org>
|
