Home > English, Tech Crunch > Scanning mails from Exim4 through ClamAV on Debian Sarge

Scanning mails from Exim4 through ClamAV on Debian Sarge

This article was first written in November 2005 for the BeezNest technical
website (http://glasnost.beeznest.org/articles/299).

The following has been tested on Debian Sarge, but may work with later versions. Follow this procedure if you refused to split the Exim4 configuration as debconf proposes. If you did split it, it would be slightly different. You will need to have package exim4-daemon-heavy, as exim4-daemon-light does not ship with the required support for that feature.

  1. Add clamav user to group Debian-exim [1]
  2. Add AllowSupplementaryGroups option to /etc/clamav/clamd.conf (and restart service clamav-daemon)
  3. Create directory /var/spool/exim4/scan and make sure owner is Debian-exim:Debian-exim and is group-writable
  4. Add line av_scanner=’clamd:/var/run/clamav/clamd.ctl’ [2] to /etc/exim4/update-exim4.conf.conf
  5. Add the following code to /etc/exim4/exim4.conf.template in section related to 40_exim4-config_check_data:
   message = This message contains a virus: ($malware_name) please scan your system.
   demime = *
   malware = *

6. Then, run script update-exim4.conf as root and restart service exim4.See also this article: http://koivi.com/exim4-config/

[1adduser clamav Debian-exim

[2] if clamd is running locally, otherwise use for example av_scanner=’clamd: 3310′

Categories: English, Tech Crunch Tags: , , , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: