ClamAV (cache) is an open source virus scanner. It doesn't know about millions of virii like the commercial antivirus apps, but usually gets most of the currently active malware. The database is constantly updated, though.
I get a new snapshot from time to time.
For SendMail integration, I use the SmtpVilter milter plugin.
ClamAV is installed to /data/clamav, where it runs in a chroot environment - see ChrootSetup for general information.
> ./configure --prefix /data/clamav
> make
> make install
ClamAV is run in the chroot via
> chroot -g clamav -u clamav /data/clamav /sbin/clamd \
--config-file /etc/clamav.conf
freshclam has problems running in a chroot jail, so it's just executed under the clamd user.
As the snapshot versions of freshclam have some problem on my system I didn't debug yet (very high CPU usage, needs ages to update the CVD files, if at all), I use an old version that doesn't need freshclam.conf yet:
> cd /data/clamav
> su clamav -c bin/freshclam
This is my clamav.conf, which doesn't really have anything special (just don't forget setting "scanmail").
I get a new snapshot from time to time.
For SendMail integration, I use the SmtpVilter milter plugin.
ClamAV is installed to /data/clamav, where it runs in a chroot environment - see ChrootSetup for general information.
> ./configure --prefix /data/clamav
> make
> make install
ClamAV is run in the chroot via
> chroot -g clamav -u clamav /data/clamav /sbin/clamd \
--config-file /etc/clamav.conf
freshclam has problems running in a chroot jail, so it's just executed under the clamd user.
As the snapshot versions of freshclam have some problem on my system I didn't debug yet (very high CPU usage, needs ages to update the CVD files, if at all), I use an old version that doesn't need freshclam.conf yet:
> cd /data/clamav
> su clamav -c bin/freshclam
This is my clamav.conf, which doesn't really have anything special (just don't forget setting "scanmail").