Dodajemy usera i grupę clamav:
pw group add clamav -g 106
pw user add clamav -c “ClamAVUser” -d “/nonexistent” -s “/sbin/nologin” -u 106 -g 106
Sciagamy źrodła, rozpakowujemy, configure+opcje (np. –prefix=/usr/local, generalnie polecam odpalic z –help), make, make install
Tworzymy katalog na sygnatury i ustawiamy prawa:
mkdir -p /var/lib/clamav
chown clamav:clamav /var/lib/clamav
Dostosowujemy zawartość plików /usr/local/etc/clamd.conf i /usr/local/etc/freshclam.conf, odpalamy z reki + dopisujemy do skryptów startowych.
Uruchamiam calość:
/usr/local/bin/freshclam –config-file=/usr/local/etc/freshclam.conf -d
/usr/local/sbin/clamd -c /usr/local/etc/clamd.conf
Ściągamy clamsmtpd,
http://memberwebs.com/stef/software/clamsmtp/clamsmtp-1.10.tar.gz
./configure –prefix=/usr/local
make
make install
Edytujemy /usr/local/etc/clamsmtpd.conf
/usr/local/sbin/clamsmtpd -f /usr/local/etc/clamsmtpd.conf -p /var/run/clamav/clamsmtpd.pid
Zmieniamy main.conf i master.cf, restartujemy postfix’a
Pliki konfiguracyjne postfix’a, clamd, clamsmtpd i freshclam’a:
W main.cf na końcu dodajemy linijkę:
content_filter = scan:[127.0.0.1]:10025
Zawartość master.cf:
smtp inet n – n – – smtpd
scan unix – – n – 16 smtp
-o smtp_send_xforward_command=yes
-o smtp_enforce_tls=no
127.0.0.1:10026 inet n – n – 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8pickup fifo n – n 60 1 pickup
cleanup unix n – n – 0 cleanup
qmgr fifo n – n 300 1 qmgr
tlsmgr unix – – n 1000? 1 tlsmgr
rewrite unix – – n – – trivial-rewrite
bounce unix – – n – 0 bounce
defer unix – – n – 0 bounce
trace unix – – n – 0 bounce
verify unix – – n – 1 verify
flush unix n – n 1000? 0 flush
proxymap unix – – n – – proxymap
proxywrite unix – – n – 1 proxymap
smtp unix – – n – – smtp
relay unix – – n – – smtp
-o smtp_fallback_relay=
showq unix n – n – – showq
error unix – – n – – error
retry unix – – n – – error
discard unix – – n – – discard
local unix – n n – – local
virtual unix – n n – – virtual
lmtp unix – – n – – lmtp
anvil unix – – n – 1 anvil
scache unix – – n – 1 scache
Zawartość clamd.conf:
LogSyslog yes
LogFacility LOG_MAIL
LogVerbose yes
PidFile /var/run/clamav/clamd.pid
TemporaryDirectory /tmp
DatabaseDirectory /var/db/clamav
LocalSocket /tmp/clamd.socket
FixStaleSocket yes
User clamav
ScanMail yes
Zawartość clamsmtpd.conf:
OutAddress: 10026
MaxConnections: 64
ClamAddress: /tmp/clamd.socket
Header: X-Virus-Scanned: AV Scaner 0.9
TempDirectory: /var/db/clamav/viruses
Action: drop
Quarantine: on
User: clamav
Zawartość freshclam.conf:
DatabaseDirectory /var/db/clamav
LogVerbose yes
LogSyslog yes
LogFacility LOG_MAIL
PidFile /var/run/clamav/freshclam.pid
DatabaseOwner clamav
AllowSupplementaryGroups yes
DatabaseMirror database.clamav.net
MaxAttempts 5
ScriptedUpdates yes
Checks 24
NotifyClamd /usr/local/etc/clamd.conf
