Filtering away viri with clamav and amavis


Copyright 2002, 2003, 2004 Andy Barclay
OpenContent License (OPL)

Build Clamav

Create a user and group called clamav

Download, extract, and install clamav-0.80.tar.gz
$ ./configure --prefix=/home/clamav
$ make
#$ make install

Quick way - as a procmail filter

Download clamscan-procfilter.pl to /home/clamav/scripts Edit it to change the location of CLAMSCAN and FORMAIL as required.

Edit either /etc/procmailrc or $HOME/.procmailrc

------
# Use clamav to find viruses
:0fw:
| /home/clamav/scripts/clamscan-procfilter.pl

:0fw:
* ^X-CLAMAV
| /usr/local/bin/formail -i "Subject: [CLAMAV VIRUS ALERT]"

:0
* ^Subject: \[CLAMAV VIRUS ALERT\]
$HOME/spam
------

Edit the config files /home/clamav/etc/clamd.conf and /home/clamav/etc/freshclam.conf and remove the "Example" line.

Update the virus database:
$ /home/clamav/clamav/bin/freshclam
Setup a cron script to update the virus definitions regularly

---
6 4 * * * /home/clamav/clamav/bin/freshclam >/dev/null 2>&1
---

Create the start script, /etc/init.d/antivirus, to start the clamd daemon as the clamav user
Ensure that the startscript fires at system start and make sure it runs prior to your MTA.

Start the daemon
# /etc/init.d/antivirus start

Send a test virus to the account (available from eicar.org)

It should get sent to the spam folder....