ClamAV (0.98)

From Hexwiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Most ClamAV configuration is done simply through dpkg-reconfigure in Debian. Your distribution may differ.

Freshclam config

dpkg-reconfigure clamav-freshclam
  • Checks 60
  • /etc/clamav/freshclam.conf
    • Comment out the standard logfile, turn on syslog
    • SafeBrowsing yes

Milter config

dpkg-reconfigure clamav-milter
  • add postfix to groups
  • make postfix group owner of the socket as well
  • creation mode 660
  • exclude 'local'
  • I set it to accept infected messages currently, mostly so I could inspect one if it ever got sent and flagged.
  • Disable logfile, use syslog
  • Log full info on detecting infected files
  • Set the maximum size suitably large - 512 mb or so (postfix will handle size limits)
  • Enable multiple recipient support.

Daemon config

dpkg-reconfigure clamav-base
  • Socket creation mode: 660
  • 512mb stream limit (whatever you set the max file size to above)
  • Use system logger, disable logfile
Debian Wheezy
Initial: Designing a Server - IPMI Installation

Core: Network - OpenSSH - Packages - sysctl.conf - Iptables - Security - User Management

Stack: Unbound - MySQL - Nginx - PHP (5.4)

Mail

Mail Setup - Mail Tables - OpenDKIM - Mail and DNS - Spamassassin - ClamAV - Postfix - Dovecot - Reputation Management

Logs and Security: Logging - Logcheck - Backups - AppArmor
Retrieved from "http://hexwiki.com/w/index.php?title=ClamAV_(0.98)&oldid=101"