Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Arby Edi on August 28, 2002, 05:07:32 AM
-
Has anyone used or have any recommendations on what to do with this package? insluding installing?
I'm assuming just download into a dir and install.
Any help or thoughts would be greatly appreciated.
-
Arby Edi wrote:
>
> Has anyone used or have any recommendations on what to do
> with this package? insluding installing?
>
> I'm assuming just download into a dir and install.
>
> Any help or thoughts would be greatly appreciated.
You need to compile the program, so you'll need a compiler....
I've actually packaged up clam antivirus itself, and have written the necessary e-smith/sme related parts but haven't packaged those yet unfortunately.
I'll have a search for where I've stuck it tomorrow and make it available if your keen.
--
Damien
-
Damien, that would be greatly appreciated. I've already installed all the compiling needs, so i'll await your kindness. when you say you have written the necessary e-smith/sme related parts, what exactly do you mean? As you can tell I'm a bit new, sorry.
-
Arby Edi wrote:
>
> Damien, that would be greatly appreciated. I've already
> installed all the compiling needs, so i'll await your
> kindness. when you say you have written the necessary
> e-smith/sme related parts, what exactly do you mean? As you
> can tell I'm a bit new, sorry.
Ah if you've already installed the compilation tools your fine then, I was just going to give you a pre-packaged rpm of the binaries so you could avoid that, if anyone needs clamav for redhat/sme its available packaged from here: http://www.pagefault.org/misc
The sme/e-smith related parts referred to the correct cron entries to fit into the template system, at the moment I have included sample cron entries in the above, but as I installed clamav at a bunch of non-profit orgs I also made standard template fragments etc. to call freshclam and also to run the scanner when scheduled, emailing the results to admin.
None of that's really need as you obviously know what your doing, but most sme/e-smith users I've run into aren't comfortable manually running cmds.
--
Damien
-
Hey Damien,
I also installed the RPM for CLAMAV, but can not find the documentation. The website says see the PDF files, but can not locate them.
-
the3dman wrote:
>
> Hey Damien,
> I also installed the RPM for CLAMAV, but can not find the
> documentation. The website says see the PDF files, but can
> not locate them.
Try:
/usr/share/doc/clamav-0.23/clamdoc.pdf
/usr/share/doc/clamav-0.23/clamdoc.ps
or the clam antivirus website
--
Damien
-
Rpm install went great.
Now all we need is some way of hooking it into qmail and squid to scan messages and proxy traffic.
Anyone fancy doing a howto ?
-
I have had Clam installed on my Server since Aug 5th (hand rolled), however I have not seen an updated anti virus database since then. Is it still live?
-
>Now all we need is some way of hooking it into qmail and squid to scan messages and proxy traffic.
Geoff,
Did you happen to figure uot a qmail hook? I'm using 5.1.2 by the way.
-
HELP!!!
Ok here's waht I did and what I'm hoping someone can help me with. I read the manual but of course I'm lost..sort of.
- went to /var/log/clamav/ and touched, chmod and did freshclam.
q: how do I add this to a cron job (I may be able to get this from other posts)
q: I plan on scanning everything under /home/e-smith/files/users and /home/e-smtih/files/ibays .... can I just do a scanclam -r ???
Will this fix the file? How do I get it to email me whats infected?
Will it search emails in the inboxs of users?
I see it works with qmail-scanner....has anybody tried making this work for incoming mail?
-
Geoff Bennion wrote:
>
> Rpm install went great.
>
> Now all we need is some way of hooking it into qmail and
> squid to scan messages and proxy traffic.
>
> Anyone fancy doing a howto ?
Ok I did one for hooking into qmail:
http://www.pagefault.org/e-smith/howto/amavis_clam.html
squid is a little different. Theres an interesting patch for squid called squid-vscan which uses scannerdaemon to scan traffic. Scannerdaemon is java based though.
--
Damien
-
Hi Damien,
I was just looking at your site with regards to AMAVIS. Your instructions pertain to mailfront (which I take means you're working on SME 5.5). I may be wrong, but doesn't SME 5.1.2 use obtuse instead ? If it does, do you have instructions for obtuse instead of mailfront ?
TIA !
Kelvin
-
Kelvin wrote:
>
> Hi Damien,
>
> I was just looking at your site with regards to AMAVIS. Your
> instructions pertain to mailfront (which I take means you're
> working on SME 5.5). I may be wrong, but doesn't SME 5.1.2
> use obtuse instead ? If it does, do you have instructions for
> obtuse instead of mailfront ?
Yes it does, but thats ok as I only have a 5.5 server handy myelf.
Quickest way for 5.1.2 I think would be:
mv /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue.orig
ln /usr/sbin/qmail-queue.amavis /var/qmail/bin/qmail-queue
In /etc/amavis/amavis.conf change:
qmail-queue = /var/qmail/bin/qmail-queue
to
qmail-queue = /var/qmail/bin/qmail-queue.orig
This would fill in the step where you set the filter parameter in the howto...
1st make sure that amavis runs ok on 5.1.2 before running the above, running /usr/sbin/qmail-queue.amavis will tell you if anythings a miss. Same with clamav, try a normal scan.
The other thing people should do is if theyre running clamav from a cronjob they should add --exclude /var/spoll/amavis to the command line to avoid triggering clam on the quarantined files from amavis.
--
Damien
-
Damien
I've been working on this, only got as far as the Clam install (I had your earlier package installed and working with my owen crontab entries). I can't see where the Crontab entries for the scan or the update resides.
I can see the "samples", but there does not seem to be any reference to them in the /etc/e-smith/templates-custom/etc/crontab/.
Please could you point me in the right direction?
Thanks
Brian
-
Hi Damien,
Running qmail-queue.amavis produces an error :-
Can't locate AMAVIS.pm in @INC (@INC contains: /usr/lib/perl5/5.6.0/i386-linux /usr/lib/perl5/5.6.0 /usr/lib/perl5/site_perl/5.6.0/i386-linux /usr/lib/perl5/site_perl/5.6.0 /usr/lib/perl5/site_perl .) at /usr/sbin/qmail-queue.amavis line 5.
BEGIN failed--compilation aborted at /usr/sbin/qmail-queue.amavis line 5.
Any ideas ?
Kelvin
-
I need a little help. I had this running fine on my test box... but when I installed on my production server, I now get an error when the "clamscan" program runs.
It tells me:
ERROR: Too short pattern detected.
Any ideas about what this could mean, or where I can look to figure it out? I've looked through the Clamav list archives, but they don't seem to be searchable... so that was tedious.
Thanks for any ideas,
Abe
-
Think I figured out my problem. The Nov. 2, 2002 virus db seems be corrupted. At least mine was.
I copied the Oct. 31 db off of my test server, and it seems to be working.