LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-23-2008, 07:50 AM   #1
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Rep: Reputation: 15
Clamav/Postfix How to


Can anyone suggest a good how to setup Clamav on RedHat for postfix?

Regards
 
Old 09-23-2008, 08:04 AM   #2
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
I use clamav via amavisd-new. Follow one of the howtos here

http://www.postfix.org/docs.html

Probably not specifically what you want, but by the time you install amavisd-new and clamd, all setup is pretty straightforward except for calling amavisd-new which will be covered by the howtos above.
 
Old 09-24-2008, 04:32 AM   #3
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
I have installed clamd, amavisd-new.

I ran clamscan for local scan check. This works fine.

I ran freshclam to test virus definitions:

# freshclam
ClamAV update process started at Wed Sep 24 09:27:52 2008
main.cld is up to date (version: 48, sigs: 399264, f-level: 35, builder: sven)
Downloading daily-8323.cdiff [100%]
daily.cld updated (version: 8323, sigs: 35414, f-level: 35, builder: ccordes)
Database updated (434678 signatures) from db.gb.clamav.net (IP: 80.82.245.8)
WARNING: Clamd was NOT notified: Can't connect to clamd through /tmp/clamd.socket
connect(): No such file or directory


I checked the key perl modules to install. One of the ones installed is Compress::Zlib however on attempting to start amavisd service:

# service amavisd start
Starting Mail Virus Scanner (amavisd): ERROR: MISSING REQUIRED BASIC MODULES:
Compress::Zlib
BEGIN failed--compilation aborted at /usr/sbin/amavisd line 171.
[FAILED]


I have not changed anything in the amavisd.conf, freshclam.conf (except added db extension for country) or clamd.conf

Any ideas?
 
Old 09-24-2008, 04:56 AM   #4
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
How did you install these?

Have a look in amavisd.conf and decide on a suitable location for the socket. Amavisd's suggestion is /var/run/clamav/clamd.socket which is what I use. make sure you have the same setting in clamd.conf.

What version of Compress::Zlib is installed? You need >= 1.35
 
Old 09-24-2008, 05:28 AM   #5
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
I used up2date and that should have downloaded dependencies..
If I check webmin:

Module Submodules Description Version Installed on
Compress::Zlib 0 interface to zlib compression library 2.011 4/Jul/2008 09:51

Module name Compress::Zlib 2.011 Description Interface to zlib compression library
Installed on Fri Jul 4 09:51:21 2008 Module file /usr/lib/perl5/vendor_perl/5.8.5/Compress/Zlib.pm
Installed from RPM package perl-Compress-Zlib


Fetching Obsoletes list for channel: rhel-x86_64-es-4...

Fetching Obsoletes list for channel: dag...

Fetching rpm headers...

Name Version Rel
----------------------------------------------------------


The following packages you requested are already updated:
perl-Compress-Zlib


From OS:
rpm -qa perl-Compress-Zlib
perl-Compress-Zlib-2.011-1.el4.rf


I have checked physical location:

/usr/lib/perl5/vendor_perl/5.8.5/Compress/Zlib.pm

-r--r--r-- 1 root root 41477 May 16 23:47 Zlib.pm
drwxr-xr-x 2 root root 4096 Jul 4 09:51 .
drwxr-xr-x 24 root root 4096 Sep 23 15:15 ..

As you can see the dates don't match..I think zlib was installed previously

re socket:

amavisd.conf:

# ### http://www.clamav.net/
['ClamAV-clamd',
# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
\&ask_daemon, ["CONTSCAN {}\n", "LocalSocket /var/run/clamav/clamd.socket"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],


clamd.conf:

# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
#LocalSocket /tmp/clamd.socket
LocalSocket /var/run/clamav/clamd.socket

Last edited by i_nomad; 09-24-2008 at 05:40 AM.
 
Old 09-24-2008, 05:36 AM   #6
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
Is clamd running?

Did you comment out the "Example" line in freshclam.conf and clamd.conf?
 
Old 09-24-2008, 05:46 AM   #7
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
Clamd was not running..on starting

service clamd start
Starting Clam AntiVirus Daemon: ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket could not be bound: Permission denied
[FAILED]
[root@xxx /usr/lib/perl5/vendor_perl/5.8.5/Compress]# cd /var/run/clamav/
[root@xxx /var/run/clamav]# ls -lasrt
total 12
8 drwxr-xr-x 16 root root 4096 Sep 23 15:23 ..
4 drwxr-xr-x 2 amavis amavis 4096 Sep 24 08:34 .

Do I need to create the clamd.socket file??

Sorry, In clamd.con by example line you mean
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
-->###########LocalSocket /tmp/clamd.socket
LocalSocket /var/run/clamav/clamd.socket


and amavid.conf
# ### http://www.clamav.net/
['ClamAV-clamd',
-->#### \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
\&ask_daemon, ["CONTSCAN {}\n", "LocalSocket /var/run/clamav/clamd.socket"],
 
Old 09-24-2008, 05:50 AM   #8
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
I'd expect /var/run/clamav to be owned by clamav:clamav. Does this user:group combo exist?

No you don't create the socket - the process will.

There are lines in those two config that are literally the word "Example" that need to be commented out.
 
Old 09-24-2008, 05:59 AM   #9
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
I did refer to http://www.linux.com/feature/52506 in there the ownership for /var/run/clamav was set to amavis.

#id amavis
uid=205(amavis) gid=205(amavis) groups=205(amavis)
..both exist


Sorry you mean uncomment #Example
In clamd.conf
##
## Example config file for the Clam AV daemon
## Please read the clamd.conf(5) manual before editing this file.
##


# Comment or remove the line below.
-->uncomment??####Example

I dont see an "Example" line in amavisd.conf
 
Old 09-24-2008, 06:12 AM   #10
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
I changed ownership for clamd.log.
clamd service is now started..
The socket file is now showing..

ls -lart
total 16
drwxr-xr-x 16 root root 4096 Sep 23 15:23 ..
srwxrwxrwx 1 amavis amavis 0 Sep 24 11:11 clamd.socket
-rw-rw---- 1 amavis amavis 4 Sep 24 11:11 clamd.pid
drwxr-xr-x 2 amavis amavis 4096 Sep 24 11:11 .


Now back to original problem # service amavisd start
Starting Mail Virus Scanner (amavisd): ERROR: MISSING REQUIRED BASIC MODULES:
Compress::Zlib
BEGIN failed--compilation aborted at /usr/sbin/amavisd line 171.
[FAILED]

Last edited by i_nomad; 09-24-2008 at 06:13 AM.
 
Old 09-24-2008, 06:23 AM   #11
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
The othe "Example" was in freshclam.conf not amavisd.conf


Make sure you have the perl_Compress-Zlib rpm installed.
 
Old 09-24-2008, 06:56 AM   #12
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
perl_Compress-Zlib rpm is definitely installed. Do you think I should uninstall...I really dont want to as there are other dependencies including amavisd-new.
 
Old 09-24-2008, 07:12 AM   #13
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
You could do a nodeps uninstall, and also amavisd-new, then re-install both.
 
Old 09-24-2008, 08:42 AM   #14
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
I reinstalled and after a few changes the amavisd service has started.
I can telnet in on localhost 10024, 10025
I will test for the rest..
I have got the scanner working as per checking the logs but I still see a reference:

Sep 24 15:22:19 postfix/qmgr[23421]: warning: connect to transport smtp-amavis: No such file or directory

and mail delivery is v.v.low...30-60min

master.cf



amavisd-new unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes


127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
# -o smtpd_delay_reject=no
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
# -o smtpd_error_sleep_time=0
# -o smtpd_soft_error_limit=1001
# -o smtpd_hard_error_limit=1000
# -o smtpd_client_connection_count_limit=0
# -o smtpd_client_connection_rate_limit=0
# -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

Any suggestions

Last edited by i_nomad; 09-24-2008 at 10:46 AM.
 
Old 09-24-2008, 05:25 PM   #15
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
Ignore this
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to setup Mailscanner, ClamAV, Postfix, SpamAssassin (my notes) squintr Linux - Software 2 05-31-2012 02:10 PM
Help ... Postfix, Spamassassin, MailScanner, ClamAV installation guide adna Slackware - Installation 2 04-04-2008 06:02 AM
postfix + amavisd + clamav + spamassassin problem leiw Linux - Server 2 03-31-2008 06:38 AM
postfix+clamav inaki Linux - Security 1 07-31-2007 09:52 AM
postfix+clamav problem eduac Linux - Software 1 08-03-2006 11:11 AM


All times are GMT -5. The time now is 02:53 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration