Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 05-13-2006, 11:35 AM   #1
Registered: Oct 2005
Location: Bangladesh
Posts: 490

Rep: Reputation: 30
Cool clamav.rpm and clamsmtp problem

Friends ,

I have Installed "clamav-0.88.1-1.i386.rpm" package in my Redhat Enterprise Linux 4 and also it's dependable file.But when i am going to search "Clamav.conf" or "freshclam.conf" Then i can't get those file anywhere .But when i run " ps -ef|grep clamd" then it shows "clamd" is running . Now I have in littlebit doubt that i can't understand is my Clamav antivirus is working or not ?

My second problem is :

I have installed in my Linux machine Postfix , ClamAV.tar file and also install "clamsmtp" file . My postfix and clamav are working fine . But when i install "clamsmtp-1.6.tar" file then i can't found it's configuration file .

Neverthless, I make it's configuration file "clamsmtp.conf" "/usr/local/etc/clamsmtp.conf" . My conf. file is :
# - Comments are a line that starts with a #
# - All the options are found below with their defaults commented out

# The address to send scanned mail to.
# This option is required unless TransparentProxy is enabled
OutAddress: 10026

# The maximum number of connection allowed at once.
# Be sure that clamd can also handle this many connections
#MaxConnections: 64

# Amount of time (in seconds) to wait on network IO
#TimeOut: 180

# Address to listen on (defaults to all local addresses on port 10025)

# The address clamd is listening on
ClamAddress: /var/run/clamav/clamd.ctl

# A header to add to all scanned email
#ScanHeader: X-AV-Checked: ClamAV using ClamSMTP

# Directory for temporary files
TempDirectory: /var/spool/clamsmtp

# PidFile: location of PID file
PidFile: /var/run/clamsmtp/

# Whether or not to bounce email (default is to silently drop)
#Bounce: off

# Whether or not to keep virus files
#Quarantine: off

# Enable transparent proxy support
#TransparentProxy: off

# User to run as
User: clamav

# Virus actions: There's an option to run a script every time a
# virus is found. Read the man page for clamsmtpd.conf for details.

content_filter = scan:[]:10025
receive_override_options = no_address_mappings
cat /etc/postfix/
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
# For injecting mail back into postfix from the filter inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=
netstat -tan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0* LISTEN
tcp 0 0* LISTEN

Everything is ok . But my mail doesn't transmitting i.e my mailbox doesn't contain mail for each user .Here i mention that in my machine "clamd" "postfix" "clamsmtpd" all are running . Plz help me , what is the problem ?
Old 05-14-2006, 04:44 AM   #2
Registered: Dec 2005
Location: Edmonton
Distribution: BLFS, Gentoo
Posts: 353

Rep: Reputation: 32
By default, "clamav.conf" or "freshclam.conf" are saved to /etc directory. If you can't find them there, run the command "locate clamav.conf" and note the location if the command locate outputs it.

I have never used clamsmtp, so I won't be of much help here. The documentation that comes in clamav-0.88.1-1.i386.rpm and/or clamav-0.88.1-1.tar.gz file contains good amount of documentation on how to setup clamav and postfix.It is exhaustive enough, if I rememeber it right. I remember, it even comes with a test EIKAR virus, which you can experiment with. You can setup clamav.conf and postfix configs and then run a telnet session to hook onto clamav and postfix as, clamav listens on port 10025 (If I remember it right). You can send a test mail containing the test virus (EIKAR) from a console and see the log output from clamav disaplyed on another console screen. This is the best way to see clamav in action and to know that it is indeed working. Oh ya ! All this is explained in the documentation !!

You might wanna do the same with clamsmtp. I mean, use telnet to send an email containing virus and watch the output logged by clamav on a console screen !

If you are not able to send and receive mail, chances are that you messed up your postfix/sendmail config files. Oh, BTW, the documenation that comes with clamav also explains how to setup postfix/sendmail. May be, you should do a bit of reading ! Goodluck !!
Old 05-14-2006, 10:13 PM   #3
Registered: Oct 2005
Location: Bangladesh
Posts: 490

Original Poster
Rep: Reputation: 30
Cool clamav problem


A lot of thx for ur reply . But i can't understand ur following comment,
"use telnet to send an email containing virus and watch the output logged by clamav on a console screen !"

How i make telnet and how i attach EIKAR with a file ?
Here output log is "maillog" ?

Plz help and sorry for bothering......


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
configure clamsmtp with clamav shipon_97 Linux - Enterprise 0 05-09-2006 06:18 AM
warning: clamav-0.87.1-1.1.fc2.rf.i386.rpm: V3 DSA signature: NOKEY, key ID 6b8d79e6 Niceman2005 Linux - Software 4 03-07-2006 05:28 AM
Clamav problem mickeyboa Fedora 1 02-06-2006 04:13 PM
Installing clamav rpm NNP Linux - Software 2 05-17-2005 07:34 AM
exim/clamav problem overlord73 Linux - Software 0 04-13-2005 05:42 AM

All times are GMT -5. The time now is 05:01 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration