I have a FTP server running on Red Hat Enterprise Linux 4. Every user, when logs in, is chroot-ed to their his/her directory, the path of which is /home/<username>

Now, what I want is, when users upload files to their home directory, a virus scanner would automatically scan the files for malicious content and delete those which contains any such content.

Could anyone please direct me how can I do it? And any good virus scanner as a recommendation?

Thanks.

I'm not sure how to trigger that using ftpd software (and in fact you didn't mention which you were using).

As an alternative, you might consider running a clamscan every hour using cron. (This scanner is included with the clamav software.) If your directories / files are too large for this to be practical, I'd suggest a more complex cronjob where you check to see if each directory differs from the last time you checked. If it does, you scan it for viruses.

Thanks for your reply. I am using VS FTP.

Ok, vsftpd - nice software.

Hopefully one of the two suggestions I made will work out for you.

Hmm...ok...thanks.

Hey,
I believe vsftpd has a feature which you can block files of specific content. As in if someone uploads an exe file on the FTP server Vsftpd can block the file off itself.
I quote from http://vsftpd.beasts.org/vsftpd_conf.html

deny_file
This option can be used to set a pattern for filenames (and directory names etc.) which should not be accessible in any way. The affected items are not hidden, but any attempt to do anything to them (download, change into directory, affect something within directory etc.) will be denied. This option is very simple, and should not be used for serious access control - the filesystem's permissions should be used in preference. However, this option may be useful in certain virtual user setups. In particular aware that if a filename is accessible by a variety of names (perhaps due to symbolic links or hard links), then care must be taken to deny access to all the names. Access will be denied to items if their name contains the string given by hide_file, or if they match the regular expression specified by hide_file. Note that vsftpd's regular expression matching code is a simple implementation which is a subset of full regular expression functionality. Because of this, you will need to carefully and exhaustively test any application of this option. And you are recommended to use filesystem permissions for any important security policies due to their greater reliability. Example: deny_file={*.mp3,*.mov,.private}
Default: (none)

Hope this helps...

Cheers
Arvind

usually people do this thanks to a filtering proxy...
google proposed frox: http://frox.sourceforge.net/
which you should be able to use with clamav.
hope this helps!

Using anti-virus software , such as kaspersky or f-secure for linux , but both of them are not free.