Is there a Linux antivirus?
 

1) I have done a few searches for a linux antivirus and found very very few results, so my question is, Does linux even need an antivirus? If so, why are there so few results and can someone recommend a good one?

2) Im reading all this talk about a bug in the kernel, is there a command to check what kernel version Im running or is:

cd /usr/src
ls -alc

the easiest way of checking?

Thank you,
The Gnubie

Linux is certainly less prone to viruses than windows - and indeed most viruses are targeted at windows due to its incredible amount of security shortcomings. Having said this, viruses in linux are known and it's a good idea to have something to deal with them. This is a good one -
www.clamav.net

you can check your kernel with
uname -r

I recommend f-prot. You can find it on www.f-prot.com and it works for me. However you must realize, that viruses are mainly made for windows :) Because the new viruses work mainly on human error (Opening files with this link: open this file to see that your coumputer will be screwed :) or Click here for pictures :) )

I don't and never will understand why people make viruses. But as I said, you probably have nothing to worry about and if you do, just use f-prot. It is free and it works on linux.

Is there any free anti-virus program for qmail?

I don't think so, but finding antivirus anything for Linux is hard because there are VERY few Linux viruses (see above posts). How to avoid email viruses:[list=1][*]NEVER open attachments in spam.[*]Never open attachments at all. PERIOD. unless you are expecting one from a person.[*]Don't use Windows to check your email :). Which I assume isn't a problem on this forum.[/list=1]

If anything I have said is wrong, please tell me, I WANT TO KNOW!!! Also, web based email is very secure from the anti-virus standpoint. The worst you can do is infect the email server with a virus, not you. :cool:

However, if you do want to use antivrus with a mail client - the best I've found is sylpheed-claws. It supports clamav to check mail...

is ClamAV an anti-virus program? If so, but why it self couldn't scan qmails content?

clamav,f-prot,bitdefender

ya, f-prot and bitdefender are support qmails, but both just can get trial version, 30 days will expired.

I'm looking for something free, as I'm just using it at home, and users just around 2-3 qmail accounts.

u know now the virus infected emails spread too fast, like Netsky.B and today just come out Netsky.D and I keep receiving these emails. So I need a virus scanner to filter or scanned before distribute to qmails accounts.

yea, most linux virus scaners only realy scan for windows viruses (as there are little linux ones to worry about, and in a proper system they cant do much, at most just a small anoyance of mybe deleting email, or a config file here or there, nothing big)

from reading, qmail-scanner with ClamAV will do scan contents of qmail emails. But before install qmail-scanner, you need to install QMAILQUEUE-patch. Here is the part I stopped. I can't patch it...

to patch the file, from reading, as follow, if something miss, please correct me, perhaps that is my mistake, so then i can complete installation:

download QMAILQUEUE-patch
> wget -q http://www.qmail.org/qmailqueue-patch

place it at the same directory of qmail-1.03 folder (this folder is when very beginning I used for qmail installation)

run patch
> patch -p0 < qmailqueue-patch

u will see 2 files patched inside qmail-1.03 folder: Makefile and qmail.c.

WHAT IS NEXT THEN?...???

Is it meant finished patching? if yes, but why when i install qmail-scanner-1.20 will prompt me error:
"cannot find evidence of QMAILQUEUE in /var/......."

Please help...

Finally, I managed to patch QMAILQUEUE-patch and install qmail-scanner as well as ClamAV, I compile following statement, hope you all understand.

-----------------------------------------------------------------------------------------------
Anti-Virus For preinstalled qmail
We are going to use qmail-scanner and ClamAv.

Before we start, we need to ensure that the following packages and perl modules were installed.

Required packages/perl modules:
Perl-modules needed:
All perl modules can be found in http://search.CPAN.org
Time::HiRes
Net::DNS
Digest::SHA1
Digest::HMAC
HTML::Parser
DB_File

Patches needed:
qmail-1.03
> wget http://qmail.agarik.com/qmail-1.03.tar.gz

qmail-1.03.errno.patch
> wget http://qmail.mirrored.ca/moni.csi.hu...03.errno.patch

QMAILQUEUE-patch
> wget http://www.qmail.org/QMAILQUEUE-patch

Packages needed:
perl-suidperl (get version 5.6.1, try don’t use 5.8, heard that it can’t handle qmail-scanner properly)
http://rpmfind.net/linux/rpm2html/se...&system=&arch=

Maildrop (we just need reformime which come with Maildrop)
http://sourceforge.net/project/showf...ackage_id=7979

unzip
http://rpmfind.net/linux/rpm2html/se...hp?query=unzip

NEF unpacker
http://world.std.com/~damned/software.html

qmail-scanner
http://prdownloads.sourceforge.net/q...0.tgz?download

ClamAV
http://www.clamav.net/binary.html#pagestart


How To Check whether perl-modules are installed:
Check perl modules:
> perldoc -l Time::HiRes
> perldoc -l Net::DNS


How To Install/Patch
Install patch files:
> tar –zxvf qmail-1.03.tar.gz
> cd qmail-1.03
copy QMAILQUEUE-patch and qmail-1.03.errno.patch into qmail-1.03 folder
> patch –p1 < qmail-1.03.errno.patch
you will see successful patched 4 files into folder qmail-1.03:
cdb_seek.c
dns.c
error.3
error.h
> patch –p1 < QMAILQUEUE.patch
you will see successful patched 2 files into folder qmail-1.03:
Makefile
qmail.c
> qmailctl stop (or however you stop your mailserver)
Back up qmail’s control files
> cp -a /var/qmail/control /var/qmail/control-backup
> cd qmail-1.03
> make setup check
> ./config-fast
> cp -fdpR /var/qmail/control-backup/* /var/qmail/control
> qmailctl start (or however you start your mailserver)

Install perl modules:
> tar zxvf Time-HiRes-1.49.tar.gz
> cd Time-HiRes-1.49
> perl Makefile.PL
> make
> make install

Install rpm packages:
> cd /var/src/perlmodules
> rpm –ivh perl-Time-HiRes-x.x.x.rpm


Start Installation of ClamAV and qmail-scanner
Install qmail-scanner
Before install qmail-scanner, make sure the above mentioned perl modules, QMAILQUEUE-patch, other patches, packages have been installed. Otherwise will get errors when install it.

> tar –zxvf qmail-scanner-1.20.tgz
> cd qmail-scanner-1.20.tgz
> groupadd qscand
> useradd –c “Qmail-Scanner Account” –g qscand –s /bin/false qscand
Remember to change:
--admin postmaster to --admin [admin account ID]
--domain vladimir.avence.info to –domain [your domain name]
These two will make up [admin account ID]@[you domain name] (i.e. postmaster@vladimir.scence.info)
--local-domains vladimir.acence.info to –local-domains [your domain name]
>./configure --spooldir /var/spool/qmailscan --qmaildir /var/qmail --bindir /var/qmail/bin --qmail-queue-binary /var/qmail/bin/qmail-queue --admin postmaster --domain vladimir.avence.info --notify sender,admin,recips --local-domains vladimir.avence.info --silent-viruses auto --debug 1 --unzip 1 --add-dscr-hdrs 1 --archive 0 --redundant no --log-details yes --log-crypto 0 --fix-mime 1 --scanners "fast_spamassassin" --install 1

If you success installed qmail-scanner, which meant you done very well in preinstallation such as perl-modules and packages needed by qmail-scanner.

Some configuration:
Add the QMAILQUEUE parameter to the /etc/tcp.smtp file:
> emacs /etc/tcp.smtp (or you can use vi if you know how to use)

-----------------------------------------------------------------------------------------------
|127.0.0.1:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-|scanner-queue.pl"
|198.168.1.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail- |scanner-queue.pl"
|:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
-----------------------------------------------------------------------------------------------

Rehash tcpserver:
> /usr/local/bin/tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
> chmod 644 /etc/tcp.smtp.cdb

Add the QMAILQUEUE parameter to /var/qmail/supervise/qmail-smtpd/run

-----------------------------------------------------------------------------------------------
|QMAILQUEUE=”/var/qmail/bin/qmail-scanner-queue.pl”
|Export QMAILQUEUE
-----------------------------------------------------------------------------------------------

Change 2,000,000 to 30,000,000 at the /var/qmail/supervise/qmail-smtpd/run

-----------------------------------------------------------------------------------------------
|Exec /usr/local/bin/softlimit –m 30000000 \
-----------------------------------------------------------------------------------------------

Install ClamAV
> /usr/sbin/groupadd clamav
> /usr/sbin/useradd –g clamav –s /bin/false –c “Clam Antivirus” clamav

> tar –xzf clamav-x.xx.tar.gz
> cd clamav-x.xx
> ./configure
> make
> make install

Test Clamav scanner:
> clamscan

Update virus definition files:
> freshclam

Add freshclam to cron (auto update virus definition files)
> crontab -e

Add in:

> [ESC]:wq
> /var/qmail/bin/qmailctl restart
-----------------------------------------------------------------------------------------------

the :D smiling face is actually a ":" and a "D", please replace it.

Is there any antivirus s/w for Redhat mail server?

Please letme know.

Thanks,
Srinivas

skatta@indusrad.com

Yes,
Vexira from Central Command
AVG from Grisoft
Scan Engine from Symantec
Sophos AV
And the ones mentioned above to name a few.