Friends ,

I have Installed "clamav-0.88.1-1.i386.rpm" package in my Redhat Enterprise Linux 4 and also it's dependable file.But when i am going to search "Clamav.conf" or "freshclam.conf" Then i can't get those file anywhere .But when i run " ps -ef|grep clamd" then it shows "clamd" is running . Now I have in littlebit doubt that i can't understand is my Clamav antivirus is working or not ?

My second problem is :

I have installed in my Linux machine Postfix , ClamAV.tar file and also install "clamsmtp" file . My postfix and clamav are working fine . But when i install "clamsmtp-1.6.tar" file then i can't found it's configuration file .

Neverthless, I make it's configuration file "clamsmtp.conf" "/usr/local/etc/clamsmtp.conf" . My conf. file is :
------------------------------------------------
#
# - Comments are a line that starts with a #
# - All the options are found below with their defaults commented out


# The address to send scanned mail to.
# This option is required unless TransparentProxy is enabled
OutAddress: 10026

# The maximum number of connection allowed at once.
# Be sure that clamd can also handle this many connections
#MaxConnections: 64

# Amount of time (in seconds) to wait on network IO
#TimeOut: 180

# Address to listen on (defaults to all local addresses on port 10025)
Listen: 127.0.0.1:10025

# The address clamd is listening on
ClamAddress: /var/run/clamav/clamd.ctl

# A header to add to all scanned email
#ScanHeader: X-AV-Checked: ClamAV using ClamSMTP

# Directory for temporary files
TempDirectory: /var/spool/clamsmtp

# PidFile: location of PID file
PidFile: /var/run/clamsmtp/clamsmtpd.pid

# Whether or not to bounce email (default is to silently drop)
#Bounce: off

# Whether or not to keep virus files
#Quarantine: off

# Enable transparent proxy support
#TransparentProxy: off

# User to run as
User: clamav

# Virus actions: There's an option to run a script every time a
# virus is found. Read the man page for clamsmtpd.conf for details.
-----------------------------------------------------

/etc/postfix/main.cf
...
content_filter = scan:[127.0.0.1]:10025
receive_override_options = no_address_mappings
-----------------------------------------------------
cat /etc/postfix/master.cf
...
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
...
# For injecting mail back into postfix from the filter
127.0.0.1:10026 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
----------------------------------------------------------------------------------------------------------------------------
netstat -tan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:10026 0.0.0.0:* LISTEN


Everything is ok . But my mail doesn't transmitting i.e my mailbox doesn't contain mail for each user .Here i mention that in my machine "clamd" "postfix" "clamsmtpd" all are running . Plz help me , what is the problem ?

By default, "clamav.conf" or "freshclam.conf" are saved to /etc directory. If you can't find them there, run the command "locate clamav.conf" and note the location if the command locate outputs it.

I have never used clamsmtp, so I won't be of much help here. The documentation that comes in clamav-0.88.1-1.i386.rpm and/or clamav-0.88.1-1.tar.gz file contains good amount of documentation on how to setup clamav and postfix.It is exhaustive enough, if I rememeber it right. I remember, it even comes with a test EIKAR virus, which you can experiment with. You can setup clamav.conf and postfix configs and then run a telnet session to hook onto clamav and postfix as, clamav listens on port 10025 (If I remember it right). You can send a test mail containing the test virus (EIKAR) from a console and see the log output from clamav disaplyed on another console screen. This is the best way to see clamav in action and to know that it is indeed working. Oh ya ! All this is explained in the documentation !!

You might wanna do the same with clamsmtp. I mean, use telnet to send an email containing virus and watch the output logged by clamav on a console screen !

If you are not able to send and receive mail, chances are that you messed up your postfix/sendmail config files. Oh, BTW, the documenation that comes with clamav also explains how to setup postfix/sendmail. May be, you should do a bit of reading ! Goodluck !!

kemkim55,

A lot of thx for ur reply . But i can't understand ur following comment,
"use telnet to send an email containing virus and watch the output logged by clamav on a console screen !"

How i make telnet and how i attach EIKAR with a file ?
Here output log is "maillog" ?

Plz help and sorry for bothering......