LinuxQuestions.org - need package to manage mail domains and accounts

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - need package to manage mail domains and accounts (https://www.linuxquestions.org/questions/linux-software-2/need-package-to-manage-mail-domains-and-accounts-592593/)

need package to manage mail domains and accounts

I am migrating a site to a new server. The existing site has a few email accounts so I'm not concerned about copying the addresses or email from the old server. I'd like to start fresh.

That said, I'd like to install an admin package that will make it easy for me to:
1) Set up mail for the one domain I am hosting on this machine...maybe set up additional mail domains as necessary
2) create any mail accounts I need to create for any given domains
3) let users access their mail through a web interface like squirrelmail or SqWebMail or simliar.
4) let users access their mail through a mail client like outlook or thunderbird

Can anyone help me accomplish this? I'm running CentOS 5 and I believe it has PostFix installed...I set up Apache/MySQL/PHP and some other stuff using a tutorial at howtoforge and it successfully sent mail from this php script:

PHP Code:




<? 
mail('myaddress@hotmail.com', 'TEST MAIL FROM NEW SERVER', 'OK so the new server can send email now.') 
  or die('mail failed:'); 
?>

So it would appear the MTA is working at least. Any tips or hints would be *most welcome*. Ideally I could test this out before I actually point DNS at this new machine as the mail server.

If you are looking for some interface that has a gui, there are plenty. Sourceforge has quite a bit. Be cautious on what you install on a server that is exposed to the internet. That machine needs to be lean and free of unneeded packages and processes including X server.

I was wondering why you would want one? Everything you need to do is at your fingertips in a bash shell. By using ssh you can administer this quite easily.

I would be happy to help you do this.

Regards

Thanks for your offer of help! I'm definitely curious about how to administer mail on linux via CLI but I'm not the only person who'll be administering email accounts. Ideally, it would be a web interface.

You may want to try this link:

http://www.postfix.org/docs.html

I'll stress again the importance of not using an 'interface' on a server that is exposed to the internet. Administering users is very, very easy, in some cases just adding a system account will activate email for them. Read the man page:

man useradd

If there are several admins, then I suggest using sudo for each of them. That way there is accounting for who did what on the box.

man sudo

Keep the root password locked in a safe somewhere and only bring it out in an emergency. I am also thinking that some clear understanding of what you will be putting out there is in order. After that, what I am saying will make a little more sense.

I hope I am helping.

Regards

I have used useradd in order to create FTP accounts before for designers to access the site. The man page says absolutely nothing about mail except there's an exit value related to it: 13 - can't create mail spool

How would I even know if a mail account is created? I know so very little about linux mail config.

I appreciate your assistance but I'm still pretty far from accomplishing my goals which are:
1) Set up mail for the one domain I am hosting on this machine...maybe set up additional mail domains as necessary
2) create any mail accounts I need to create for any given domains
3) let users access their mail through a web interface like squirrelmail or SqWebMail or simliar.
4) let users access their mail through a mail client like outlook or thunderbird

This is looking promising:
http://www.howtoforge.com/virtual_us..._clamav_centos

I'm concerned about security though...anyone see any problem with these commands?

Code:

groupadd vmail -g 1001

useradd vmail -u 1001 -g 1001

and adding this to sudoers:

Code:

vmail ALL=(ALL) ALL

It looks like you are taking a good step forward. You set the GID of the group, and users to that group. So far, the admin tasks are not very hard, right?

As for the rights on sudu, that is up to your security policy.

Good link that you had also. Please report your progress

Regards

ok...after HOURS of fruitless effort, I think I have mail working. I was concerned about adding that user so I looked in /etc/passwd and LO AND BEHOLD i saw that dovecot was in there. i installed dovecot during the original setup howto without realizing what it was.

I started reading the postfix documentation and I just couldn't get my head around it so I broke down and installed postfix admin as instructed by this tutorial. Installing postfix admin was easy enough but when I tried adding some domains it had no impact whatsoever on the postfix configuration files. Postfix supports several approaches to maintaining user lists only one of which is a mysql database. The Postfix Admin I installed was making changes to a MySQL database that postfix knew nothing about.

The nightmare part comes I realize that the default install of postfix offered by CentOS 5 via yum doesn't support mysql. I had to find out how to rebuild postfix from source. Post #5 in this thread on CentOs' site explains how that is done. I couldn't build it at first until I ran this to get the right packages:

Code:

yum install db4-devel

So finally I'm compiled and I debug a bit and I can send mail now. As soon as I get mysql-friendly postfix installed it starts to recognize the mailbox and domains created previously with postfix admin (postfix and postfix admin share a database when installed properly!). I had also edited /etc/hosts on my new server so that it thinks it is mydomain.com:

Code:

11.11.11.11 mydomain.com

I send mail from the CLI the new server to one of those mailboxes:

Code:

[root@server2 ~]# mail jason@mydomain.com

Subject: one last time

foobar

.

Cc:

Since i have all the dovecot debugging on I get a pretty verbose message:

Code:

Oct 19 03:03:34 server2 postfix/pickup[3714]: 8236450C055: uid=0 from=<root>

Oct 19 03:03:34 server2 postfix/cleanup[3962]: 8236450C055: message-id=<20071019070334.8236450C055@mail.mydomain.com>

Oct 19 03:03:34 server2 postfix/qmgr[3713]: 8236450C055: from=<root@mydomain.com>, size=296, nrcpt=1 (queue active)

Oct 19 03:03:34 server2 dovecot: auth(default): master in: USER 1      jason@mydomain.com        service=deliver

Oct 19 03:03:34 server2 dovecot: auth(default): passwd(jason@mydomain.com): unknown user

Oct 19 03:03:34 server2 dovecot: auth-worker(default): sql(jason@mydomain.com): SELECT "/var/mail/mydomain.com/jason" as home, "maildir:/var/mail/mydomain.com/jason" as mail, 150 AS uid, 12 AS gid, concat("dirsize:storage=", quota) AS quota FROM mailbox WHERE username = "jason@mydomain.com" AND active = "1"

Oct 19 03:03:34 server2 dovecot: auth(default): master out: USER        1      jason@mydomain.com        home=/var/mail/mydomain.com/jason mail=maildir:/var/mail/mydomain.com/jason      uid=150 gid=12  quota=dirsize:storage=0

Oct 19 03:03:34 server2 postfix/pipe[3966]: 8236450C055: to=<jason@mydomain.com>, relay=dovecot, delay=0.07, delays=0.03/0/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service)

Oct 19 03:03:34 server2 postfix/qmgr[3713]: 8236450C055: removed

The SQL appears to work correctly and finds the permissions correctly.
Question 1: Is that 'passwd():unknown user supposed to be in there or do I have something wrongly configured?

When I check the server using Thunderbird, i enter server2.mydomain.com as the server name and I enter my mailbox credentials without setting any security stuff yet. Checking the server for email works with this output in the log.

Code:

Oct 19 02:30:57 server2 dovecot: auth(default): client in: AUTH 1      PLAIN  service=POP3    lip=11.11.11.11        rip=22.22.22.22      resp=

Oct 19 02:30:57 server2 dovecot: auth(default): client out: CONT        1

Oct 19 02:30:57 server2 dovecot: auth(default): client in: CONT 1      AGphc29uQG15cGxhbi5jb20AY2h1bXBhbDA=

Oct 19 02:30:59 server2 dovecot: auth(default): pam(jason@mydomain.com,22.22.22.22): pam_authenticate() failed: User not known to the underlying authentication module

Oct 19 02:30:59 server2 dovecot: auth-worker(default): sql(jason@mydomain.com,22.22.22.22): query: SELECT username as user, password, "/var/mail/mydomain.com/jason" as userdb_home, "maildir:/var/mail/mydomain.com/jason" as userdb_mail, 150 as userdb_uid,12 as userdb_gid FROM mailbox WHERE username = "jason@mydomain.com" AND active = "1"

Oct 19 02:30:59 server2 dovecot: auth(default): client out: OK  1      user=jason@mydomain.com

Oct 19 02:30:59 server2 dovecot: auth(default): master in: REQUEST      8      3818    1

Oct 19 02:30:59 server2 dovecot: auth(default): passwd(jason@mydomain.com,22.22.22.22): unknown user

Oct 19 02:30:59 server2 dovecot: auth-worker(default): sql(jason@mydomain.com,22.22.22.22): SELECT "/var/mail/mydomain.com/jason" as home, "maildir:/var/mail/mydomain.com/jason" as mail, 150 AS uid, 12 AS gid, concat("dirsize:storage=", quota) AS quota FROM mailbox WHERE username = "jason@mydomain.com" AND active = "1"

Oct 19 02:30:59 server2 dovecot: auth(default): master out: USER        8      jason@mydomain.com        home=/var/mail/mydomain.com/jason mail=maildir:/var/mail/mydomain.com/jason      uid=150 gid=12  quota=dirsize:storage=0

Oct 19 02:30:59 server2 dovecot: pop3-login: Login: user=<jason@mydomain.com>, method=PLAIN, rip=22.22.22.22, lip=11.11.11.11

Oct 19 02:31:00 server2 dovecot: POP3(jason@mydomain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0

Question 2: In this we have both passwd() and pam() returning 'unknown user' - is that supposed to happen or do I have a bad configuration going on somewhere?

The last thing I've noticed is that when i deliberately send an email from CLI to a badly formed address, the mail server is unable to find the root email address to bounce the message:

Code:

Oct 19 03:13:41 server2 postfix/pickup[3714]: 60D0950C057: uid=0 from=<root>

Oct 19 03:13:41 server2 postfix/cleanup[3997]: 60D0950C057: message-id=<20071019071341.60D0950C057@mail.mydomain.com>

Oct 19 03:13:41 server2 postfix/qmgr[3713]: 60D0950C057: from=<root@mydomain.com>, size=289, nrcpt=1 (queue active)

Oct 19 03:13:41 server2 postfix/smtp[4002]: 60D0950C057: to=<lkjsf@blarg>, relay=none, delay=0.04, delays=0.03/0.01/0.01/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=blarg type=A: Host not found)

Oct 19 03:13:41 server2 postfix/cleanup[3997]: 6A5DD50C059: message-id=<20071019071341.6A5DD50C059@mail.mydomain.com>

Oct 19 03:13:41 server2 postfix/bounce[4003]: 60D0950C057: sender non-delivery notification: 6A5DD50C059

Oct 19 03:13:41 server2 postfix/qmgr[3713]: 6A5DD50C059: from=<>, size=2086, nrcpt=1 (queue active)

Oct 19 03:13:41 server2 postfix/qmgr[3713]: 60D0950C057: removed

Oct 19 03:13:41 server2 dovecot: auth(default): master in: USER 1      root@mydomain.com service=deliver

Oct 19 03:13:41 server2 dovecot: auth(default): passwd(root@mydomain.com): unknown user

Oct 19 03:13:41 server2 dovecot: auth-worker(default): sql(root@mydomain.com): SELECT "/var/mail/mydomain.com/root" as home, "maildir:/var/mail/mydomain.com/root" as mail, 150 AS uid, 12 AS gid, concat("dirsize:storage=", quota) AS quota FROM mailbox WHERE username = "root@mydomain.com" AND active = "1"

Oct 19 03:13:41 server2 dovecot: auth-worker(default): sql(root@mydomain.com): User not found

Oct 19 03:13:41 server2 dovecot: auth(default): master out: NOTFOUND    1

Oct 19 03:13:41 server2 postfix/pipe[4004]: 6A5DD50C059: to=<root@mydomain.com>, relay=dovecot, delay=0.02, delays=0.01/0.01/0/0.01, dsn=5.1.1, status=bounced (user unknown)

Oct 19 03:13:41 server2 postfix/qmgr[3713]: 6A5DD50C059: removed

Question 3: Why can't the mail server properly bounce emails sent by root from the CLI? Is this bad config or par for the course? How do I fix it?

I'm pretty impressed by your drive to make this happen. I was gently asking for you to really understand what it is you are configuring and you went well beyond.

Give yourself a pat on the back!

You did right by making sure the logs spit out all it can, that makes the job easier. After Postfix behaves the way you want (notice: the way YOU want) then you can turn off debugging because you will fill up a partition quickly once this goes live.

Lets start by looking at your Postfix conf file. Can you post that please. You may want ** out anything that is not for public viewing. I want to be sure we are on the same page and I understand exactly what you need.

Also give mutt a try:

man mutt

It is a great email client.

Good job.

Regards

My main.cf is pretty much the default which has everything commented out. I have attempted here to show only the configs that do anything by using

Code:

grep -P '^(?!#).+$' main.cf

to get only the lines that don't start with a #:

Code:

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

mail_owner = postfix

unknown_local_recipient_reject_code = 550

debug_peer_level = 2

debugger_command =

        PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

        xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/local/man

sample_directory = /etc/postfix

readme_directory = no

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)

biff = no

append_dot_mydomain = no

myhostname = mail.mydomain.com

myorigin = mydomain.com

mydestination = localhost

relayhost =

mynetworks = 127.0.0.0/8

mailbox_size_limit = 0

recipient_delimiter = +

inet_interfaces = all

virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf

virtual_mailbox_base = /var/vmail

virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf

virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf

virtual_minimum_uid = 150

virtual_uid_maps = static:150

virtual_gid_maps = static:12

virtual_transport = dovecot

dovecot_destination_recipient_limit = 1

smtpd_sasl_auth_enable = yes

smtpd_sasl_exceptions_networks = $mynetworks

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_type = dovecot

smtpd_sasl_path = private/auth

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, permit

Same drill for master.cf:

Code:

[root@server2 postfix]# grep -P '^(?!#).+$' master.cf

smtp      inet  n      -      n      -      -      smtpd

pickup    fifo  n      -      n      60      1      pickup

cleanup  unix  n      -      n      -      0      cleanup

qmgr      fifo  n      -      n      300    1      qmgr

tlsmgr    unix  -      -      n      1000?  1      tlsmgr

rewrite  unix  -      -      n      -      -      trivial-rewrite

bounce    unix  -      -      n      -      0      bounce

defer    unix  -      -      n      -      0      bounce

trace    unix  -      -      n      -      0      bounce

verify    unix  -      -      n      -      1      verify

flush    unix  n      -      n      1000?  0      flush

proxymap  unix  -      -      n      -      -      proxymap

smtp      unix  -      -      n      -      -      smtp

relay    unix  -      -      n      -      -      smtp

        -o fallback_relay=

showq    unix  n      -      n      -      -      showq

error    unix  -      -      n      -      -      error

retry    unix  -      -      n      -      -      error

discard  unix  -      -      n      -      -      discard

local    unix  -      n      n      -      -      local

virtual  unix  -      n      n      -      -      virtual

lmtp      unix  -      -      n      -      -      lmtp

anvil    unix  -      -      n      -      1      anvil

scache    unix  -      -      n      -      1      scache

dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d $(recipient)

I'm not trying to set up clamav and spamassassin. Any recommendations about whether to use mailscanner vs. amavis-new or whatever? I understand that using spamd results in better performance.

After ANOTHER ENTIRE DAY working on this, I have installed Amavis, ClamAV, and SpamAssassin on my server (thanks to this tutorial and it appears to be receiving mail on behalf of its hosted domains (in this case mydomain.com and server2.mydomain.com) from my desktop mail client (thunderbird). This has been *really* painful to implement. I still have Questions 1, 2, and 3 unanswered from above. Could someone please take a peek?

Today after compiling all that shiznit from source and installing everything, My server would deliver mail sent from CLI to the domains it hosts BUT would not allow mail to be delivered from the outside due to SASL failures. After I changed some dovecot config (wrong socket paths) I was still having that problem. the error in the log was:

Code:

Oct 19 21:48:47 server2 postfix/smtp[3914]: 04BAA50C0AC: to=<jason@server2.mydomain.com>, relay=none, delay=3.1, delays=3.1/0.03/0/0, dsn=5.4.4, status=bounced (unable to look up host localhost: No address associated with hostname)

I solved that problem by changing this line in /etc/postfix/main.cf:

Code:

content_filter = smtp-amavis:[localhost]:10024

to this

Code:

content_filter = smtp-amavis:[127.0.0.1]:10024

Can someone tell me why that would make ONE WHIT of difference?

I just sent myself the intentional spam test message mail from hotmail and the spam filter appears to be working. The resulting header information:

Code:

Return-Path: <my_hotmail_address@hotmail.com>

Delivered-To: jason@server2.mydomain.com

Received: from localhost (unknown [127.0.0.1])

    by spamserver.mydomain.com (Postfix) with ESMTP id 3C5CC50C0B7

    for <jason@server2.mydomain.com>; Sat, 20 Oct 2007 02:23:02 +0000 (UTC)

X-Spam-Flag: YES

X-Spam-Score: 1000.245

X-Spam-Level: ****************************************************************

X-Spam-Status: Yes, score=1000.245 required=5 tests=[AWL=-0.245, GTUBE=1000,

    HTML_MESSAGE=0.001, SPF_PASS=-0.001, UPPERCASE_50_75=0.49]

Received: from spamserver.mydomain.com ([127.0.0.1])

    by localhost (server2.mydomain.com [127.0.0.1]) (amavisd-new, port 10024)

    with ESMTP id 2Nr2RbLCc05Z for <jason@server2.mydomain.com>;

    Fri, 19 Oct 2007 22:22:54 -0400 (EDT)

Received: from bay0-omc2-s6.bay0.hotmail.com (bay0-omc2-s6.bay0.hotmail.com [65.54.246.142])

    by spamserver.mydomain.com (Postfix) with ESMTP id 81E1D50C0B6

    for <jason@server2.mydomain.com>; Fri, 19 Oct 2007 22:22:54 -0400 (EDT)

Received: from BAY101-W27 ([64.4.56.127]) by bay0-omc2-s6.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);

    Fri, 19 Oct 2007 19:22:51 -0700

Message-ID: <BAY101-W27BF3E2FBB176547E8366AB0980@phx.gbl>

Content-Type: multipart/alternative;

    boundary="_f751f94b-c898-44ba-99de-35dced2b3aef_"

X-Originating-IP: [22.22.22.22]

From: J Adams <my_hotmail_address@hotmail.com>

To: <jason@server2.mydomain.com>

Subject: ***SPAM*** remote test hotmail 2 - screen this

Date: Fri, 19 Oct 2007 19:22:47 -0700

Importance: Normal

MIME-Version: 1.0

X-OriginalArrivalTime: 20 Oct 2007 02:22:52.0231 (UTC) FILETIME=[1DC1A570:01C812C0]

More questions:
Question 4: Is there some config that will change that 'unknown' [127.0.0.1]' at the top to something more meaningful?

Question 5: I want to change the spam settings so mail like this gets thrown the trash - NOT sent to some email address or folder somewhere. Would I change the amavis.conf or the spamassassin local.cf? Which params?

Question 6: Can anyone think of a way for me to test ClamAV to see if virus scanning is also working?

Question 7: I don't see spamd in my processes. Am I running an inefficient version? Is there a better way to set this up?

To test ClamAV here it a good link:

http://flakshack.com/anti-spam/wiki/...ge=Test+ClamAV

It seems that you are making progress quickly. Did you answer your questions above, or do you still need help? It took me a while to check back in.

Regards,

Thanks Ray. I don't feel like any of my questions have been answered yet. I therefore have 7 outstanding questions.

The commands they offer on that page simply don't work on my server. Chroot complains

Code:

[root@server2 ~]#  chroot -u amavisd /var/amavisd /usr/local/bin/clamscan -d /var/db/clamav

chroot: invalid option -- u

I logged into the live server and did a wget on the com virus and mailed it from the command line using the 'mail' command. I included the com file in the message using the ~r escape. When the message arrived at my new server the text of the com file was simply displayed inline. I'm guessing that's fairly harmless. Apparently attachments sent this way are not preserved as true attachments.

Perhaps somewhat foolishly, I downloaded the fake virus files and disabled my desktop's virus scanning software so I could mail them to the new server. I'm shocked at how much I trust these online tutorials. I emailed all three files to my new server using thunderbird but they were intercepted by the mail exchange at the domain that hosts my usual email account.

BAD: I logged in to jason@server.mydomain.com to the new server itself using squirrelmail and composed an email to myself. THE COM VIRUS WAS DELIVERED INTACT. THIS IS VERY BAD.

WORSE: I logged in to the old server using squirrelmail, and attached the COM virus sample to an email sent to jason@server2.mydomain.com AND THE COM VIRUS WAS DELIVERED INTACT.

What the heck? I don't even know where to begin with this problem. I've turned off the verbose debugging but this is the mail log for the delivery of the com virus sample from the original server to the new server. 99.99.99.99 represents the old server IP. 22.22.22.22 represents my desktop IP.

Code:

Oct 21 17:34:29 server2 postfix/smtpd[22786]: connect from mydomain.mydoman.com[99.99.99.99]

Oct 21 17:34:29 server2 postfix/smtpd[22786]: CE66A50C0B8: client=mydomain.mydoman.com[99.99.99.99]

Oct 21 17:34:29 server2 postfix/cleanup[22792]: CE66A50C0B8: message-id=<1415.22.22.22.22.1192998667.squirrel@22.22.22.22>

Oct 21 17:34:29 server2 postfix/qmgr[4023]: CE66A50C0B8: from=<jason@mydoman.com>, size=1411, nrcpt=1 (queue active)

Oct 21 17:34:30 server2 postfix/smtpd[22797]: connect from unknown[127.0.0.1]

Oct 21 21:34:30 server2 postfix/smtpd[22797]: 8B42550C0C1: client=unknown[127.0.0.1]

Oct 21 17:34:30 server2 postfix/cleanup[22792]: 8B42550C0C1: message-id=<1415.22.22.22.22.1192998667.squirrel@22.22.22.22>

Oct 21 17:34:30 server2 postfix/qmgr[4023]: 8B42550C0C1: from=<jason@mydoman.com>, size=1944, nrcpt=1 (queue active)

Oct 21 21:34:30 server2 postfix/smtpd[22797]: disconnect from unknown[127.0.0.1]

Oct 21 17:34:30 server2 amavis[3584]: (03584-04) Passed CLEAN, [99.99.99.99] [22.22.22.22] <jason@mydoman.com> -> <jason@server2.mydoman.com>, Message-ID: <1415.22.22.22.22.1192998667.squirrel@22.22.22.22>, mail_id: TTOTozYp5IYL, Hits: -1.44, size: 1411, queued_as: 8B42550C0C1, 675 ms

Oct 21 17:34:30 server2 postfix/smtp[22793]: CE66A50C0B8: to=<jason@server2.mydoman.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.75, delays=0.07/0/0/0.68, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 8B42550C0C1)

Oct 21 17:34:30 server2 postfix/qmgr[4023]: CE66A50C0B8: removed

Oct 21 17:34:30 server2 postfix/pipe[22798]: 8B42550C0C1: to=<jason@server2.mydoman.com>, relay=dovecot, delay=0.04, delays=0.01/0.01/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service)

Oct 21 17:34:30 server2 postfix/qmgr[4023]: 8B42550C0C1: removed

Oct 21 17:34:30 server2 postfix/smtpd[22786]: disconnect from mydomain.mydoman.com[99.99.99.99]

FYI, clamav appears to work properly and catch the viruses. I downloaded those test viruses and it catches them as it should:

Code:

[root@server2 clamtest]# clamscan ./

./eicar.com: Eicar-Test-Signature FOUND

./eicarcom2.zip: Eicar-Test-Signature FOUND

./eicar_com.zip: Eicar-Test-Signature FOUND



----------- SCAN SUMMARY -----------

Known viruses: 187023

Engine version: 0.91.2

Scanned directories: 1

Scanned files: 3

Infected files: 3

Data scanned: 0.00 MB

Time: 2.435 sec (0 m 2 s)

[root@server2 clamtest]#

[root@server2 clamtest]# clamdscan eicar.com

/root/clamtest/eicar.com: Eicar-Test-Signature FOUND



----------- SCAN SUMMARY -----------

Infected files: 1

Time: 0.022 sec (0 m 0 s)

[root@server2 clamtest]#

Sorry for the delay in getting back here. I had emergency surgery over the weekend. I should be able to look over your post soon.

Regards