Find the answer to your Linux question:
Results 1 to 4 of 4
I'm trying to setup an email server using YES Linux, and i'm trying to set it up so that it scans my incoming emails and mark any infected emails. I ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2004
    Posts
    25

    scan incoming emails for viruses


    I'm trying to setup an email server using YES Linux, and i'm trying to set it up so that it scans my incoming emails and mark any infected emails.

    I have set up practically everything I can think of (according to my very limited and short experience with linux), and everything I had researched. Yet, I still cannot get the right headers in my emails. I will explain what I did in steps, and if anybody finds that I've missed something, anything, please let me know because I am about a bee's di*k away from quitting this whole linux thing.

    I should mention that YES linux is a server ready to host your website and email using httpd, squirrelmail(*edited) and uses postfix as the MTA. All of which are already working out of the box.

    Ok, I started with installing clamav-0.80...(after installing a couple of dependencies which are zlib-1.2.1 and zlib-devel-1.1.4-8 )

    1) created group, 'clamav', and created non shell user, 'clamav,' as a member of that group, following the directions in the documentation.
    2) as the documentation says, I did the following,
    Code:
    zcat clamav-0.80.tar.gz | tar xvf -
    cd clamav-0.80
    ./configure --sysconfdir=/etc
    make 
    make install
    3) I've setup the daemon by editing /etc/clamd.conf. I've commented out Example and I've activated the following options
    • LogFile /tmp/clamd.log
      Log Verbose
      LocalSocket /tmp/clamd
      FixStale Socket
      MaxDirectoryRecursion
      User clamav
      ScanOLE2
      ScanMail
      ScanArchive
      ArchiveMaxFileSize 10M
      ArchiveMaxRecursion 5
      ArchiveMaxFiles 1000
      ArchiveMaxCompressionRation 200


    4)Tested clamav and clamd by running the following:
    Code:
    clamscan -r -l scan.txt clamav-0.80
    and
    clamdscan -l scan.txt clamav-0.80
    both of which returned the right results in the scan.txt file.

    5) I setup a script called 'clamd' which I got from a website during my research, to run the clam daemon on startup, "/etc/init.d/clamd"
    Code:
    #!/bin/bash
    
    TMPDIR=/tmp
    PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin
    
    case "$1" in
       start)
           echo "starting ClamAV..."
           if [ -S /tmp/clamd ]; then
    	echo "ClamAV is already running!"
           else
    	/usr/local/bin/freshclam -d -c 4 --datadir=/usr/local/share/clamav
    	/usr/local/sbin/clamd
           fi
           echo "ClamAV is now running!"
       ;;
       stop)
           echo "Shutting down ClamAV..."
           array=(`ps ax | grep -iw '/usr/local/bin/freshclam' | grep -iv 'grep' \
          | awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`)
           element_count=${#array[@]}
           index=0
           while [ "$index" -lt "$element_count" ]
           do
    	kill -9 ${array[$index]}
    	let "index = $index + 1"
           done
           array=(`ps ax | grep -iw '/usr/local/sbin/clamd' | grep -iv 'grep' \
          | awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`)
           element_count=${#array[@]}
           index=0
           while [ "$index" -lt "$element_count" ]
           do
    	kill -9 ${array[$index]}
    	let "index = $index + 1"
           done
           if [ -S /tmp/clamd ]; then
    	rm -f /tmp/clamd
           fi
           echo "ClamAV stopped!"
       ;;
       restart)
           $0 stop && sleep 3
           $0 start
       ;;
       *)
       echo "Usage: $0 {start|stop|restart}"
       exit 1
    esac
    exit 0
    Then I ran the following
    Code:
    chmod 755 /etc/init.d/clamd
    /etc/init.d/clamd start
    and added the following commands to /etc/rc3.d to run clamd BEFORE the mail server, as required by clamassassin.
    Code:
    S79clamd
    and in /etc/rc0.d & /etc/rc6.d, I added..
    Code:
    K31clamd
    I restarted and made sure that clamd ran before postfix.

    clamassassin 1.2.1

    (depedency: mktemp-1.5....streight forward installation --> ./configure >> make >> make install)

    I untarred clamassassin-1.2.1.tar.gz then as per documentation ran

    Code:
    ./configure --enable-subject-rewrite
    make install
    Postfix

    in /etc/postfix/main.cf, I enabled the following
    Code:
    mailbox_command = /usr/bin/procmail
    mailbox_command = /usr/bin/procmail -a $EXTENSION

    Procmail 3.15.2

    Since noone is logged onto the server, I setup a the following file /etc/procmailrc, and this is what it looks like

    Code:
    :0fw 
    | /usr/local.bin/clamassassin
    
    :0:
    * ^X-Virus-Status: Yes
    IN.virus
    And thats it...I restarted and sent an email with an attachment to myself, and nothing, there was no header with X-Virus-Status.

    So please, if anybody sees any flaws in what I did, then please let me know....I know I am so close to getting it done!

    By the way, I'm using YES 2.0.12. And I do appologise if this is not the place to post this, but I've been on the mailing lists of clamav and procmail which is where I got alot of my code, but I still cant get it to work.

    Thanks in advnace for any suggestions.

  2. #2
    Linux Guru kkubasik's Avatar
    Join Date
    Mar 2004
    Location
    Lat: 39:03:51N Lon: 77:14:37W
    Posts
    2,396
    im gonna have to go back over exactly what you have posted to look for an error, but you stated that you have both sendmail and postfix running as MTA's? Could you clarify?
    Avoid the Gates of Hell. Use Linux
    A Penny for your Thoughts

    Formerly Known as qub333

  3. #3
    Just Joined!
    Join Date
    Sep 2004
    Posts
    25
    I'm sorry...that was supposed to say squirrelmail.

    YES Linux uses postfix as it MTA

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Sep 2004
    Posts
    25
    anybody else has any comments at all?
    Cheers.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •