MailScanner 5.3.4 clamd does not appear to be participating.
Christophe GRENIER
grenier at cgsecurity.org
Wed Mar 31 14:17:24 UTC 2021
On Wed, 31 Mar 2021, Andrews, Vincent wrote:
> Hello,
>
> We have a new MailScanner V5.3.4 on a CentOS 7 system. Running the –lint command proves that it can use both Sophos and clamd, however it is only Sophos that appears to be catching
> viruses.
>
> Clamd is installed via the OS route – version is 0.103.0-3.
>
> MailScanner.conf is ‘Virus Scanners = auto’ was ‘Virus Scanners = clamd, sophos’.
>
> Virus.scanners.conf entry for clamd is /bin/false, but as I cannot see a specific wrapper I assume that is Ok.
>
> I am loath to cut out Sophos from the list and see what happens.
>
> Do I need to do anything else?
Hello
A good start is to check your clamd configuration.
On my CentOS servers, I am using /etc/clamd.d/mailscanner.conf
MaxThreads 50
FixStaleSocket true
LocalSocket /var/run/clamd.mailscanner/clamd.sock
User postfix
LogFile /var/log/clamd.mailscanner
LogFileMaxSize 0
LogVerbose yes
LogClean no
Debug no
LogTime yes
TemporaryDirectory /var/tmp
Check the daemon with
systemctl status clamd at mailscanner.service
If it's OK, use clamdscan (not clamscan) to check a file that can be read
by everyone (ie. /etc/hosts):
clamdscan -c /etc/clamd.d/mailscanner.conf /etc/hosts
/etc/hosts: OK
----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.002 sec (0 m 0 s)
Start Date: 2021:03:31 16:13:29
End Date: 2021:03:31 16:13:29
Regards,
Christophe
--
,-~~-.___. ._.
/ | ' \ | |--------. Christophe GRENIER
( ) 0 | | | grenier at cgsecurity.org
\_/-, ,----' | | |
==== !_!-v---v--.
/ \-'~; .--------. TestDisk & PhotoRec
/ __/~| ._-""|| | Data Recovery
=( _____|_|____||________| https://www.cgsecurity.org
More information about the MailScanner
mailing list