Re: [exim] Clamav disabling and problems

Top Page
Delete this message
Reply to this message
Author: exim-users
Date:  
To: exim-users
Subject: Re: [exim] Clamav disabling and problems
James Nunnerley wrote:
> Hi Folks,
>
> Right, I finally worked out how to disable clamav, on exim.
>
> For those who need to know, because I couldn't work out how...
>
> In the exim.conf file, where your acl rules are; you will need to comment
> out the following lines (at least from my .conf file....
>
>     #av_scanner = clamd:/var/run/clamd.exim/clamd.sock

>     
>     #       deny message = This message contains a virus or other
> harmful content ($malware_name)
>     #               malware = *

>
> I guess the malware bit looks for a malware line in the email headers? And
> disabling the av_scanner definitely does it!


Just commenting out the parts with malware in them will stop exim trying
to access the Clamd socket. If they have changed the location of the
socket you will need to adjust the av_scanner line to match.

First things first, check clamd is running. If it's missing, you wont be
able to connect to it.

Second, find the clamd.conf file and check what the LocalSocket,
TCPSocket, TCPAddr options are set to. If LocalSocket is commented out,
you will need to use the TCPSocket and TCPAddr.

Set the av_scanner line to whatever LocalSocket now is or to the values
of TCPAddr:TCPSocket in that format eg. av_scanner = 127.0.0.1:3310

If it's using the TCPAddr, you may also have to ensure that connections
to it are not firewalled out with iptables. Connections to unix sockets
are governed by file permissions so you will need to check them if it's
running from the LocalSocket.

Have fun!
Ted.

--
The Exim Manual
http://www.exim.org/docs.html
http://www.exim.org/exim-html-current/doc/html/spec_html/index.html