This page is part of the EmailServer article. ClamAV AntivirusClam AntiVirus is a totally free -in all senses of the word- antivirus scanner. It is released under the GPL and has seen a lot of activity in the recent past. ClamAV is available as a ready-made package. # yum -t install clamd If you prefer to install from source, have a look at my older article on ClamAV. Edit LogFile /var/log/clamav/clamd.log LogFileMaxSize 10M LogTime yes LogSyslog yes PidFile /var/run/clamav/clamd.pid TemporaryDirectory /var/tmp DatabaseDirectory /var/clamav LocalSocket /var/run/clamav/clamd.socket FixStaleSocket yes MaxConnectionQueueLength 30 MaxThreads 50 ReadTimeout 300 User clamav AllowSupplementaryGroups yes ScanPE yes ScanELF yes DetectBrokenExecutables yes ScanOLE2 yes ScanMail yes ScanArchive yes ArchiveBlockEncrypted no MaxFileSize 50M All other parameters should be commented out, in particular Now we need to tell Amavisd-New to enable virus scanning. Edit # @bypass_virus_checks_maps = (1); <- This line must be commented out Look for the following section in Automated update of Virus definitionsEdit the #Example <- This line should be commented out Now create a new 05 * * * * /usr/local/bin/freshclam --quiet Now Note: Make sure that the name of the socket file Testing the AntiVirusLet's restart our setup to check that everything works fine. # service postfix stop # service amavisd stop # service clamd stop # service clamd start # service amavisd start # service postfix start Go to the eicar antivirus test site and download the eicar.com.txt test file. Send an email with the eicar.com.txt as an attachment to a test email that you send through the server. Jan 23 15:13:01 mailserver amavis[28181]: (28181-03) Blocked INFECTED (Eicar-Test-Signature), MYNETS LOCAL [192.168.0.101] [192.168.0.101] <nkadesign@nkadesign.com> -> <renaud@nkadesign.com>, quarantine: virus-9p6fXda5rBjH, Message-ID: <49796DE5.80804@nkadesign.com>, mail_id: 9p6fXda5rBjH, Hits: -, size: 1069, 253 ms Resources< AmavisdNew | EmailServer | SpamAssassin > Leave your comments below |