---------- Forwarded message --------- Hello, New to Clamav. My goal is to successfully scan and intercept incoming virus into my email. But virus's keep going into my email. If I manually scan my email with the command clamscan -r --mbox /var/spool/mail the virus is detected. I delete the infected message, but more keep re-appearing. Running on RH 9.0 ClamAV version 0.60 Ran freshclam to update db I start the application by executing: /usr/local/sbin/clamd as root. Question: How do I configure Clamav to automatically scan incoming email and detect virus's Thanks -Tom Here is a copy of my clamav.conf file: [EMAIL PROTECTED] tom]# cat /usr/local/etc/clamav.conf ## ## Example config file for the Clam AV daemon ## Please read the clamav.conf(5) manual before editing this file. ## # Comment or remove the line below. # Example # Uncomment this option to enable logging. # LogFile must be writable for the user running the daemon. # Full path is required. LogFile /tmp/clamd.log # By default the log file is locked for writing - the lock protects against # running clamd multiple times (if want to run another clamd, please # copy the configuration file, change the LogFile variable, and run # the daemon with --config-file option). That's why you shouldn't uncomment # this option. #LogFileUnlock # Maximal size of the log file. Default is 1 Mb. # Value of 0 disables the limit. # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size # in bytes just don't use modifiers. LogFileMaxSize 2M # Log time with an each message. LogTime # Use system logger (can work together with LogFile). LogSyslog # Enable verbose logging. LogVerbose # This option allows you to save the process identifier of the listening # daemon (main thread). #PidFile /var/run/clamd.pid # Path to a directory containing .db files. # Default is the hardcoded directory (mostly /usr/local/share/clamav, # it depends on installation options). #DataDirectory /var/lib/clamav # The daemon works in local or network mode. Currently the local mode is # recommended for security reasons. # Path to the local socket. The daemon doesn't change the mode of the # created file (portability reasons). You may want to create it in a directory # which is only accessible for a user running daemon. LocalSocket /tmp/clamd # TCP port address. #TCPSocket 3310 # Maximum length the queue of pending connections may grow to. # Default is 15. #MaxConnectionQueueLength 30 # When activated, input stream (see STREAM command) will be saved to disk before # scanning - this allows scanning within archives. #StreamSaveToDisk # Close the connection if this limit is exceeded. #StreamMaxLength 10M # Maximal number of a threads running at the same time. # Default is 5, and it should be sufficient for a typical workstation. # You may need to increase threads number for a server machine. #MaxThreads 10 # Thread (scanner - single task) will be stopped after this time (seconds). # Default is 180. Value of 0 disables the timeout. SECURITY HINT: Increase the # timeout instead of disabling it. #ThreadTimeout 500 # Maximal depth the directories are scanned at. MaxDirectoryRecursion 15 # Follow a directory symlinks. # SECURITY HINT: You should have enabled directory recursion limit to # avoid potential problems. #FollowDirectorySymlinks # Follow regular file symlinks. #FollowFileSymlinks # Do internal checks (eg. check the integrity of the database structures) # By default clamd checks itself every 3600 seconds (1 hour). #SelfCheck 600 # Run as selected user (clamd must be started by root). # By default it doesn't drop privileges. #User clamav # Initialize the supplementary group access (for all groups in /etc/group # user is added in. clamd must be started by root). #AllowSupplementaryGroups # Don't fork into background. Useful in debugging. #Foreground ## ## Mail support ## # Uncomment this option if you are planning to scan mail files. ScanMail ## ## Archive support ## # Comment this line to disable scanning of the archives. ScanArchive # Options below protect your system against Denial of Service attacks # with archive bombs. # Files in archives larger than this limit won't be scanned. # Value of 0 disables the limit. # WARNING: Due to the unrarlib implementation, whole files (one by one) in RAR # archives are decompressed to the memory. That's why never disable # this limit (but you may increase it of course!) ArchiveMaxFileSize 50M # Archives are scanned recursively - e.g. if Zip archive contains RAR file, # the RAR file will be decompressed, too (but only if recursion limit is set # at least to 1). With this option you may set the recursion level. # Value of 0 disables the limit. ArchiveMaxRecursion 5 # Number of files to be scanned within archive. # Value of 0 disables the limit. ArchiveMaxFiles 1000 # Use slower decompression algorithm which uses less memory. This option
# affects bzip2 decompressor only. #ArchiveLimitMemoryUsage ## ## Clamuko settings ## WARNING: This is experimental software. It is very likely it will hang ## up your system !!! ## # Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running. #ClamukoScanOnLine # Set access mask for Clamuko. ClamukoScanOnOpen ClamukoScanOnClose ClamukoScanOnExec # Set the include paths (all files in them will be scanned). You can have # multiple ClamukoIncludePath options, but each directory must be added # in a seperate option. All subdirectories are scanned, too. ClamukoIncludePath /home #ClamukoIncludePath /students # Set the exclude paths. All subdirectories are also excluded. #ClamukoExcludePath /home/guru # Limit the file size to be scanned (probably you don't want to scan your movie # files ;)) # Value of 0 disables the limit. 1 Mb should be fine. ClamukoMaxFileSize 1M # Enable archive support. It uses the limits from clamd section. # (This option doesn't depend on ScanArchive, you can have archive support # in clamd disabled). ClamukoScanArchive ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
