Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » ClamAV Support
  •  
Kerio_jthomas

Messages: 511
Karma: 1
Send a private message to this user
Hello all,

Kerio MailServer 6.2 adds support for the popular open-source Clam AV to its long list of supported anti-virus solutions. Unlike most major antivirus products, Clam AV and its updates are free of charge.

As with Kerio's other antivirus plugins, we are offering only support for what is necessary to integrate ClamAV with the Kerio MailServer. Setup and configuration support will be provided through our knoweldgebase, phone and email support. For additional configuration and features provided by ClamAV, the administrator must consult the ClamAV documentation or website.

Kerio's technical support for ClamAV is limited only to the integration with the Kerio MailServer and not for setting up ClamAV. For instructions on how to integrate ClamAV with the Kerio MailServer, please consult the following knowledgebase article(s):

http://support.kerio.com/kb/425
http://support.kerio.com/kb/426

This list will be updated as more articles are published.

Cheers,
Joshua Thomas



[Updated on: Thu, 17 May 2007 18:04] by Moderator


Joshua Thomas
Technical Support Manager
2350 Mission College Blvd, Suite 400
Santa Clara, CA 95054
Phone: (408) 496-4500
Fax: (408) 496-6902
http://www.kerio.com/support.html

  •  
Kerio_jthomas

Messages: 511
Karma: 1
Send a private message to this user
Example of Supported/Unsupported:

1) You have configured ClamAV on Windows according to the KB article, but Kerio MailServer will not initalize the ClamAV engine. - SUPPORTED

2) You want to know how to compile support for scanning of encrypted attachements into ClamAV - UNSUPPORTED

3) You have found that a certain attachment causes the ClamAV engine to crash, and the mailserver with it - SUPPORTED

4) You want to use a third-party version of ClamAV (eg: clamXav) with Kerio MailServer - UNSUPPORTED


Joshua Thomas
Technical Support Manager
2350 Mission College Blvd, Suite 400
Santa Clara, CA 95054
Phone: (408) 496-4500
Fax: (408) 496-6902
http://www.kerio.com/support.html

  •  
sonofcolin

Messages: 483
Karma: 0
Send a private message to this user
If you wish to use the 'un-supported' clamXav installation then you can use the same startup item instructions found in the kb with one minor modification.

Change the example ClamAV file contents from:
#!/bin/sh

##
# ClamAV
#
# Radek Sip, Kerio Technologies (c) 2006
##

. /etc/rc.common

StartService ()
{
        ConsoleMessage "Starting ClamAV"
        exec /usr/sbin/clamd
}

StopService ()
{
        ConsoleMessage "Stopping ClamAV"
        killall clamd
}

RestartService ()
{
        ConsoleMessage "Restarting ClamAV"
        StopService
        StartService
}

RunService "$1"

To:
#!/bin/sh

##
# ClamAV
#
# Radek Sip, Kerio Technologies (c) 2006
##

. /etc/rc.common

StartService ()
{
        ConsoleMessage "Starting ClamAV"
        exec /usr/local/clamXav/sbin/clamd
}

StopService ()
{
        ConsoleMessage "Stopping ClamAV"
        killall clamd
}

RestartService ()
{
        ConsoleMessage "Restarting ClamAV"
        StopService
        StartService
}

RunService "$1"
  •  
sonofcolin

Messages: 483
Karma: 0
Send a private message to this user
Creating startup item instructions also need slight modification (might work on Linux, but not OS X):

Change original:
sudo mkdir /Library/StartupItems/ClamAV
cd /Library/StartupItems/ClamAV
touch StartupParameters.plist ClamAV
chmod 755 ClamAV
chmod 644 StartupParameters.plist

To:
sudo mkdir /Library/StartupItems/ClamAV
cd /Library/StartupItems/ClamAV
sudo touch StartupParameters.plist ClamAV
sudo chmod 755 ClamAV
chmod 644 StartupParameters.plist
  •  
Karin

Messages: 5
Karma: 0
Send a private message to this user
What’s this I read? ClamAV support? Now, that is a feature worth celebrating over. Many Thanks to the whole Kerio Team.
  •  
erikv

Messages: 16
Karma: -5
Send a private message to this user
I've installed clamav and got it running and I get an error when attempting to get KMS to communicate with it. I basically get the message that the test virus was not found. I've restarted KMS and the server and this error message still shows up. Where exactly is the test virus file supposed to be and how can I check that it is really there so I can further troubleshoot this issue?
  •  
ernst

Messages: 5
Karma: 0
Send a private message to this user
erikv wrote on Wed, 19 July 2006 06:35

I've installed clamav and got it running and I get an error when attempting to get KMS to communicate with it. I basically get the message that the test virus was not found. I've restarted KMS and the server and this error message still shows up. Where exactly is the test virus file supposed to be and how can I check that it is really there so I can further troubleshoot this issue?



I had the same problem,

At my distro (SuSe 10.1) it turned out to be rights.

ClamAv is defaulted to user Vscan. I commented the user in /etc/clamd.conf and now kerio recognizes the Scanner.
  •  
NorthernAlberta

Messages: 54
Karma: 6
Send a private message to this user
For anyone who is interested, you can use the program Runclamd to register clamavd as a service in Windows so you don’t have to restart it manually every time you reboot the computer (as mentioned in kb426).
And a thank-you to all the developers for including ClamAV in the first place.
http://www.smartbusiness.com/imail/declude/
  •  
sonofcolin

Messages: 483
Karma: 0
Send a private message to this user
To install GMP on OS X server 10.4.7 (used by freshclam to check sigs of updates) I did the following (developer tools required):
curl -O ftp://ftp.gnu.org/gnu/gmp/gmp-4.2.1.tar.gz
tar -zxvf gmp-4.2.1.tar.gz
cd gmp-4.2.1
./configure --enable-cxx --disable-shared
make
make check
sudo make install


GMP then builds and installs.
Now, whenever freshclam checks for updates, instead of this:
Quote:

Received signal: wake up
ClamAV update process started at Thu Jul 20 20:23:06 2006
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
See the FAQ at http://www.clamav.net/faq.html for an explanation.
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.88.2 Recommended version: 0.88.3
DON'T PANIC! Read http://www.clamav.net/faq.html

You get this:
Quote:

Received signal: wake up
ClamAV update process started at Mon Jul 24 20:23:15 2006
main.cvd is up to date (version: 39, sigs: 58116, f-level: 8, builder: tkojm)
daily.cvd updated (version: 1618, sigs: 4549, f-level: 8, builder: ccordes)
Database updated (62665 signatures) from database.clamav.net (IP: 65.110.48.11)
  •  
teddytis

Messages: 32
Karma: 0
Send a private message to this user
erikv wrote on Wed, 19 July 2006 00:35

I've installed clamav and got it running and I get an error when attempting to get KMS to communicate with it. I basically get the message that the test virus was not found. I've restarted KMS and the server and this error message still shows up. Where exactly is the test virus file supposed to be and how can I check that it is really there so I can further troubleshoot this issue?


I just got this setup on our server (OS X Server 10.4.7). As long as you follow the instructions in the KB article specified above it should work. Like "ernst" said, it ended up being a permission issue. I modified the startup script so it ran clamd as the "clamav" user, which is the better way of doing it for security reasons. Aparently that doesn't work since I got the same errors. Changing it back to how the KB says so it runs as root and then it works. Although if you didn't mess around with the ClamAV startup script it shouldn't have messed up. You can verify clamd is running and listening for connections by running the following (and getting similar results back)

$ sudo lsof -i:3310
COMMAND PID USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
clamd   286 root    0u  IPv4 0x02efe830      0t0  TCP localhost:dyna-access (LISTEN)
  •  
sonofcolin

Messages: 483
Karma: 0
Send a private message to this user
Quote:

I modified the startup script so it ran clamd as the "clamav" user, which is the better way of doing it for security reasons. Aparently that doesn't work since I got the same errors.


It does if you modify your clamd.conf settings.
  •  
teddytis

Messages: 32
Karma: 0
Send a private message to this user
sonofcolin wrote on Mon, 31 July 2006 12:03

Quote:

I modified the startup script so it ran clamd as the "clamav" user, which is the better way of doing it for security reasons. Aparently that doesn't work since I got the same errors.


It does if you modify your clamd.conf settings.


ahh, that gets it to startup as clamav, but then I run into the same problem that erikv is having. I change it back so it's running as root and it runs fine. Which I find really odd since it's a tcp connection. Unless it can't access the clam db as the clamav user (although no error shows up in the log). I have it as one of my low priority to do's to see if it's a permission issue like that. For right now, being able to have it running, even if as root, to protect the few windows users we have is better than nothing IMO.
  •  
russb

Messages: 8
Karma: 0
Send a private message to this user
Kerio 6.3.0
Mac OS X 10.4.8 (NOT Mac OS Server)

I tried creating a startup script following the instructions from the knowledgebase article "How to create startup script for ClamAV on Mac OS X". It does not appear to be working.

On reboot I go into Activity Monitor and there is no clamd process running.

I can get it running using sudo /usr/local/sbin/clamd (then it shows up in Activity Monitor).

If I restart Kerio MailServer and then try to connect to ClamAV I get the message "Clam AntiVirus failed to start: Unable to initialize plugin, error:Cannot connect to Clam AV on 127.0.0.1:3310"

I am concerned that I have not correctly setup clamd.conf, so I have attached it.

Can anyone help me out here?

Thanks

  • Attachment: clamd.conf
    (Size: 7.97KB, Downloaded 821 times)
sonofcolin

Messages: 483
Karma: 0
Send a private message to this user
Where did you install ClamAV?? You may find it easier to install it in one directory like /usr/local/clamav

Try changing this:
# TCP port address.
# Default: disabled
# TCPSocket 3310

To this:
# TCP port address.
# Default: disabled
TCPSocket 3310


This may help. Try changing:
# Run as a selected user (clamd must be started by root).
# Default: disabled
#User clamav

To this:
# Run as a selected user (clamd must be started by root).
# Default: disabled
User clamav


There are a number of other things you should probably change here, but I think these 2 things will get you started.
Previous Topic: someting about Sender Policy Framework
Next Topic: Wildcard cert?
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Nov 22 00:27:05 CET 2017

Total time taken to generate the page: 0.00496 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.