Introduction

This page describes how to integrate ClamAV (virus scanner) and Exim4 (mail server).

Required packages

You must have the following packages installed

Configuring Exim to use ClamAV

If you are using a split configuration file, create the file /etc/exim4/conf.d/main/50_local_clamav with the following content:

CHECK_DATA_LOCAL_ACL_FILE = /etc/exim4/conf.d/local-acl
av_scanner = clamd:/var/run/clamav/clamd.ctl

Otherwise, insert those two lines into your exim4.conf.

Next, create the file /etc/exim4/conf.d/local-acl with the following content:

  deny
   malware = *
   message = This message was detected as possible malware ($malware_name).

Restart exim4

Reconfigure exim4 so that it picks up your changes. Normally, this is with the command

# dpkg-reconfigure exim4-config

Accepting all the defaults should be OK.

Allow ClamAV to access the Exim mail spool

Add the clamav daemon user to the Debian-exim group, so that it can access the spool files.

# usermod -a -G Debian-exim clamav

Restart clamav-daemon

After changing the daemon's groups, you must restart the daemon so that it acquires the new groups

# /etc/init.d/clamav-daemon restart

Testing

Test your email server by mailing it a copy of EICAR test virus (eicar.com)

The mail server should reject the message immediately.

See Also


categoryInternet

EximClamAV (last edited 2013-02-26 04:41:43 by 242)