How would I go about scanning my email for viruses and other nasties?

While viruses on Linux are rare and would require special privileges to run, one could still be sending an email from Linux with an attachment that could be affected by a virus, which could then spell doom for Windows users. As well things like "spoofed" web site addresses can be sent to you via email and Clamav can detect these and warn you about them so you don't mistakenly click a link to go to a bogus web site. To make your communications safer, here is how you can scan your email for viruses and other malware.

Requirements

You need to have ClamAV running in automated mode. Installing the clamav-daemon package provides this. See the ClamAV documentation for more information about this.

You will also need to add the following lines to /etc/clamav/clamd.conf:

TCPSocket 3310
TCPAddr localhost 

You can edit such file by issuing the following command:

gksu gedit /etc/clamav/clamd.conf

Once you've made such changes, restart the ClamAV service:

sudo service clamav-daemon restart

Scanning email for viruses in Thunderbird

Scanning email for viruses in Thunderbird will require installing the Clamdrib extension. An updated version that seems to work with Thunderbird 3.x can be found on Andris Pavenis' website. Once the extension has been installed you can test if its communicating with the ClamAV installation by going to Tools > Add-ons > clamdrib > Preferences > Test Settings.

See below for instructions on how to test if you virus scanning works. Keep in mind ClamAV will check any emails you preview or open, it will *not* scan incoming emails as they come in or outgoing emails.

For more information see this Thunderbird Virus Scan thread.

Scanning email for viruses in Evolution

This thread gives you all the steps to have Clamav automatically scan all your incoming Evolution e-mails and pop up notifications as well as make syslog entries:

Testing your email virus-scanning setup

  • # Install clamav-testfiles # Email your account any of the following files:
    • /usr/share/clamav-testfiles/clam.cab
    • /usr/share/clamav-testfiles/clam.exe
    • /usr/share/clamav-testfiles/clam.exe.bz2
    • /usr/share/clamav-testfiles/clam-v2.rar
    • /usr/share/clamav-testfiles/clam-v3.rar
    • /usr/share/clamav-testfiles/clam.zip


CategorySecurity

ScanningEmail (last edited 2010-08-19 15:37:37 by fun-stuff)