Installing ClamAV 0.93.3 From The Sources (+ Sendmail Integration) On CentOS 5.2

Want to support HowtoForge? Become a subscriber!
 
Submitted by arasel (Contact Author) (Forums) on Thu, 2008-07-31 14:04. :: Anti-Spam/Virus | CentOS | Email

Installing ClamAV 0.93.3 From The Sources (+ Sendmail Integration) On CentOS 5.2

Author: Ioan Ungureanu
server@ro-design.net

Note: This how-to refers to the installation and configuration of Clamav 0.93.3 (from sources) on a Linux server running CentOS 5.2 and sendmail.
We assume the fact you’ve installed sendmail and sendmail-devel from the rpm packages of your distribution

If not just run the command:

yum install sendmail sendmail-devel

The sendmail-devel package is not optional here because we need libmilter. If we don’t install sendmail-devel we have to deal with error message libmilter not foud, so we avoid from start such a stop error.

 

Installing ClamAV-0.93.3 from sources

We need first to create the user and group:

groupadd clamav
useradd -g clamav clamav

We will change the password for the user clamav; for security reasons, this is not really necessary but recommended, choose a complex password, you don't need to remember after install; as a security rule, assume in your /etc/passwd user clamav has /sbin/nologin as shell environment like below, where uid and gid are the user id and group id assigned for clamav user.

cat /etc/passwd |grep 'clamav'

clamav:x:uid:gid::/home/clamav:/sbin/nologin

passwd clamav

We create next working directories for daemon and storeplace for logs:

mkdir /var/clamav
chown clamav:root /var/clamav
mkdir /var/log/clamav/
chown clamav:root /var/log/clamav/
mkdir /usr/local/share/clamav
chown clamav:clamav /usr/local/share/clamav

Now download the ClamAV 0.93.3 sources from a mirror (we used heatnet as a mirror, if it is slow or not responding you can choose another mirror from):

wget http://dl.sourceforge.net/sourceforge/clamav/clamav-0.93.3.tar.gz

or use a mirror like http://sourceforge.net/project/downloading.php?group_id=86638&use_mirror=osdn&filename=clamav-0.93.3.tar.gz&88361377&abmode=1.

tar xzvf clamav-0.93.3.tar.gz

cd clamav-0.93.3
./configure –disable-clamuko –enable-milter –with-dbdir=/usr/local/share/clamav

Basically, on distributions Red Hat based, when trying to compile clamav we see an error from incompatibility with zlib. You have the choise to install both zlib and zlib-devel packages with

yum install zlib zlib-devel

If there are erros, like configure: error: The installed zlib version may contain a security bug. Please upgrade to 1.2.2 or later: http://www.zlib.net. You can omit this check with –disable-zlib-vcheck but DO NOT REPORT any stability issues then!
 we write the command:

yum update zlib zlib-devel

The chance to get error still exist so it is safe to run:

./configure –disable-clamuko –enable-milter –with-dbdir=/usr/local/share/clamav –disable-zlib-vcheck

After we run, for both cases:

make

make install

We need a file named clamav.conf. We edit it in /etc:

vi /etc/clamav.conf

Write the following lines:

#/etc/clamav.conf
LogTime
LogSyslog
LogFile /var/log/clam/clamd.log
PidFile /var/run/clam/clamd.pid
LocalSocket /var/run/clam/clamd.sock
FixStaleSocket
MaxThreads 50
ThreadTimeout 600
MaxDirectoryRecursion 15
FollowFileSymlinks
SelfCheck 600
User clamav
ScanMail
ScanArchive
ArchiveMaxFileSize 10M #file max size in Megabytes for archived scaned files.You can modify this to suit your purposes
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000

Save and close the file.

Now tell your startup script to load the ClamAV daemon:

echo “/usr/local/sbin/clamd” >> /etc/rc.d/rc.local
echo “/usr/local/sbin/clamav-milter -l -o -q /var/milter/clmilter.sock” >> /etc/rc.d/rc.local

cp /etc/clamav.conf /usr/local/etc/
touch /var/log/clam-update.log
chown clamav:clamav /var/log/clam-update.log
touch /tmp/clamd.log
chown clamav:root /tmp/clamd.log
mkdir /var/milter
chown clamav:root /var/milter/
cd /usr/local/etc/

We modify some configuration files [you can download/use those used by me] in the directory /etc:

cd /etc

wget ftp://ftp.ro-design.net/pub/clamd.conf
wget ftp://ftp.ro-design.net/pub/freshclam.conf
mkdir /var/lib/clamav
chown clamav:root /var/lib/clamav/
/usr/local/bin/freshclam -l /var/log/clam-update.log
cp /usr/local/sbin/clamd /etc/init.d/
/etc/init.d/clamd restart

In the file /etc/mail/sendmail.mc add the lines:

INPUT_MAIL_FILTER(`clmilter’,`S=local:/var/milter/clmilter.sock, F=, T=S:4m;R:4m’)
dnl define(`confINPUT_MAIL_FILTERS’, `clmilter’)
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

/etc/init.d/sendmail restart
crontab -e

Add the lines below:

# we will update the database used by Clamav antivirus daily, twice
0 2,13 * * * /usr/local/bin/freshclam –quiet -l /var/log/clam-update.log

Finally:

/etc/rc.d/rc.local

For any questions or troubles you can contact me at: server@ro-design.net


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.