Hi All, I know this topic has been done to death on these forums, but I simply cannot get clamd working. I've read every thread I can find and made every change I can see, but am still having no luck. The problem is this: If a user's .antivirusrc file contains: Code: | /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin Then incoming emails are scanned as the following header shows: Code: X-Virus-Status: No X-Virus-Checker-Version: clamassassin 1.2.4 with clamdscan / ClamAV 0.94/8507/Mon Oct 27 03:48:11 2008 However, we do not want to use clamassassin because of the load it causes and are trying to use clamd instead. If a user's .antivirusrc file contains: Code: | /usr/bin/clamdscan Then incoming emails are not scanned. Clamd is running: Code: # ps ax | grep clamd 17727 ? Ssl 0:00 clamd It is set to start automatically: Code: # chkconfig --list | grep clam clamd 0:off 1:off 2:on 3:on 4:on 5:on 6:off The /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin contains: Code: CLAMSCAN=/usr/bin/clamdscan The /home/admispconfig/ispconfig/tools/clamav/etc/clamd.conf contains: Code: ScanMail 1 The /home/admispconfig/ispconfig/tools/clamav/etc/freshclam.conf contains: Code: NotifyClamd /home/admispconfig/ispconfig/tools/clamav/etc/clamd.conf And I have clamd and clamdscan installed: which clamd Code: /usr/sbin/clamd which clamdscan Code: /usr/bin/clamdscan Pretty much pulling my hair out at this point. What am I missing? Thanks, Jon
You changed the wrong file. 1) Undo the changes in the .antivirusrc file. The path must be /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin 2) Edit /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin to CLAMSCAN=/usr/bin/clamdscan. Do not edit anything else in this file. 3) Start the clamd daemon of your linux distribution and make sure that it is running.
Hi Till, This is one of the many configurations we've tried and it doesn't work. I've double checked that the two files you mention as correct and also verified that the clamd daemon is working, but incoming messages are not scanned. Any other ideas? Thanks, Jon
Hi, Actually, it is working now. Excellent. So, now my only question is how do I change 500+ user's .antivirusrc files from this: Code: #| /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin | /usr/bin/clamdscan to this: Code: | /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin ? Thank, Jon
If you don't want to update your users one by one in ISPConfig, you could write a script that modifes all .antivirusrc files.
Hi, Well, since I didn't make all 500+ user's .antivirusrc files this way, ISPConfig did somehow and I was hoping that there was a way to make ISPConfig change them all back. Jon
You can update the user config by running this sql command in the ispconfig db: update isp_isp_user set status = 'u' where status = ''; and then change one of the users in ispconfig and click on save.
Actually, this did not work. To test it, I changed the status of one user to 'u' in the ispconfig database. I then made a change to another user within the ISPConfig GUI. The user whose status was set to 'u' had their .antivirusrc file touched, but the contents remained unchanged. Before doing anything: Code: [root@server]# ls -al .antivirus.rc -rw-r--r-- 1 root root 125 Oct 28 13:05 .antivirus.rc [root@server]# cat .antivirus.rc :0fw #| /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin | /usr/bin/clamdscan :0: * ^X-Virus-Status: Yes /dev/null After setting this user's status to 'u', making a change to another user within the GUI and saving it: Code: [root@server]# ls -al .antivirus.rc -rw-r--r-- 1 root root 125 Oct 29 08:30 .antivirus.rc [root@server]# cat .antivirus.rc :0fw #| /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin | /usr/bin/clamdscan :0: * ^X-Virus-Status: Yes /dev/null Am I misunderstanding? Thanks, Jon
Here is some more information. Based on this test, it seems to me that whatever file ISPConfig gets its command to scan messages from has been altered and ISPConfig is therefore writing the wrong thing to user's .antivirusrc files: Using a specific user: If I manually change the user's .antivirusrc file to this: Code: [root@server user_jonw]# cat .antivirus.rc :0fw | /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin :0: * ^X-Virus-Status: Yes /dev/null Scanning occurs and everything is fine. The, when I use the ISPConfig GUI to turn the antivirus off for this user, the .antivirusrc file is rewritten to look like this: Code: [root@server user_jonw]# cat .antivirus.rc :0fw #| /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin | /usr/bin/clamdscan :0: * ^X-Virus-Status: Yes /dev/null And scanning does not occur as expected. However, when I use the GUI to turn the Antivirus back on, the file modification date changes, but the contents do not. The contents remain: Code: [root@server user_jonw]# cat .antivirus.rc :0fw #| /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin | /usr/bin/clamdscan :0: * ^X-Virus-Status: Yes /dev/null So scanning does not resume. Can someone point me to the file where ISPConfig is getting the: Code: #| /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin | /usr/bin/clamdscan lines from? I presume if I fix that file, then that will fix the problem. Thanks, Jon
Ok, looks like you altered the master file for the antivirus. Please undo your changes and restore the original file delivered with ISPConfig. The master files are in /root/ispconfig/isp/conf and the directory /root/ispconfig/isp/conf/customized_templates
Aha! I forgot about a customized template that was in place from some time ago. That is the file where the error was. Seems to be working correctly for my account now, thanks. We'll let some users try it now. Jon
