Want to install ClamAV on your Red Hat Enterprise Linux, CentOS, or Fedora Core box? Their documentation is pretty darn easy to follow, but this fills in some of the missing pieces for RHEL.
clamd is the scanning daemon, clamav-milter is the milter, and freshclam is the process that updates the virus definitions.
All the commands, in Courier font, should be on one line if they happen to wrap.
- Install gmp, gmp-devel, sendmail, sendmail-cf, sendmail-devel, zlib, zlib-devel, bzip2, bzip2-devel.
- Get the sendmail source from sendmail.org. Extract it, go into the libmilter subdirectory. Run "make" and "make install". That will install libmilter into /usr, where sendmail can find it. No need to build the whole sendmail.
useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
- Get the ClamAV source, extract it, build it, install it (three lines, two are make):
./configure --prefix=/usr/local/clamav --disable-zlib-vcheck --enable-milter
- Configure /usr/local/clamav/etc/clamd.conf. I changed the following:
I chose to have it log via syslog to the mail facility. Why? Because I’m lazy and that log gets rotated already. One less thing to have to change & worry about. If you are high-traffic you might want to have logrotate rotate /var/log/maillog daily.
- Configure /usr/local/clamav/etc/freshclam.conf. I changed the following:
chown clamav.clamav /var/run/clamav/
chmod 700 /var/run/clamav
- Start the base services to make sure they work. You may want to "tail -f /var/log/maillog" while you’re doing this:
- Configure the milter. Add the following to /etc/mail/sendmail.mc right before the MAILER(smtp)dnl line. It’s two lines, the second beginning with “define”:
INPUT_MAIL_FILTER(`clamav’, `S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m;C:30s;E:10m’)dnl
- Make the new sendmail.cf by issuing a "make -C /etc/mail" command.
- Start the milter process to test it:
/usr/local/clamav/sbin/clamav-milter -lo /var/run/clamav/clmilter.sock
- Restart sendmail to make it pick up the configuration changes (service sendmail restart).
- Send a test email. If everything works make sure you set the services to start at boot, either with the init script that is in the ClamAV contrib directory or just by adding lines to /etc/rc.local.