PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Debian, postfix, amavis-postfix und clamAV - Wie ClamAV einbinden?



jpfote
02.05.05, 19:39
Moin Moin,

ich habe die latzten Tage damit zugebracht, einen Virenscanner zu installieren. Postfix und das Paket "amavis-postfx" unter Debian-Sarge laufen soweit. Nur eine Frage habe ich noch:

Wie binde ich ClamAV in die amavisd.conf ein. Dort ist für alle möglichen Virenscanner eine Vorlage, nur nicht für ClamAV. Kann mir da evtl. mal jemand, der das schon gemacht hat, mal ein Beispiel nennen? Vielen Dank. Hier meine amavisd.conf



#
# Configuration file for amavisd with postfix
#
# Location: /etc
#
# Author: Lars Hecking <lhecking@users.sourceforge.net>
#
# This file is part of the AMaViS package. For more information see:
#
# http://amavis.org/
#
# Copyright (C) 2001 the people mentioned above
#
#
# This software is licensed under the GNU General Public License (GPL)
# See: http://www.gnu.org/copyleft/gpl.html
#

#
# Part I - Av scanners init section
#
#
# amavisd (snapshot-20020222) was configured for use with:
# ALL
# NOTE: don't forget to re-run ./configure if you want to use
# another virus scanner!

# NAI AntiVirus (uvscan)
$uvscan = "";

# H+BEDV AntiVir
$antivir = "";

# Sophos Anti Virus (sweep)
$sophos = "";
$sophos_ide_path = "";

# KasperskyLab AntiViral Toolkit Pro (AVP)
$avp = "";
$AVPDIR = dirname($avp);

# KasperskyLab AVPDaemon / AvpDaemonClient
#
# use AvpDaemon and AvpDaemonClient
# Note: AvpDaemon must be started before amavisd!
# AvpDaemon should be started at boot time as AvpDaemon -* /var/amavis
$avpdc = "";

# F-Secure Antivirus
$fsav = "";

# Trend Micro FileScanner
$vscan = "";

# CyberSoft VFind
$vfind = "";

# CAI InoculateIT
$inocucmd = "";


# GeCAD RAV Antivirus 8
$rav = "";

# ESET Software NOD32
$nod32 = "";

# ESET Software NOD32 (Client/Server Version)
$nod32cli = "";

# Command AntiVirus for Linux
$csav = "";

# VirusBuster (Daemon + Client)
$vbengcl = "";

# Symantec CarrierScan via Symantec Command Line Scannner
$cscmdline = "";
$scs_host = ""; # host/IP CarrierScan runs on
$scs_port = ""; # port CarrierScan listens on

# Sophie (Sophos SAVI)
$sophie_sockname = "";

# Trophie (Trend API)
$trophie_sockname = "";

# FRISK F-Prot
$fprot = "";

# Panda Antivirus for Linux
$panda = "";

# OpenAntiVirus ScannerDaemon
$oav = "";

# DrWeb Antivirus for Linux/FreeBSD/Solaris
$drweb = "";

# MkS_Vir for Linux (beta)
$mks = "";

#
# Part II - Logging
#

# yes - syslog, no - file logging
$DO_SYSLOG = "yes";

# Directory to put log entries (if not using syslog)
$LOGDIR = "${prefix}/../var/lib/amavis";
$LOGFILE = "amavis.log";

# 0: default - startup/exit/failure messages
# 1: args passed from client
# 2: virus scanner output
# 3: server client
# 4: decompose parts
$log_level = 0;

#
# Part III - Virus stuff
#

# Notify admin/sender/recipient?
$warnadmin = "yes";
$warnsender = "yes";
$warnrecip = "no";

# Notify off-site recipients?
$warn_offsite = "no";

# List of local domains
# e.g. @local_domains = qw( dom.ain other.dom.ain );
@local_domains = qw();

# Location to put infected mail - empty for not quarantining
$QUARANTINEDIR = "/var/lib/amavis/virusmails";

# Add X-Virus-Scanned line to mail?
$X_HEADER_TAG = "X-Virus-Scanned";
# Leave empty to add no header
$X_HEADER_LINE = "by AMaViS snapshot-20020222";

################################################## ##

#
# Part IV - External programs
# (perl modules do not exist for these yet)
#

$arc = "/usr/share/amavis/arc";
$bunzip = "/usr/bin/bunzip2";
$file = "/usr/bin/file";
$lha = "/usr/share/amavis/lha";
$unarj = "/usr/share/amavis/unarj";
$uncompress = "/bin/uncompress";
$unrar = "/usr/share/amavis/unrar";
$zoo = "/usr/share/amavis/zoo";

#
# Part V - MTA specific stuff
#

# Qmail-specific
$QMAILDIR = "/bin";

# postfix-specific
$smtp_port = "10025";
$localhost_name = "localhost";
$localhost_ip = "127.0.0.1";

# sendmail-specific
# Do we use amavis on a mail relay/gateway type setup?
$enable_relay = "no";

#
$sendmail_cf_orig = "";
# What sendmail wrapper to use
$sendmail_wrapper = "/usr/lib/sendmail";
$sendmail_wrapper_args = "-i -t";

#
# Part VI - Misc
#

# The next three are resource limitations - exit with EX_TEMPFAIL if exceeded
# Maximum recursion level for extraction/decoding
$MAXLEVELS = 20;

# Maximum nesting level for compressing archive formats
$MAX_ARCHIVE_NESTING = 3;

# Maximum number of extracted files
$MAXFILES = 500;

# Who reports are sent from
$mailfrom = 'postmaster';

# Where to send virus reports
$mailto = 'virusalert';

# Display AMaViS credits to users
$credits = "no";

bluesky666
02.05.05, 20:07
also bei mir sieht der Teil mit den Virenscannern so aus:

ich habe antivir und bitdefender sowie clamav und f-prot



@av_scanners = (

### http://www.hbedv.com/ or http://www.centralcommand.com/
['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
['antivir','vexira'],
'--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
(?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
# NOTE: if you only have a demo version, remove -z and add 214, as in:
# '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/,

### http://www.bitdefender.com/
['BitDefender', 'bdc',
'--all --arc --mail {}', qr/^Infected files *:0+(?!\d)/,
qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
qr/(?:suspected|infected): (.*)(?:\033|$)/ ],

);


@av_scanners_backup = (

### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
['ClamAV-clamscan', 'clamscan',
"--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

### http://www.f-prot.com/ - backs up F-Prot Daemon
['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
'-dumb -archive -packed {}', [0,8], [3,6],
qr/Infection: (.+)/ ],


);

jpfote
02.05.05, 20:13
Danke für Deine Antwort. Ja, diese Argumente habe ich schon bei Google gefunden, allerdings nur mit dem Paket: amavis-new. Ich habe jedoch nur das Paket "amavis-postfix" installiert und da sieht die Konfigurationsdatei etwas anders aus (hatte vorher auch amavis-new drauf).

Welche Pakete hast Du denn installiert?

bluesky666
03.05.05, 17:44
ich habe amavis-new installiert