Home > Linux > document > 正文

linux postfix 安装Spamassassin和clamav

linux postfix 安装Spamassassin和clamav
1.Spamassassin可以直接安装启动,不需要特殊配置
2.clamav需要参照改动文件/etc/clamd.d/clamd.conf
下面是安装的详细日志,(包括更改文件参数),
系统版本 fedora 22
SSH Secure Shell 3.2.9 (Build 283)
Copyright (c) 2000-2003 SSH Communications Security Corp - http://www.ssh.com/
This copy of SSH Secure Shell is a non-commercial version.
This version does not include PKI and PKCS #11 functionality.
Last login: Mon May  2 12:00:59 2016 from 218.83.100.141
[root@mail ~]# dnf install spam
spamassassin-FuzzyOcr.noarch   spamassassin-iXhash2.noarch    spamass-milter-postfix.noarch  spamprobe.i686
spamassassin.i686              spamass-milter.i686            spampd.noarch
[root@mail ~]# dnf install spam
spamassassin-FuzzyOcr.noarch   spamassassin-iXhash2.noarch    spamass-milter-postfix.noarch  spamprobe.i686
spamassassin.i686              spamass-milter.i686            spampd.noarch
[root@mail ~]# dnf install spamass
spamassassin-FuzzyOcr.noarch   spamassassin.i686              spamassassin-iXhash2.noarch    spamass-milter.i686            spamass-milter-postfix.noarch
[root@mail ~]# dnf install spamassassin.i686
Fedora 22 - i386 - Updates                                                                                                                4.0 MB/s |  20 MB     00:05
Last metadata expiration check performed 0:00:17 ago on Tue May  3 21:16:54 2016.
Package spamassassin-3.4.1-2.fc22.i686 is already installed, skipping.
Dependencies resolved.
Nothing to do.
Complete!
[root@mail ~]# service spamassassin status
Redirecting to /bin/systemctl status  spamassassin.service
?spamassassin.service - Spamassassin daemon
Loaded: loaded (/usr/lib/systemd/system/spamassassin.service; disabled; vendor preset: disabled)
Active: inactive (dead)
[root@mail ~]# service spamassassin start
Redirecting to /bin/systemctl start  spamassassin.service
[root@mail ~]# service spamassassin status
Redirecting to /bin/systemctl status  spamassassin.service
?spamassassin.service - Spamassassin daemon
Loaded: loaded (/usr/lib/systemd/system/spamassassin.service; disabled; vendor preset: disabled)
Active: active (running) since Tue 2016-05-03 21:18:00 CST; 1s ago
Main PID: 22103 (spamd)
CGroup: /system.slice/spamassassin.service
忖22103 /usr/bin/perl -T -w /usr/bin/spamd -c -m5 -H
May 03 21:18:00 mail systemd[1]: Started Spamassassin daemon.
May 03 21:18:00 mail systemd[1]: Starting Spamassassin daemon...
[root@mail ~]# systemctl enable spamassassin.service
Created symlink from /etc/systemd/system/multi-user.target.wants/spamassassin.service to /usr/lib/systemd/system/spamassassin.service.
[root@mail ~]# dnf install clamav
Last metadata expiration check performed 0:02:20 ago on Tue May  3 21:16:54 2016.
Package clamav-0.99-2.fc22.i686 is already installed, skipping.
Dependencies resolved.
Nothing to do.
Complete!
[root@mail ~]# freshclam
ERROR: Please edit the example config file /etc/freshclam.conf
ERROR: Can't open/parse the config file /etc/freshclam.conf
[root@mail ~]# dnf install zlib
Last metadata expiration check performed 0:03:57 ago on Tue May  3 21:16:54 2016.
Package zlib-1.2.8-7.fc22.i686 is already installed, skipping.
Dependencies resolved.
Nothing to do.
Complete!
[root@mail ~]# mkdir /usr/local/clamav/logs
mkdir: cannot create directory ?usr/local/clamav/logs? No such file or directory
[root@mail ~]# mkdir /usr/local/clamav/
[root@mail ~]# mkdir /usr/local/clamav/logs
[root@mail ~]# mkdir /usr/local/clamav/updata
[root@mail ~]# vi /usr/local/clamav/etc/clamd.conf
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
[root@mail ~]#
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# whereis clamd.conf
clamd: /usr/sbin/clamd /etc/clamd.d /usr/share/man/man8/clamd.8.gz
[root@mail ~]# dnf remove clamav
Dependencies resolved.
==========================================================================================================================================================================
Package                                Arch                                 Version                                        Repository                               Size
==========================================================================================================================================================================
Removing:
clamav                                 i686                                 0.99-2.fc22                                    @System                                 2.1 M
Transaction Summary
==========================================================================================================================================================================
Remove  1 Package
Installed size: 2.1 M
Is this ok [y/N]: y
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Erasing     : clamav-0.99-2.fc22.i686                                                                                                                               1/1
Verifying   : clamav-0.99-2.fc22.i686                                                                                                                               1/1
Removed:
clamav.i686 0.99-2.fc22
Complete!
[root@mail ~]# dnf install clamd
Last metadata expiration check performed 0:08:00 ago on Tue May  3 21:16:54 2016.
No package clamd available.
Error: no package matched: clamd
[root@mail ~]# dnf install clamav
Last metadata expiration check performed 0:08:45 ago on Tue May  3 21:16:54 2016.
Dependencies resolved.
==========================================================================================================================================================================
Package                                           Arch                              Version                                     Repository                          Size
==========================================================================================================================================================================
Installing:
clamav                                            i686                              0.99.1-1.fc22                               updates                            832 k
Upgrading:
clamav-data                                       noarch                            0.99.1-1.fc22                               updates                             64 M
clamav-devel                                      i686                              0.99.1-1.fc22                               updates                             42 k
clamav-filesystem                                 noarch                            0.99.1-1.fc22                               updates                             24 k
clamav-lib                                        i686                              0.99.1-1.fc22                               updates                            4.0 M
clamav-scanner                                    noarch                            0.99.1-1.fc22                               updates                             31 k
clamav-scanner-systemd                            noarch                            0.99.1-1.fc22                               updates                             24 k
clamav-server                                     i686                              0.99.1-1.fc22                               updates                            107 k
clamav-server-systemd                             noarch                            0.99.1-1.fc22                               updates                             24 k
clamav-update                                     i686                              0.99.1-1.fc22                               updates                             96 k
Transaction Summary
==========================================================================================================================================================================
Install  1 Package
Upgrade  9 Packages
Total download size: 69 M
Is this ok [y/N]: y
Downloading Packages:
[MIRROR] clamav-0.99.1-1.fc22.i686.rpm: Curl error (28): Timeout was reached for ftp://mirrors.ustc.edu.cn/fedora/linux/updates/22/i386/c/clamav-0.99.1-1.fc22.i686.rpm []
(1/10): clamav-filesystem-0.99.1-1.fc22.noarch.rpm                                                                                         53 kB/s |  24 kB     00:00
(2/10): clamav-0.99.1-1.fc22.i686.rpm                                                                                                     1.5 MB/s | 832 kB     00:00
(3/10): clamav-update-0.99.1-1.fc22.i686.rpm                                                                                              408 kB/s |  96 kB     00:00
(4/10): clamav-devel-0.99.1-1.fc22.i686.rpm                                                                                               677 kB/s |  42 kB     00:00
(5/10): clamav-lib-0.99-2.fc22_0.99.1-1.fc22.i686.drpm                                                                                    875 kB/s | 746 kB     00:00
(6/10): clamav-server-systemd-0.99.1-1.fc22.noarch.rpm                                                                                    122 kB/s |  24 kB     00:00
(7/10): clamav-server-0.99.1-1.fc22.i686.rpm                                                                                              196 kB/s | 107 kB     00:00
(8/10): clamav-scanner-0.99.1-1.fc22.noarch.rpm                                                                                           317 kB/s |  31 kB     00:00
(9/10): clamav-scanner-systemd-0.99.1-1.fc22.noarch.rpm                                                                                   134 kB/s |  24 kB     00:00
(10/10): clamav-data-0.99.1-1.fc22.noarch.rpm                                                                                             2.8 MB/s |  64 MB     00:22
[DRPM] clamav-lib-0.99-2.fc22_0.99.1-1.fc22.i686.drpm: done
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                     2.6 MB/s |  66 MB     00:25
Delta RPMs reduced 69.0 MB of updates to 65.7 MB (4.1% saved)
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Upgrading   : clamav-filesystem-0.99.1-1.fc22.noarch                                                                                                               1/19
Upgrading   : clamav-data-0.99.1-1.fc22.noarch                                                                                                                     2/19
Upgrading   : clamav-lib-0.99.1-1.fc22.i686                                                                                                                        3/19
Upgrading   : clamav-devel-0.99.1-1.fc22.i686                                                                                                                      4/19
Upgrading   : clamav-server-0.99.1-1.fc22.i686                                                                                                                     5/19
Upgrading   : clamav-server-systemd-0.99.1-1.fc22.noarch                                                                                                           6/19
Upgrading   : clamav-scanner-systemd-0.99.1-1.fc22.noarch                                                                                                          7/19
Upgrading   : clamav-scanner-0.99.1-1.fc22.noarch                                                                                                                  8/19
Installing  : clamav-0.99.1-1.fc22.i686                                                                                                                            9/19
Upgrading   : clamav-update-0.99.1-1.fc22.i686                                                                                                                    10/19
Cleanup     : clamav-scanner-systemd-0.99-2.fc22.noarch                                                                                                           11/19
Cleanup     : clamav-scanner-0.99-2.fc22.noarch                                                                                                                   12/19
Cleanup     : clamav-devel-0.99-2.fc22.i686                                                                                                                       13/19
Cleanup     : clamav-update-0.99-2.fc22.i686                                                                                                                      14/19
Cleanup     : clamav-server-systemd-0.99-2.fc22.noarch                                                                                                            15/19
Cleanup     : clamav-server-0.99-2.fc22.i686                                                                                                                      16/19
Cleanup     : clamav-lib-0.99-2.fc22.i686                                                                                                                         17/19
Cleanup     : clamav-data-0.99-2.fc22.noarch                                                                                                                      18/19
Cleanup     : clamav-filesystem-0.99-2.fc22.noarch                                                                                                                19/19
Verifying   : clamav-0.99.1-1.fc22.i686                                                                                                                            1/19
Verifying   : clamav-lib-0.99.1-1.fc22.i686                                                                                                                        2/19
Verifying   : clamav-filesystem-0.99.1-1.fc22.noarch                                                                                                               3/19
Verifying   : clamav-update-0.99.1-1.fc22.i686                                                                                                                     4/19
Verifying   : clamav-server-0.99.1-1.fc22.i686                                                                                                                     5/19
Verifying   : clamav-devel-0.99.1-1.fc22.i686                                                                                                                      6/19
Verifying   : clamav-data-0.99.1-1.fc22.noarch                                                                                                                     7/19
Verifying   : clamav-server-systemd-0.99.1-1.fc22.noarch                                                                                                           8/19
Verifying   : clamav-scanner-0.99.1-1.fc22.noarch                                                                                                                  9/19
Verifying   : clamav-scanner-systemd-0.99.1-1.fc22.noarch                                                                                                         10/19
Verifying   : clamav-data-0.99-2.fc22.noarch                                                                                                                      11/19
Verifying   : clamav-devel-0.99-2.fc22.i686                                                                                                                       12/19
Verifying   : clamav-filesystem-0.99-2.fc22.noarch                                                                                                                13/19
Verifying   : clamav-lib-0.99-2.fc22.i686                                                                                                                         14/19
Verifying   : clamav-scanner-0.99-2.fc22.noarch                                                                                                                   15/19
Verifying   : clamav-scanner-systemd-0.99-2.fc22.noarch                                                                                                           16/19
Verifying   : clamav-server-0.99-2.fc22.i686                                                                                                                      17/19
Verifying   : clamav-server-systemd-0.99-2.fc22.noarch                                                                                                            18/19
Verifying   : clamav-update-0.99-2.fc22.i686                                                                                                                      19/19
Installed:
clamav.i686 0.99.1-1.fc22
Upgraded:
clamav-data.noarch 0.99.1-1.fc22     clamav-devel.i686 0.99.1-1.fc22              clamav-filesystem.noarch 0.99.1-1.fc22  clamav-lib.i686 0.99.1-1.fc22
clamav-scanner.noarch 0.99.1-1.fc22  clamav-scanner-systemd.noarch 0.99.1-1.fc22  clamav-server.i686 0.99.1-1.fc22        clamav-server-systemd.noarch 0.99.1-1.fc22
clamav-update.i686 0.99.1-1.fc22
Complete!
[root@mail ~]# vi /etc/clamd.conf
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# vi /etc/clamd.d/
amavisd.conf  clamd.conf    scan.conf
[root@mail ~]# vi /etc/clamd.d/
amavisd.conf  clamd.conf    scan.conf
[root@mail ~]# vi /etc/clamd.d/clamd.conf
##
## Example config file for the Clam AV daemon
## Please read the clamd.conf(5) manual before editing this file.
##
# Comment or remove the line below.
Example
# Uncomment this option to enable logging.
# LogFile must be writable for the user running daemon.
# A full path is required.
# Default: disabled
#LogFile /var/log/clamd.<SERVICE>
# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option).
# This option disables log file locking.
# Default: no
#LogFileUnlock yes
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers. If LogFileMaxSize is enabled, log
# rotation (the LogRotate option) will always be enabled.
# Default: 1M
#LogFileMaxSize 2M
# Log time with each message.
# Default: no
#LogTime yes
/archive
#PhishingAlwaysBlockSSLMismatch no
# Always block cloaked URLs, even if URL isn't in database.
# This can lead to false positives.
#
# Default: no
#PhishingAlwaysBlockCloak no
# Detect partition intersections in raw disk images using heuristics.
# Default: no
#PartitionIntersection no
# Allow heuristic match to take precedence.
# When enabled, if a heuristic scan (such as phishingScan) detects
# a possible virus/phish it will stop scan immediately. Recommended, saves CPU
# scan-time.
# When disabled, virus/phish detected by heuristic scans will be reported only at
# the end of a scan. If an archive contains both a heuristically detected
# virus/phish, and a real malware, the real malware will be reported
#
# Keep this disabled if you intend to handle "*.Heuristics.*" viruses
# differently from "real" malware.
# If a non-heuristically-detected virus (signature-based) is found first,
# the scan is interrupted immediately, regardless of this config option.
#
# Default: no
#HeuristicScanPrecedence yes
##
## Data Loss Prevention (DLP)
##
# Enable the DLP module
# Default: No
/archive
##
## HTML
##
# Perform HTML normalisation and decryption of MS Script Encoder code.
# Default: yes
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
#ScanHTML yes
##
## Archives
##
# ClamAV can scan within archives and compressed files.
# If you turn off this option, the original files will still be scanned, but
# without unpacking and additional processing.
# Default: yes
#ScanArchive yes
# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
# Default: no
#ArchiveBlockEncrypted no
##
## Limits
##
# The options below protect your system against Denial of Service attacks
# using archive bombs.
# This option sets the maximum amount of data to be scanned for each input file.
# Archives and other containers are recursively extracted and scanned up to this
# value.
# Value of 0 disables the limit
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 100M
#MaxScanSize 150M
# Files larger than this limit won't be scanned. Affects the input file itself
# as well as files contained inside it (when the input file is an archive, a
# document or some other kind of container).
# Value of 0 disables the limit.
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 25M
#MaxFileSize 30M
# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
# file, all files within it will also be scanned. This options specifies how
# deeply the process should be continued.
# Note: setting this limit too high may result in severe damage to the system.
# Default: 16
#MaxRecursion 10
# Number of files to be scanned within an archive, a document, or any other
search hit BOTTOM, continuing at TOP
#PhishingAlwaysBlockSSLMismatch no
# Always block cloaked URLs, even if URL isn't in database.
# This can lead to false positives.
#
# Default: no
#PhishingAlwaysBlockCloak no
# Detect partition intersections in raw disk images using heuristics.
# Default: no
#PartitionIntersection no
# Allow heuristic match to take precedence.
# When enabled, if a heuristic scan (such as phishingScan) detects
# a possible virus/phish it will stop scan immediately. Recommended, saves CPU
# scan-time.
# When disabled, virus/phish detected by heuristic scans will be reported only at
# the end of a scan. If an archive contains both a heuristically detected
# virus/phish, and a real malware, the real malware will be reported
#
# Keep this disabled if you intend to handle "*.Heuristics.*" viruses
# differently from "real" malware.
# If a non-heuristically-detected virus (signature-based) is found first,
# the scan is interrupted immediately, regardless of this config option.
#
# Default: no
#HeuristicScanPrecedence yes
##
## Data Loss Prevention (DLP)
##
# Enable the DLP module
# Default: No
/archive
##
## HTML
##
# Perform HTML normalisation and decryption of MS Script Encoder code.
# Default: yes
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
#ScanHTML yes
##
## Archives
##
# ClamAV can scan within archives and compressed files.
# If you turn off this option, the original files will still be scanned, but
# without unpacking and additional processing.
# Default: yes
#ScanArchive yes
# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
# Default: no
#ArchiveBlockEncrypted no
##
## Limits
##
# The options below protect your system against Denial of Service attacks
# using archive bombs.
# This option sets the maximum amount of data to be scanned for each input file.
# Archives and other containers are recursively extracted and scanned up to this
# value.
# Value of 0 disables the limit
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 100M
#MaxScanSize 150M
# Files larger than this limit won't be scanned. Affects the input file itself
# as well as files contained inside it (when the input file is an archive, a
# document or some other kind of container).
# Value of 0 disables the limit.
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 25M
#MaxFileSize 30M
# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
/user
#MaxZipTypeRcg 1M
# This option sets the maximum number of partitions of a raw disk image to be scanned.
# Raw disk images with more partitions than this value will have up to the value number
# partitions scanned. Negative values are not allowed.
# Note: setting this limit too high may result in severe damage or impact performance.
# Default: 50
#MaxPartitions 128
# This option sets the maximum number of icons within a PE to be scanned.
# PE files with more icons than this value will have up to the value number icons scanned.
# Negative values are not allowed.
# WARNING: setting this limit too high may result in severe damage or impact performance.
# Default: 100
#MaxIconsPE 200
# This option sets the maximum calls to the PCRE match function during an instance of regex matching.
# Instances using more than this limit will be terminated and alert the user but the scan will continue.
# For more information on match_limit, see the PCRE documentation.
# Negative values are not allowed.
# WARNING: setting this limit too high may severely impact performance.
# Default: 10000
#PCREMatchLimit 20000
# This option sets the maximum recursive calls to the PCRE match function during an instance of regex matching.
# Instances using more than this limit will be terminated and alert the user but the scan will continue.
# For more information on match_limit_recursion, see the PCRE documentation.
# Negative values are not allowed and values > PCREMatchLimit are superfluous.
# WARNING: setting this limit too high may severely impact performance.
# Default: 5000
#PCRERecMatchLimit 10000
# This option sets the maximum filesize for which PCRE subsigs will be executed.
# Files exceeding this limit will not have PCRE subsigs executed unless a subsig is encompassed to a smaller buffer.
# Negative values are not allowed.
/user
##
## On-access Scan Settings
##
# Enable on-access scanning. Currently, this is supported via fanotify.
# Clamuko/Dazuko support has been deprecated.
# Default: no
#ScanOnAccess yes
# Set the  mount point to be scanned. The mount point specified, or the mount point
# containing the specified directory will be watched. If any directories are specified,
# this option will preempt the DDD system. This will notify only. It can be used multiple times.
# (On-access scan only)
# Default: disabled
#OnAccessMountPath /
#OnAccessMountPath /home/user
# Don't scan files larger than OnAccessMaxFileSize
# Value of 0 disables the limit.
# Default: 5M
#OnAccessMaxFileSize 10M
# Set the include paths (all files inside them will be scanned). You can have
# multiple OnAccessIncludePath directives but each directory must be added
# in a separate line. (On-access scan only)
# Default: disabled
#OnAccessIncludePath /home
#OnAccessIncludePath /students
# Set the exclude paths. All subdirectories are also excluded.
# (On-access scan only)
# Default: disabled
#OnAccessExcludePath /home/bofh
search hit BOTTOM, continuing at TOP
##
## Example config file for the Clam AV daemon
## Please read the clamd.conf(5) manual before editing this file.
##
# Comment or remove the line below.
Example
# Uncomment this option to enable logging.
# LogFile must be writable for the user running daemon.
# A full path is required.
# Default: disabled
#LogFile /var/log/clamd.<SERVICE>
# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option).
# This option disables log file locking.
# Default: no
#LogFileUnlock yes
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers. If LogFileMaxSize is enabled, log
# rotation (the LogRotate option) will always be enabled.
# Default: 1M
#LogFileMaxSize 2M
# Log time with each message.
# Default: no
#LogTime yes
/user
# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
#TemporaryDirectory /var/tmp
# Path to the database directory.
# Default: hardcoded (depends on installation options)
#DatabaseDirectory /var/lib/clamav
# Only load the official signatures published by the ClamAV project.
# Default: no
#OfficialDatabaseOnly no
# The daemon can work in local mode, network mode or both.
# Due to security reasons we recommend the local mode.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
#LocalSocket /var/run/clamd.<SERVICE>/clamd.sock
# Sets the group ownership on the unix socket.
# Default: disabled (the primary group of the user running clamd)
#LocalSocketGroup virusgroup
# Sets the permissions on the unix socket to the specified mode.
# Default: disabled (socket is world accessible)
#LocalSocketMode 660
# Remove stale socket after unclean shutdown.
# Default: yes
#FixStaleSocket yes
# TCP port address.
# Default: no
#TCPSocket 3310
/user
# Follow regular file symlinks.
# Default: no
#FollowFileSymlinks yes
# Scan files and directories on other filesystems.
# Default: yes
#CrossFilesystems yes
# Perform a database check.
# Default: 600 (10 min)
#SelfCheck 600
# Execute a command when virus is found. In the command string %v will
# be replaced with the virus name.
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
User <USER>
# Initialize supplementary group access (clamd must be started by root).
# Default: no
AllowSupplementaryGroups yes
# Stop daemon when libclamav reports out of memory condition.
#ExitOnOOM yes
# Don't fork into background.
# Default: no
#Foreground yes
# Enable debug messages in libclamav.
# Default: no
#Debug yes
/user
#MaxZipTypeRcg 1M
# This option sets the maximum number of partitions of a raw disk image to be scanned.
# Raw disk images with more partitions than this value will have up to the value number
# partitions scanned. Negative values are not allowed.
# Note: setting this limit too high may result in severe damage or impact performance.
# Default: 50
#MaxPartitions 128
# This option sets the maximum number of icons within a PE to be scanned.
# PE files with more icons than this value will have up to the value number icons scanned.
# Negative values are not allowed.
# WARNING: setting this limit too high may result in severe damage or impact performance.
# Default: 100
#MaxIconsPE 200
# This option sets the maximum calls to the PCRE match function during an instance of regex matching.
# Instances using more than this limit will be terminated and alert the user but the scan will continue.
# For more information on match_limit, see the PCRE documentation.
# Negative values are not allowed.
# WARNING: setting this limit too high may severely impact performance.
# Default: 10000
#PCREMatchLimit 20000
# This option sets the maximum recursive calls to the PCRE match function during an instance of regex matching.
# Instances using more than this limit will be terminated and alert the user but the scan will continue.
# For more information on match_limit_recursion, see the PCRE documentation.
# Negative values are not allowed and values > PCREMatchLimit are superfluous.
# WARNING: setting this limit too high may severely impact performance.
# Default: 5000
#PCRERecMatchLimit 10000
# This option sets the maximum filesize for which PCRE subsigs will be executed.
# Files exceeding this limit will not have PCRE subsigs executed unless a subsig is encompassed to a smaller buffer.
# Negative values are not allowed.
/user
##
## On-access Scan Settings
##
# Enable on-access scanning. Currently, this is supported via fanotify.
# Clamuko/Dazuko support has been deprecated.
# Default: no
#ScanOnAccess yes
# Set the  mount point to be scanned. The mount point specified, or the mount point
# containing the specified directory will be watched. If any directories are specified,
# this option will preempt the DDD system. This will notify only. It can be used multiple times.
# (On-access scan only)
# Default: disabled
#OnAccessMountPath /
#OnAccessMountPath /home/user
# Don't scan files larger than OnAccessMaxFileSize
# Value of 0 disables the limit.
# Default: 5M
#OnAccessMaxFileSize 10M
# Set the include paths (all files inside them will be scanned). You can have
# multiple OnAccessIncludePath directives but each directory must be added
# in a separate line. (On-access scan only)
# Default: disabled
#OnAccessIncludePath /home
#OnAccessIncludePath /students
# Set the exclude paths. All subdirectories are also excluded.
# (On-access scan only)
# Default: disabled
#OnAccessExcludePath /home/bofh
search hit BOTTOM, continuing at TOP
##
## Example config file for the Clam AV daemon
## Please read the clamd.conf(5) manual before editing this file.
##
# Comment or remove the line below.
Example
# Uncomment this option to enable logging.
# LogFile must be writable for the user running daemon.
# A full path is required.
# Default: disabled
#LogFile /var/log/clamd.<SERVICE>
# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option).
# This option disables log file locking.
# Default: no
#LogFileUnlock yes
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers. If LogFileMaxSize is enabled, log
# rotation (the LogRotate option) will always be enabled.
# Default: 1M
#LogFileMaxSize 2M
# Log time with each message.
# Default: no
#LogTime yes
/user
# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
#TemporaryDirectory /var/tmp
# Path to the database directory.
# Default: hardcoded (depends on installation options)
#DatabaseDirectory /var/lib/clamav
# Only load the official signatures published by the ClamAV project.
# Default: no
#OfficialDatabaseOnly no
# The daemon can work in local mode, network mode or both.
# Due to security reasons we recommend the local mode.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
#LocalSocket /var/run/clamd.<SERVICE>/clamd.sock
# Sets the group ownership on the unix socket.
# Default: disabled (the primary group of the user running clamd)
#LocalSocketGroup virusgroup
# Sets the permissions on the unix socket to the specified mode.
# Default: disabled (socket is world accessible)
#LocalSocketMode 660
# Remove stale socket after unclean shutdown.
# Default: yes
#FixStaleSocket yes
# TCP port address.
# Default: no
#TCPSocket 3310
/user
# Follow regular file symlinks.
# Default: no
#FollowFileSymlinks yes
# Scan files and directories on other filesystems.
# Default: yes
#CrossFilesystems yes
# Perform a database check.
# Default: 600 (10 min)
#SelfCheck 600
# Execute a command when virus is found. In the command string %v will
# be replaced with the virus name.
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
User <USER>
# Initialize supplementary group access (clamd must be started by root).
# Default: no
AllowSupplementaryGroups yes
# Stop daemon when libclamav reports out of memory condition.
#ExitOnOOM yes
# Don't fork into background.
# Default: no
#Foreground yes
# Enable debug messages in libclamav.
# Default: no
#Debug yes
/user
#MaxZipTypeRcg 1M
# This option sets the maximum number of partitions of a raw disk image to be scanned.
# Raw disk images with more partitions than this value will have up to the value number
# partitions scanned. Negative values are not allowed.
# Note: setting this limit too high may result in severe damage or impact performance.
# Default: 50
#MaxPartitions 128
# This option sets the maximum number of icons within a PE to be scanned.
# PE files with more icons than this value will have up to the value number icons scanned.
# Negative values are not allowed.
# WARNING: setting this limit too high may result in severe damage or impact performance.
# Default: 100
#MaxIconsPE 200
# This option sets the maximum calls to the PCRE match function during an instance of regex matching.
# Instances using more than this limit will be terminated and alert the user but the scan will continue.
# For more information on match_limit, see the PCRE documentation.
# Negative values are not allowed.
# WARNING: setting this limit too high may severely impact performance.
# Default: 10000
#PCREMatchLimit 20000
# This option sets the maximum recursive calls to the PCRE match function during an instance of regex matching.
# Instances using more than this limit will be terminated and alert the user but the scan will continue.
# For more information on match_limit_recursion, see the PCRE documentation.
# Negative values are not allowed and values > PCREMatchLimit are superfluous.
# WARNING: setting this limit too high may severely impact performance.
# Default: 5000
#PCRERecMatchLimit 10000
# This option sets the maximum filesize for which PCRE subsigs will be executed.
# Files exceeding this limit will not have PCRE subsigs executed unless a subsig is encompassed to a smaller buffer.
# Negative values are not allowed.
/user
##
## On-access Scan Settings
##
# Enable on-access scanning. Currently, this is supported via fanotify.
# Clamuko/Dazuko support has been deprecated.
# Default: no
#ScanOnAccess yes
# Set the  mount point to be scanned. The mount point specified, or the mount point
# containing the specified directory will be watched. If any directories are specified,
# this option will preempt the DDD system. This will notify only. It can be used multiple times.
# (On-access scan only)
# Default: disabled
#OnAccessMountPath /
#OnAccessMountPath /home/user
# Don't scan files larger than OnAccessMaxFileSize
# Value of 0 disables the limit.
# Default: 5M
#OnAccessMaxFileSize 10M
# Set the include paths (all files inside them will be scanned). You can have
# multiple OnAccessIncludePath directives but each directory must be added
# in a separate line. (On-access scan only)
# Default: disabled
#OnAccessIncludePath /home
#OnAccessIncludePath /students
# Set the exclude paths. All subdirectories are also excluded.
# (On-access scan only)
# Default: disabled
#OnAccessExcludePath /home/bofh
search hit BOTTOM, continuing at TOP
##
## Example config file for the Clam AV daemon
## Please read the clamd.conf(5) manual before editing this file.
##
# Comment or remove the line below.
Example
# Uncomment this option to enable logging.
# LogFile must be writable for the user running daemon.
# A full path is required.
# Default: disabled
#LogFile /var/log/clamd.<SERVICE>
# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option).
# This option disables log file locking.
# Default: no
#LogFileUnlock yes
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers. If LogFileMaxSize is enabled, log
# rotation (the LogRotate option) will always be enabled.
# Default: 1M
#LogFileMaxSize 2M
# Log time with each message.
# Default: no
#LogTime yes
/user
# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
#TemporaryDirectory /var/tmp
# Path to the database directory.
# Default: hardcoded (depends on installation options)
#DatabaseDirectory /var/lib/clamav
# Only load the official signatures published by the ClamAV project.
# Default: no
#OfficialDatabaseOnly no
# The daemon can work in local mode, network mode or both.
# Due to security reasons we recommend the local mode.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
#LocalSocket /var/run/clamd.<SERVICE>/clamd.sock
# Sets the group ownership on the unix socket.
# Default: disabled (the primary group of the user running clamd)
#LocalSocketGroup virusgroup
# Sets the permissions on the unix socket to the specified mode.
# Default: disabled (socket is world accessible)
#LocalSocketMode 660
# Remove stale socket after unclean shutdown.
# Default: yes
#FixStaleSocket yes
# TCP port address.
# Default: no
#TCPSocket 3310
# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world. This option can be specified multiple
# times if you want to listen on multiple IPs. IPv6 is now supported.
# Default: no
#TCPAddr 127.0.0.1
# Maximum length the queue of pending connections may grow to.
# Default: 200
#MaxConnectionQueueLength 30
# Clamd uses FTP-like protocol to receive data from remote clients.
# If you are using clamav-milter to balance load between remote clamd daemons
/clamav
# Perform a database check.
# Default: 600 (10 min)
#SelfCheck 600
# Execute a command when virus is found. In the command string %v will
# be replaced with the virus name.
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
User <USER>
# Initialize supplementary group access (clamd must be started by root).
# Default: no
AllowSupplementaryGroups yes
# Stop daemon when libclamav reports out of memory condition.
#ExitOnOOM yes
# Don't fork into background.
# Default: no
#Foreground yes
# Enable debug messages in libclamav.
# Default: no
#Debug yes
# Do not remove temporary files (for debug purposes).
# Default: no
#LeaveTemporaryFiles yes
# Permit use of the ALLMATCHSCAN command. If set to no, clamd will reject
# any ALLMATCHSCAN command as invalid.
# Default: yes
#AllowAllMatchScan no
# Detect Possibly Unwanted Applications.
# Default: no
#DetectPUA yes
# Exclude a specific PUA category. This directive can be used multiple times.
# See https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-pua.md for
/clamav
# Certain PE files contain an authenticode signature. By default, we check
# the signature chain in the PE file against a database of trusted and
# revoked certificates if the file being scanned is marked as a virus.
# If any certificate in the chain validates against any trusted root, but
# does not match any revoked certificate, the file is marked as whitelisted.
# If the file does match a revoked certificate, the file is marked as virus.
# The following setting completely turns off authenticode verification.
# Default: no
#DisableCertCheck yes
# Executable and Linking Format is a standard format for UN*X executables.
# This option allows you to control the scanning of ELF files.
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
# Default: yes
#ScanELF yes
# With this option clamav will try to detect broken executables (both PE and
# ELF) and mark them as Broken.Executable.
# Default: no
#DetectBrokenExecutables yes
##
## Documents
##
# This option enables scanning of OLE2 files, such as Microsoft Office
# documents and .msi files.
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
# Default: yes
#ScanOLE2 yes
# With this option enabled OLE2 files with VBA macros, which were not
/clamav
# If you turn off this option, the original files will still be scanned, but
# without decoding and additional processing.
# Default: yes
#ScanSWF yes
##
## Mail files
##
# Enable internal e-mail scanner.
# If you turn off this option, the original files will still be scanned, but
# without parsing individual messages/attachments.
# Default: yes
#ScanMail yes
# Scan RFC1341 messages split over many emails.
# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory.
# WARNING: This option may open your system to a DoS attack.
#          Never use it on loaded servers.
# Default: no
#ScanPartialMessages yes
# With this option enabled ClamAV will try to detect phishing attempts by using
# signatures.
# Default: yes
#PhishingSignatures yes
# Scan URLs found in mails for phishing attempts using heuristics.
# Default: yes
#PhishingScanURLs yes
# Always block SSL mismatches in URLs, even if the URL isn't in the database.
# This can lead to false positives.
#
/clamav
# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses.
# Default: yes
#Bytecode yes
# Bytecode mode
#
# This option has been set to 'ForceInterpreter' in Fedora due to
# security concerns by default.  You might need to enable the
# 'clamd_use_jit' SELinux boolean after setting this option to the
# more efficient 'ForceJIT' value.
#
# Default: ForceInterpreter
#ByteCodeMode ForceInterpreter
# Set bytecode security level.
# Possible values:
#       None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS
#         This value is only available if clamav was built with --enable-debug!
#       TrustSigned - trust bytecode loaded from signed .c[lv]d files,
#                insert runtime safety checks for bytecode loaded from other sources
#       Paranoid - don't trust any bytecode, insert runtime checks for all
# Recommended: TrustSigned, because bytecode in .cvd files already has these checks
# Note that by default only signed bytecode is loaded, currently you can only
# load unsigned bytecode in --enable-debug mode.
#
# Default: TrustSigned
#BytecodeSecurity TrustSigned
# Set bytecode timeout in miliseconds.
#
# Default: 5000
# BytecodeTimeout 1000
##
## Statistics gathering and submitting
search hit BOTTOM, continuing at TOP
#LogRotate yes
# Log additional information about the infected file, such as its
# size and hash, together with the virus name.
#ExtendedDetectionInfo yes
# This option allows you to save a process identifier of the listening
# daemon (main thread).
# Default: disabled
#PidFile /var/run/clamd.<SERVICE>/clamd.pid
# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
#TemporaryDirectory /var/tmp
# Path to the database directory.
# Default: hardcoded (depends on installation options)
#DatabaseDirectory /var/lib/clamav
# Only load the official signatures published by the ClamAV project.
# Default: no
#OfficialDatabaseOnly no
# The daemon can work in local mode, network mode or both.
# Due to security reasons we recommend the local mode.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
#LocalSocket /var/run/clamd.<SERVICE>/clamd.sock
# Sets the group ownership on the unix socket.
# Default: disabled (the primary group of the user running clamd)
#LocalSocketGroup virusgroup
# Sets the permissions on the unix socket to the specified mode.
/clamav
# TCP port address.
# Default: no
#TCPSocket 3310
# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world. This option can be specified multiple
# times if you want to listen on multiple IPs. IPv6 is now supported.
# Default: no
#TCPAddr 127.0.0.1
# Maximum length the queue of pending connections may grow to.
# Default: 200
#MaxConnectionQueueLength 30
# Clamd uses FTP-like protocol to receive data from remote clients.
# If you are using clamav-milter to balance load between remote clamd daemons
# on firewall servers you may need to tune the options below.
# Close the connection when the data size limit is exceeded.
# The value should match your MTA's limit for a maximum attachment size.
# Default: 25M
#StreamMaxLength 10M
# Limit port range.
# Default: 1024
#StreamMinPort 30000
# Default: 2048
#StreamMaxPort 32000
# Maximum number of threads running at the same time.
# Default: 10
#MaxThreads 20
/clamav
# Perform a database check.
# Default: 600 (10 min)
#SelfCheck 600
# Execute a command when virus is found. In the command string %v will
# be replaced with the virus name.
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
User <USER>
# Initialize supplementary group access (clamd must be started by root).
# Default: no
AllowSupplementaryGroups yes
# Stop daemon when libclamav reports out of memory condition.
#ExitOnOOM yes
# Don't fork into background.
# Default: no
#Foreground yes
# Enable debug messages in libclamav.
# Default: no
#Debug yes
# Do not remove temporary files (for debug purposes).
# Default: no
#LeaveTemporaryFiles yes
# Permit use of the ALLMATCHSCAN command. If set to no, clamd will reject
# any ALLMATCHSCAN command as invalid.
# Default: yes
#AllowAllMatchScan no
# Detect Possibly Unwanted Applications.
# Default: no
#DetectPUA yes
# Exclude a specific PUA category. This directive can be used multiple times.
# See https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-pua.md for
/clamav
# Certain PE files contain an authenticode signature. By default, we check
# the signature chain in the PE file against a database of trusted and
# revoked certificates if the file being scanned is marked as a virus.
# If any certificate in the chain validates against any trusted root, but
# does not match any revoked certificate, the file is marked as whitelisted.
# If the file does match a revoked certificate, the file is marked as virus.
# The following setting completely turns off authenticode verification.
# Default: no
#DisableCertCheck yes
# Executable and Linking Format is a standard format for UN*X executables.
# This option allows you to control the scanning of ELF files.
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
# Default: yes
#ScanELF yes
# With this option clamav will try to detect broken executables (both PE and
# ELF) and mark them as Broken.Executable.
# Default: no
#DetectBrokenExecutables yes
##
## Documents
##
# This option enables scanning of OLE2 files, such as Microsoft Office
# documents and .msi files.
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
# Default: yes
#ScanOLE2 yes
# With this option enabled OLE2 files with VBA macros, which were not
/clamav
# If you turn off this option, the original files will still be scanned, but
# without decoding and additional processing.
# Default: yes
#ScanSWF yes
##
## Mail files
##
# Enable internal e-mail scanner.
# If you turn off this option, the original files will still be scanned, but
# without parsing individual messages/attachments.
# Default: yes
#ScanMail yes
# Scan RFC1341 messages split over many emails.
# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory.
# WARNING: This option may open your system to a DoS attack.
#          Never use it on loaded servers.
# Default: no
#ScanPartialMessages yes
# With this option enabled ClamAV will try to detect phishing attempts by using
# signatures.
# Default: yes
#PhishingSignatures yes
# Scan URLs found in mails for phishing attempts using heuristics.
# Default: yes
#PhishingScanURLs yes
# Always block SSL mismatches in URLs, even if the URL isn't in the database.
# This can lead to false positives.
#
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# service clamd status
Redirecting to /bin/systemctl status  clamd.service
?clamd.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
[root@mail ~]# service clamav status
Redirecting to /bin/systemctl status  clamav.service
?clamav.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
[root@mail ~]# service clamavd status
Redirecting to /bin/systemctl status  clamavd.service
?clamavd.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
[root@mail ~]# service clamd status
Redirecting to /bin/systemctl status  clamd.service
?clamd.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
[root@mail ~]# freshclam
ERROR: Please edit the example config file /etc/freshclam.conf
ERROR: Can't open/parse the config file /etc/freshclam.conf
[root@mail ~]# vi /etc/freshclam.conf
##
## Example config file for freshclam
## Please read the freshclam.conf(5) manual before editing this file.
##
# Comment or remove the line below.
Example
# Path to the database directory.
# WARNING: It must match clamd.conf's directive!
# Default: hardcoded (depends on installation options)
# Comment or remove the line below.
Example
# Path to the database directory.
# WARNING: It must match clamd.conf's directive!
# Default: hardcoded (depends on installation options)
#DatabaseDirectory /var/lib/clamav
# Path to the log file (make sure it has proper permissions)
# Default: disabled
#UpdateLogFile /var/log/freshclam.log
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes).
# in bytes just don't use modifiers. If LogFileMaxSize is enabled,
# log rotation (the LogRotate option) will always be enabled.
# Default: 1M
#LogFileMaxSize 2M
# Log time with each message.
# Default: no
#LogTime yes
# Enable verbose logging.
# Default: no
#LogVerbose yes
# Use system logger (can work together with UpdateLogFile).
# Default: no
LogSyslog yes
# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
# Default: LOG_LOCAL6
#LogFacility LOG_MAIL
# Enable log rotation. Always enabled when LogFileMaxSize is enabled.
# Default: no
#LogRotate yes
# This option allows you to save the process identifier of the daemon
# Default: disabled
#PidFile /var/run/freshclam.pid
# By default when started freshclam drops privileges and switches to the
# "clamav" user. This directive allows you to change the database owner.
# Default: clamav (may depend on installation options)
#DatabaseOwner clamupdate
# Initialize supplementary group access (freshclam must be started by root).
# Default: no
#AllowSupplementaryGroups yes
# Use DNS to verify virus database version. Freshclam uses DNS TXT records
# to verify database and software versions. With this directive you can change
# the database verification domain.
# WARNING: Do not touch it unless you're configuring freshclam to use your
# own database verification domain.
# Default: current.cvd.clamav.net
#DNSDatabaseInfo current.cvd.clamav.net
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# You can use db.XY.ipv6.clamav.net for IPv6 connections.
#DatabaseMirror db.XY.clamav.net
# database.clamav.net is a round-robin record which points to our most
# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
# not working. DO NOT TOUCH the following line unless you know what you
# are doing.
DatabaseMirror database.clamav.net
# How many attempts to make before giving up.
# Default: 3 (per mirror)
#MaxAttempts 5
# With this option you can control scripted updates. It's highly recommended
# to keep it enabled.
# Default: yes
#ScriptedUpdates yes
# By default freshclam will keep the local databases (.cld) uncompressed to
# make their handling faster. With this option you can enable the compression;
# the change will take effect with the next database update.
# Default: no
#CompressLocalDatabase no
# With this option you can provide custom sources (http:// or file://) for
# database files. This option can be used multiple times.
# Default: no custom URLs
#DatabaseCustomURL http://myserver.com/mysigs.ndb
#DatabaseCustomURL file:///mnt/nfs/local.hdb
# This option allows you to easily point freshclam to private mirrors.
# If PrivateMirror is set, freshclam does not attempt to use DNS
# to determine whether its databases are out-of-date, instead it will
# use the If-Modified-Since request or directly check the headers of the
# remote database files. For each database, freshclam first attempts
# to download the CLD file. If that fails, it tries to download the
# CVD file. This option overrides DatabaseMirror, DNSDatabaseInfo
# and ScriptedUpdates. It can be used multiple times to provide
# fall-back mirrors.
# Default: disabled
#PrivateMirror mirror1.mynetwork.com
#PrivateMirror mirror2.mynetwork.com
# Number of database checks per day.
# Default: 12 (every two hours)
#Checks 24
# Proxy settings
# Default: disabled
#HTTPProxyServer myproxy.com
#HTTPProxyPort 1234
#HTTPProxyUsername myusername
#HTTPProxyPassword mypass
# If your servers are behind a firewall/proxy which applies User-Agent
# filtering you can use this option to force the use of a different
# User-Agent header.
# Default: clamav/version_number
#HTTPUserAgent SomeUserAgentIdString
# Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for
# multi-homed systems.
# Default: Use OS'es default outgoing IP address.
#LocalIPAddress aaa.bbb.ccc.ddd
# Send the RELOAD command to clamd.
# Default: no
#NotifyClamd /path/to/clamd.conf
# Run command after successful database update.
# Default: disabled
#OnUpdateExecute command
# Run command when database update process fails.
# Default: disabled
#OnErrorExecute command
# Run command when freshclam reports outdated version.
# In the command string %v will be replaced by the new version number.
# Default: disabled
#OnOutdatedExecute command
# Don't fork into background.
# Default: no
#Foreground yes
# Enable debug messages in libclamav.
# Default: no
#Debug yes
# Timeout in seconds when connecting to database server.
# Default: 30
#ConnectTimeout 60
# Timeout in seconds when reading from database server.
# Default: 30
#ReceiveTimeout 60
# With this option enabled, freshclam will attempt to load new
# databases into memory to make sure they are properly handled
# by libclamav before replacing the old ones.
# Default: yes
#TestDatabases yes
# When enabled freshclam will submit statistics to the ClamAV Project about
# the latest virus detections in your environment. The ClamAV maintainers
# will then use this data to determine what types of malware are the most
# detected in the field and in what geographic area they are.
# Freshclam will connect to clamd in order to get recent statistics.
# Default: no
#SubmitDetectionStats /path/to/clamd.conf
# Country of origin of malware/detection statistics (for statistical
# purposes only). The statistics collector at ClamAV.net will look up
# your IP address to determine the geographical origin of the malware
# reported by your installation. If this installation is mainly used to
# scan data which comes from a different location, please enable this
# option and enter a two-letter code (see http://www.iana.org/domains/root/db/)
# of the country of origin.
# Default: disabled
#DetectionStatsCountry country-code
# This option enables support for our "Personal Statistics" service.
# When this option is enabled, the information on malware detected by
# your clamd installation is made available to you through our website.
# To get your HostID, log on http://www.stats.clamav.net and add a new
# host to your host list. Once you have the HostID, uncomment this option
# and paste the HostID here. As soon as your freshclam starts submitting
# information to our stats collecting service, you will be able to view
# the statistics of this clamd installation by logging into
# http://www.stats.clamav.net with the same credentials you used to
# generate the HostID. For more information refer to:
# http://www.clamav.net/documentation.html#cctts
# This feature requires SubmitDetectionStats to be enabled.
# Default: disabled
#DetectionStatsHostID unique-id
# This option enables support for Google Safe Browsing. When activated for
# the first time, freshclam will download a new database file (safebrowsing.cvd)
# which will be automatically loaded by clamd and clamscan during the next
# reload, provided that the heuristic phishing detection is turned on. This
# database includes information about websites that may be phishing sites or
# possible sources of malware. When using this option, it's mandatory to run
# freshclam at least every 30 minutes.
# Freshclam uses the ClamAV's mirror infrastructure to distribute the
# database and its updates but all the contents are provided under Google's
# terms of use. See http://www.google.com/transparencyreport/safebrowsing
# and http://www.clamav.net/documentation.html#safebrowsing
# for more information.
# Default: disabled
#SafeBrowsing yes
# This option enables downloading of bytecode.cvd, which includes additional
# detection mechanisms and improvements to the ClamAV engine.
# Default: enabled
#Bytecode yes
# Download an additional 3rd party signature database distributed through
# the ClamAV mirrors.
# This option can be used multiple times.
#ExtraDatabase dbname1
#ExtraDatabase dbname2
[root@mail ~]#
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# service
Usage: service < option > | --status-all | [ service_name [ command | --full-restart ] ]
[root@mail ~]# service  --sttaus-all
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
[root@mail ~]# systemctl
UNIT                                                                    LOAD   ACTIVE SUB       DESCRIPTION
proc-sys-fs-binfmt_misc.automount                                       loaded active running   Arbitrary Executable File Formats File System Automount Point
sys-devices-pci0000:00-0000:00:07.1-ata2-host1-target1:0:0-1:0:0:0-block-sr0.device loaded active plugged   VMware_Virtual_IDE_CDROM_Drive
sys-devices-pci0000:00-0000:00:10.0-host2-target2:0:0-2:0:0:0-block-sda-sda1.device loaded active plugged   VMware_Virtual_S 1
sys-devices-pci0000:00-0000:00:10.0-host2-target2:0:0-2:0:0:0-block-sda-sda2.device loaded active plugged   LVM PV WX9LBx-nFSo-mVyM-3INs-T04v-lKg4-kXFiKk on /dev/sda2 2
sys-devices-pci0000:00-0000:00:10.0-host2-target2:0:0-2:0:0:0-block-sda.device loaded active plugged   VMware_Virtual_S
sys-devices-pci0000:00-0000:00:11.0-0000:02:01.0-net-eno16777736.device loaded active plugged   79c970 [PCnet32 LANCE] (PCnet - Fast 79C971)
sys-devices-pci0000:00-0000:00:11.0-0000:02:02.0-sound-card0.device     loaded active plugged   ES1371 / Creative Labs CT2518 [AudioPCI-97] (AudioPCI 64V/128 / Creative
sys-devices-platform-serial8250-tty-ttyS2.device                        loaded active plugged   /sys/devices/platform/serial8250/tty/ttyS2
sys-devices-platform-serial8250-tty-ttyS3.device                        loaded active plugged   /sys/devices/platform/serial8250/tty/ttyS3
sys-devices-pnp0-00:06-tty-ttyS0.device                                 loaded active plugged   /sys/devices/pnp0/00:06/tty/ttyS0
sys-devices-pnp0-00:07-tty-ttyS1.device                                 loaded active plugged   /sys/devices/pnp0/00:07/tty/ttyS1
sys-devices-virtual-block-dmx2d0.device                                loaded active plugged   /sys/devices/virtual/block/dm-0
sys-devices-virtual-block-dmx2d1.device                                loaded active plugged   /sys/devices/virtual/block/dm-1
sys-module-configfs.device                                              loaded active plugged   /sys/module/configfs
sys-subsystem-net-devices-eno16777736.device                            loaded active plugged   79c970 [PCnet32 LANCE] (PCnet - Fast 79C971)
-.mount                                                                 loaded active mounted   /
boot.mount                                                              loaded active mounted   /boot
dev-hugepages.mount                                                     loaded active mounted   Huge Pages File System
dev-mqueue.mount                                                        loaded active mounted   POSIX Message Queue File System
proc-fs-nfsd.mount                                                      loaded active mounted   NFSD configuration filesystem
proc-sys-fs-binfmt_misc.mount                                           loaded active mounted   Arbitrary Executable File Formats File System
run-user-0.mount                                                        loaded active mounted   /run/user/0
sys-kernel-config.mount                                                 loaded active mounted   Configuration File System
sys-kernel-debug.mount                                                  loaded active mounted   Debug File System
tmp.mount                                                               loaded active mounted   Temporary Directory
var-lib-nfs-rpc_pipefs.mount                                            loaded active mounted   RPC Pipe File System
cups.path                                                               loaded active waiting   CUPS Scheduler
systemd-ask-password-plymouth.path                                      loaded active waiting   Forward Password Requests to Plymouth Directory Watch
systemd-ask-password-wall.path                                          loaded active waiting   Forward Password Requests to Wall Directory Watch
session-1.scope                                                         loaded active abandoned Session 1 of user root
session-16.scope                                                        loaded active running   Session 16 of user root
session-5.scope                                                         loaded active abandoned Session 5 of user root
abrt-ccpp.service                                                       loaded active exited    Install ABRT coredump hook
abrt-oops.service                                                       loaded active running   ABRT kernel log watcher
abrt-xorg.service                                                       loaded active running   ABRT Xorg log watcher
abrtd.service                                                           loaded active running   ABRT Automated Bug Reporting Tool
alsa-state.service                                                      loaded active running   Manage Sound Card State (restore and store)
atd.service                                                             loaded active running   Job spooling tools
auditd.service                                                          loaded active running   Security Auditing Service
chronyd.service                                                         loaded active running   NTP client/server
crond.service                                                           loaded active running   Command Scheduler
dbus.service                                                            loaded active running   D-Bus System Message Bus
?dnf-makecache.service                                                   loaded failed failed    dnf makecache
dovecot.service                                                         loaded active running   Dovecot IMAP/POP3 email server
dracut-shutdown.service                                                 loaded active exited    Restore /run/initramfs on shutdown
fedora-import-state.service                                             loaded active exited    Import network configuration from initramfs
fedora-readonly.service                                                 loaded active exited    Configure read-only root support
firewalld.service                                                       loaded active running   firewalld - dynamic firewall daemon
getty@tty1.service                                                      loaded active running   Getty on tty1
gssproxy.service                                                        loaded active running   GSSAPI Proxy Daemon
httpd.service                                                           loaded active running   The Apache HTTP Server
irqbalance.service                                                      loaded active running   irqbalance daemon
iscsi-shutdown.service                                                  loaded active exited    Logout off all iSCSI sessions on shutdown
kmod-static-nodes.service                                               loaded active exited    Create list of required static device nodes for the current kernel
livesys-late.service                                                    loaded active exited    SYSV: Late init script for live image.
livesys.service                                                         loaded active exited    LSB: Init script for live image.
lvm2-lvmetad.service                                                    loaded active running   LVM2 metadata daemon
lvm2-monitor.service                                                    loaded active exited    Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress po
lvm2-pvscan@8:2.service                                                 loaded active exited    LVM2 PV scan on device 8:2
mariadb.service                                                         loaded active running   MariaDB 10.0 database server
mcelog.service                                                          loaded active running   Machine Check Exception Logging Daemon
named.service                                                           loaded active running   Berkeley Internet Name Domain (DNS)
NetworkManager.service                                                  loaded active running   Network Manager
nfs-config.service                                                      loaded active exited    Preprocess NFS configuration
nginx.service                                                           loaded active running   The nginx HTTP and reverse proxy server
opendkim.service                                                        loaded active running   DomainKeys Identified Mail (DKIM) Milter
polkit.service                                                          loaded active running   Authorization Manager
postfix.service                                                         loaded active running   Postfix Mail Transport Agent
rsyslog.service                                                         loaded active running   System Logging Service
saslauthd.service                                                       loaded active running   SASL authentication daemon.
spamassassin.service                                                    loaded active running   Spamassassin daemon
sshd.service                                                            loaded active running   OpenSSH server daemon
systemd-fsck-root.service                                               loaded active exited    File System Check on Root Device
systemd-fsck@dev-disk-byx2duuid-94aed458x2dec42x2d4303x2da893x2dc6effa398adc.service loaded active exited    File System Check on /dev/disk/by-uuid/94aed458-ec42-4
systemd-journal-flush.service                                           loaded active exited    Flush Journal to Persistent Storage
systemd-journald.service                                                loaded active running   Journal Service
systemd-logind.service                                                  loaded active running   Login Service
systemd-random-seed.service                                             loaded active exited    Load/Save Random Seed
systemd-remount-fs.service                                              loaded active exited    Remount Root and Kernel File Systems
systemd-sysctl.service                                                  loaded active exited    Apply Kernel Variables
systemd-tmpfiles-setup-dev.service                                      loaded active exited    Create Static Device Nodes in /dev
systemd-tmpfiles-setup.service                                          loaded active exited    Create Volatile Files and Directories
systemd-udev-settle.service                                             loaded active exited    udev Wait for Complete Device Initialization
systemd-udev-trigger.service                                            loaded active exited    udev Coldplug all Devices
systemd-udevd.service                                                   loaded active running   udev Kernel Device Manager
systemd-update-utmp.service                                             loaded active exited    Update UTMP about System Boot/Shutdown
systemd-user-sessions.service                                           loaded active exited    Permit User Sessions
systemd-vconsole-setup.service                                          loaded active exited    Setup Virtual Console
upower.service                                                          loaded active running   Daemon for power management
user@0.service                                                          loaded active running   User Manager for UID 0
vgauthd.service                                                         loaded active running   VGAuth Service for open-vm-tools
vmtoolsd.service                                                        loaded active running   Service for virtual machines hosted on VMware
webmin.service                                                          loaded active running   LSB: Start or stop the Webmin server
-.slice                                                                 loaded active active    Root Slice
system-getty.slice                                                      loaded active active    system-getty.slice
system-lvm2x2dpvscan.slice                                             loaded active active    system-lvm2x2dpvscan.slice
system-systemdx2dfsck.slice                                            loaded active active    system-systemdx2dfsck.slice
system.slice                                                            loaded active active    System Slice
user-0.slice                                                            loaded active active    user-0.slice
user.slice                                                              loaded active active    User and Session Slice
cups.socket                                                             loaded active listening CUPS Scheduler
dbus.socket                                                             loaded active running   D-Bus System Message Bus Socket
dm-event.socket                                                         loaded active listening Device-mapper event daemon FIFOs
iscsid.socket                                                           loaded active listening Open-iSCSI iscsid Socket
iscsiuio.socket                                                         loaded active listening Open-iSCSI iscsiuio Socket
lvm2-lvmetad.socket                                                     loaded active running   LVM2 metadata daemon socket
systemd-initctl.socket                                                  loaded active listening /dev/initctl Compatibility Named Pipe
systemd-journald-audit.socket                                           loaded active running   Journal Audit Socket
systemd-journald-dev-log.socket                                         loaded active running   Journal Socket (/dev/log)
systemd-journald.socket                                                 loaded active running   Journal Socket
systemd-shutdownd.socket                                                loaded active listening Delayed Shutdown Socket
systemd-udevd-control.socket                                            loaded active running   udev Control Socket
systemd-udevd-kernel.socket                                             loaded active running   udev Kernel Socket
dev-mapper-fedorax2dswap.swap                                          loaded active active    /dev/mapper/fedora-swap
basic.target                                                            loaded active active    Basic System
cryptsetup.target                                                       loaded active active    Encrypted Volumes
getty.target                                                            loaded active active    Login Prompts
local-fs-pre.target                                                     loaded active active    Local File Systems (Pre)
local-fs.target                                                         loaded active active    Local File Systems
multi-user.target                                                       loaded active active    Multi-User System
network-online.target                                                   loaded active active    Network is Online
network.target                                                          loaded active active    Network
nfs-client.target                                                       loaded active active    NFS client services
nss-lookup.target                                                       loaded active active    Host and Network Name Lookups
paths.target                                                            loaded active active    Paths
remote-fs-pre.target                                                    loaded active active    Remote File Systems (Pre)
remote-fs.target                                                        loaded active active    Remote File Systems
slices.target                                                           loaded active active    Slices
sockets.target                                                          loaded active active    Sockets
sound.target                                                            loaded active active    Sound Card
swap.target                                                             loaded active active    Swap
sysinit.target                                                          loaded active active    System Initialization
timers.target                                                           loaded active active    Timers
amavisd-clean-quarantine.timer                                          loaded active waiting   Amavisd clean quarantine timer
amavisd-clean-tmp.timer                                                 loaded active waiting   Amavisd clean tmp timer
dnf-makecache.timer                                                     loaded active waiting   dnf makecache timer
sa-update.timer                                                         loaded active waiting   Spamassassin Rules Update timer
systemd-tmpfiles-clean.timer                                            loaded active waiting   Daily Cleanup of Temporary Directories
LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.
138 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.
[root@mail ~]# vi /etc/freshclam.conf
##
## Example config file for freshclam
## Please read the freshclam.conf(5) manual before editing this file.
##
# Comment or remove the line below.
#Example
# Path to the database directory.
# WARNING: It must match clamd.conf's directive!
# Default: hardcoded (depends on installation options)
DatabaseDirectory /var/lib/clamav
# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/freshclam.log
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes).
# in bytes just don't use modifiers. If LogFileMaxSize is enabled,
# log rotation (the LogRotate option) will always be enabled.
# Default: 1M
#LogFileMaxSize 2M
# Log time with each message.
# Default: no
#LogTime yes
# Enable verbose logging.
# Default: no
#LogVerbose yes
# Use system logger (can work together with UpdateLogFile).
# Default: no
LogSyslog yes
# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
# Default: LOG_LOCAL6
#LogFacility LOG_MAIL
# Enable log rotation. Always enabled when LogFileMaxSize is enabled.
# Default: no
#LogRotate yes
# This option allows you to save the process identifier of the daemon
# Default: disabled
PidFile /var/run/freshclam.pid
# By default when started freshclam drops privileges and switches to the
# "clamav" user. This directive allows you to change the database owner.
# Default: clamav (may depend on installation options)
#DatabaseOwner clamupdate
# Initialize supplementary group access (freshclam must be started by root).
# Default: no
#AllowSupplementaryGroups yes
# Use DNS to verify virus database version. Freshclam uses DNS TXT records
# to verify database and software versions. With this directive you can change
# the database verification domain.
# WARNING: Do not touch it unless you're configuring freshclam to use your
# own database verification domain.
# Default: current.cvd.clamav.net
#DNSDatabaseInfo current.cvd.clamav.net
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# You can use db.XY.ipv6.clamav.net for IPv6 connections.
#DatabaseMirror db.XY.clamav.net
# database.clamav.net is a round-robin record which points to our most
# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
# not working. DO NOT TOUCH the following line unless you know what you
# are doing.
DatabaseMirror database.clamav.net
# How many attempts to make before giving up.
# Default: 3 (per mirror)
#MaxAttempts 5
# With this option you can control scripted updates. It's highly recommended
# to keep it enabled.
# Default: yes
#ScriptedUpdates yes
# By default freshclam will keep the local databases (.cld) uncompressed to
# make their handling faster. With this option you can enable the compression;
# the change will take effect with the next database update.
# Default: no
#CompressLocalDatabase no
"/etc/freshclam.conf" 233L, 8559C written
[root@mail ~]# touch /usr/local/clamav/logs/freshclam.log
[root@mail ~]# chown clamav:clamav /usr/local/clamav/logs/freshclam.log
chown: invalid user: 鈉lamav:clamav?
[root@mail ~]# useradd -g clamav
useradd: group 'clamav' does not exist
[root@mail ~]# useradd clamav
[root@mail ~]# groupadd clamav
groupadd: group 'clamav' already exists
[root@mail ~]# chown clamav:clamav /usr/local/clamav/logs/freshclam.log
[root@mail ~]# touch /usr/local/clamav/logs/clamd.log
[root@mail ~]# chown clamav:clamav /usr/local/clamav/logs/clamd.log
[root@mail ~]# chown clamav:clamav /usr/local/clamav/updata
[root@mail ~]# /usr/local/clamav/bin/freshclam
-bash: /usr/local/clamav/bin/freshclam: No such file or directory
[root@mail ~]# /usr/local/clamav/
logs/   updata/
[root@mail ~]# whereis clamav
clamav: /usr/include/clamav.h /usr/local/clamav /usr/share/clamav
[root@mail ~]# /usr/share/clamav/
clamd-gen        freshclam-sleep  template/
[root@mail ~]# /usr/share/clamav/freshclam-sleep
@                                      Downloads/                             .pki/                                  sysstat-11.1.2-3.fc22.i686.rpm
.bash_history                          .ICEauthority                          postfix.info                           .tcshrc
.bash_logout                           .lesshst                               postfix-policyd-spf-perl-2.010/        Templates/
.bash_profile                          .local/                                postfix-policyd-spf-perl-2.010.tar.gz  Videos/
.bashrc                                Maildir/                               Public/                                .viminfo
.cache/                                Music/                                 .razor/                                webmin-1.740-1.noarch.rpm
.config/                               .mysql_history                         .rnd                                   .xsession-errors
.cshrc                                 nmap-ncat-7.00-1.fc22.i686.rpm         sent
Desktop/                               perl-core-5.20.3-328.fc22.i686.rpm     .ssh/
Documents/                             Pictures/                              .ssh2/
[root@mail ~]# /usr/share/clamav/freshclam-sleep
@                                      Downloads/                             .pki/                                  sysstat-11.1.2-3.fc22.i686.rpm
.bash_history                          .ICEauthority                          postfix.info                           .tcshrc
.bash_logout                           .lesshst                               postfix-policyd-spf-perl-2.010/        Templates/
.bash_profile                          .local/                                postfix-policyd-spf-perl-2.010.tar.gz  Videos/
.bashrc                                Maildir/                               Public/                                .viminfo
.cache/                                Music/                                 .razor/                                webmin-1.740-1.noarch.rpm
.config/                               .mysql_history                         .rnd                                   .xsession-errors
.cshrc                                 nmap-ncat-7.00-1.fc22.i686.rpm         sent
Desktop/                               perl-core-5.20.3-328.fc22.i686.rpm     .ssh/
Documents/                             Pictures/                              .ssh2/
[root@mail ~]# /usr/share/clamav/freshclam-sleep
WARNING: update of clamav database is disabled; please see
'/etc/sysconfig/freshclam'
for information how to enable the periodic update resp. how to turn
off this message.
[root@mail ~]# freshclam
ClamAV update process started at Tue May  3 21:43:57 2016
main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
nonblock_connect: connect timing out (30 secs)
Can't connect to port 80 of host database.clamav.net (IP: 211.239.150.206)
Trying host database.clamav.net (27.96.54.66)...
nonblock_connect: connect timing out (30 secs)
Can't connect to port 80 of host database.clamav.net (IP: 27.96.54.66)
Trying host database.clamav.net (219.94.128.99)...
WARNING: getfile: Unknown response from remote server (IP: 219.94.128.99)
WARNING: getpatch: Can't download daily-21479.cdiff from database.clamav.net
Downloading daily-21479.cdiff [100%]
Downloading daily-21480.cdiff [100%]
Downloading daily-21481.cdiff [100%]
Downloading daily-21482.cdiff [100%]
Downloading daily-21483.cdiff [100%]
Downloading daily-21484.cdiff [100%]
Downloading daily-21485.cdiff [100%]
Downloading daily-21486.cdiff [100%]
Downloading daily-21487.cdiff [100%]
Downloading daily-21488.cdiff [100%]
Downloading daily-21489.cdiff [100%]
Downloading daily-21490.cdiff [100%]
Downloading daily-21491.cdiff [100%]
Downloading daily-21492.cdiff [100%]
Downloading daily-21493.cdiff [100%]
Downloading daily-21494.cdiff [100%]
Downloading daily-21495.cdiff [100%]
Downloading daily-21496.cdiff [100%]
Downloading daily-21497.cdiff [100%]
Downloading daily-21498.cdiff [100%]
Downloading daily-21499.cdiff [100%]
Downloading daily-21500.cdiff [100%]
Downloading daily-21501.cdiff [100%]
Downloading daily-21502.cdiff [100%]
Downloading daily-21503.cdiff [100%]
Downloading daily-21504.cdiff [100%]
Downloading daily-21505.cdiff [100%]
Downloading daily-21506.cdiff [100%]
Downloading daily-21507.cdiff [100%]
Downloading daily-21508.cdiff [100%]
Downloading daily-21509.cdiff [100%]
Downloading daily-21510.cdiff [100%]
Downloading daily-21511.cdiff [100%]
Downloading daily-21512.cdiff [100%]
Downloading daily-21513.cdiff [100%]
daily.cld updated (version: 21513, sigs: 90448, f-level: 63, builder: neo)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 277, sigs: 47, f-level: 63, builder: neo)
ERROR: Corrupted database file /var/lib/clamav/main.cvd: Can't verify database integrity
Corrupted database file renamed to /var/lib/clamav/main.cvd.broken
Trying again in 5 secs...
ClamAV update process started at Tue May  3 21:45:25 2016
Trying host database.clamav.net (219.94.128.99)...
WARNING: getfile: Unknown response from remote server (IP: 219.94.128.99)
WARNING: Can't download main.cvd from database.clamav.net
Trying again in 5 secs...
ClamAV update process started at Tue May  3 21:45:36 2016
Trying host database.clamav.net (203.178.137.175)...
Downloading main.cvd [100%]
main.cvd updated (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
daily.cld is up to date (version: 21513, sigs: 90448, f-level: 63, builder: neo)
bytecode.cvd is up to date (version: 277, sigs: 47, f-level: 63, builder: neo)
Database updated (4309285 signatures) from database.clamav.net (IP: 203.178.137.175)
[root@mail ~]# clamscan --remove
/root/.bash_profile: OK
/root/.bash_logout: OK
/root/nmap-ncat-7.00-1.fc22.i686.rpm: OK
/root/.lesshst: OK
/root/postfix.info: OK
/root/sent: OK
/root/@: OK
/root/.tcshrc: OK
/root/sysstat-11.1.2-3.fc22.i686.rpm: OK
/root/webmin-1.740-1.noarch.rpm: OK
/root/.xsession-errors: OK
/root/postfix-policyd-spf-perl-2.010.tar.gz: OK
/root/.bashrc: OK
/root/.ICEauthority: OK
/root/.cshrc: OK
/root/perl-core-5.20.3-328.fc22.i686.rpm: OK
/root/.rnd: OK
/root/.viminfo: OK
/root/.mysql_history: OK
/root/.bash_history: OK
----------- SCAN SUMMARY -----------
Known viruses: 4303901
Engine version: 0.99.1
Scanned directories: 1
Scanned files: 20
Infected files: 0
Data scanned: 50.18 MB
Data read: 24.81 MB (ratio 2.02:1)
Time: 217.943 sec (3 m 37 s)
[root@mail ~]#

default iconinstall-clamav.txt

上一篇:postfix 添加国内反垃圾邮件联盟过滤垃圾邮件
下一篇:postfix check virus error
linux postfix check amavisd service

linux postfix check amavisd service

postfix check virus error

postfix check virus error

postfix 添加国内反垃圾邮件联盟过滤垃圾邮件

postfix 添加国内反垃圾邮件联盟过滤垃圾邮件

国内影响已扩散,利用“NSA武器库”中漏洞的Wannacry蠕虫勒索软件袭击全球(含修复方案)

国内影响已扩散,利用“NSA武器库”中漏洞的Wannacry蠕虫勒索软件袭击全球(含修复方案)

思科Talos团队深度解析“WannaCry”勒索软件

思科Talos团队深度解析“WannaCry”勒索软件

首发 | Wannacry勒索软件母体主程序逆向分析(含临时解决方案自动化工具)

首发 | Wannacry勒索软件母体主程序逆向分析(含临时解决方案自动化工具)

WannaCry蠕虫详细分析

WannaCry蠕虫详细分析

发表评论

您必须 [ 登录 ] 才能发表留言!

沙发空闲中,快来抢!