ClamAV antivirus
-
- Posts: 49
- Joined: Sun May 16, 2004 3:42 pm
ClamAV antivirus
Has anyone tried ClamAV for Windows with mailenable? Is there any way to make them work together?
The URL is http://www.clamwin.net
ClamAV is a well know open source antivirus for UNIX.
The URL is http://www.clamwin.net
ClamAV is a well know open source antivirus for UNIX.
Last edited by consultorpc on Wed Jul 07, 2004 9:22 pm, edited 1 time in total.
-
- Posts: 49
- Joined: Sun May 16, 2004 3:42 pm
I have not tried it yet but as their website:
command-line scanner
fast, multi-threaded daemon
milter interface for sendmail
database updater with support for digital signatures
virus scanner C library
on-access scanning (Linux and FreeBSD)
detection of over 20000 viruses, worms and trojans
built-in support for RAR (2.0), Zip, Gzip, Bzip2
built-in support for Mbox, Maildir and raw mail files
command-line scanner
fast, multi-threaded daemon
milter interface for sendmail
database updater with support for digital signatures
virus scanner C library
on-access scanning (Linux and FreeBSD)
detection of over 20000 viruses, worms and trojans
built-in support for RAR (2.0), Zip, Gzip, Bzip2
built-in support for Mbox, Maildir and raw mail files
Running from the Command Line
ClamWin can be run from the command line, from a batch file for instance. For a full list of parameters, navigate to the directory containing the executable files
("C:\Program Files\ClamWin\bin" on a default istallation) and run
clamscan.exe --help
The directory must be specified, using the --database=FILE/DIR parameter. In a default installation, the command to scan the entire C: drive would be:
clamscan.exe --database="C:\Program Files\ClamWin\db" --recursive C:\
Note the use of the --recursive parameter to ensure that sub-directories are scanned.
When run from the command line, a value will be returned, indicating whether or not a virus was detected. If no virus is found, the return value will be 0. If a virus is found, the return value is 1. Any other return value indicates an error.
ClamWin can be run from the command line, from a batch file for instance. For a full list of parameters, navigate to the directory containing the executable files
("C:\Program Files\ClamWin\bin" on a default istallation) and run
clamscan.exe --help
The directory must be specified, using the --database=FILE/DIR parameter. In a default installation, the command to scan the entire C: drive would be:
clamscan.exe --database="C:\Program Files\ClamWin\db" --recursive C:\
Note the use of the --recursive parameter to ensure that sub-directories are scanned.
When run from the command line, a value will be returned, indicating whether or not a virus was detected. If no virus is found, the return value will be 0. If a virus is found, the return value is 1. Any other return value indicates an error.
The command line options are:
Has anyone tried to configure it yet?
Code: Select all
C:\Program Files\ClamWin\bin>clamscan --help
Clam AntiVirus Scanner devel-20040517
(C) 2002 - 2004 Tomasz Kojm <tkojm@clamav.net>
--help -h Show help
--version -V Print version number and exit
--verbose -v Be verbose
--debug Enable debug messages
--quiet Be quiet - only output error messages
--stdout Write to stdout instead of stderr
(this help is always written to stdout)
--tempdir=DIRECTORY create temporary files in DIRECTORY
--database=FILE/DIR -d FILE/DIR Load virus database from FILE or load
all .cvd and .db[2] files from DIR
--log=FILE -l FILE Save scan report to FILE
--recursive -r Scan directories recursively
--infected -i Print infected files only
--remove Remove infected files. Be careful.
--move=DIRECTORY Move infected files into DIRECTORY
--exclude=REGEX Don't scan file names matching REGEX
--include=REGEX Only scan file names matching REGEX
--bell Sound bell on virus detection
--no-summary Disable summary at end of scanning
--mbox -m Treat stdin as a mailbox
--no-ole2 Disable OLE2 support
--no-archive Disable libclamav archive support
--block-encrypted Block encrypted archives.
--max-space=#n Extract first #n kilobytes only
--max-files=#n Extract first #n files only
--max-recursion=#n Maximal recursion level
--unzip[=FULLPATH] Enable support for .zip files
--unrar[=FULLPATH] Enable support for .rar files
--unace[=FULLPATH] Enable support for .ace files
--arj[=FULLPATH] Enable support for .arj files
--unzoo[=FULLPATH] Enable support for .zoo files
--lha[=FULLPATH] Enable support for .lha files
--jar[=FULLPATH] Enable support for .jar files
--tar[=FULLPATH] Enable support for .tar files
--deb[=FULLPATH to ar] Enable support for .deb files,
implies --tgz , but doesn't conflict
with --tgz=FULLPATH.
--tgz[=FULLPATH] enable support for .tar.gz, .tgz files
-
- Posts: 49
- Joined: Sun May 16, 2004 3:42 pm
Well here is my first go at this. I have been running it now for a few days infront of my normal scanners and it seems to be doing an OK job. I will say though that it is not the fastest of scanners to load and process.
The following is what I had to do to get it installed:
I am working on the basis that everything (including ME) is installed on the C: drive.
1. Download and install ClamWin (I used 0.35.2)
Available at http://www.clamwin.org
2. Install to "C:\Program Files\ClamWin"
3. Change the logfile to somewhere nice.
4. Create the directory "C:\Program Files\ClamWin\VirusDB" and change the ClamWin setting.
5. Download the latest virus defs using the program.
6. Import the registry file (enables ME to use the scanner).
Available at www.publicplanet.com\MEFilter\ClamWin\MEAVCLM.Zip
7. Add the entry "MEAVCLM" to the list of processing order.
Do this by using RegEdit and changing the key:
"HKLM\Software\Mail Enable\Mail Enable\Agents\MTA\Filters\Processing Order"
This is a comma seperated list, you can put it wherever you want.
8. Using the ME Administrator program configure any required options.
9. Restart the MTA process.
10. Press the "Test" button
No results should be returned in the window, but the message "Command line scanner returned: 1" should be at the bottom of the window.
And thats it.
The following is what I had to do to get it installed:
I am working on the basis that everything (including ME) is installed on the C: drive.
1. Download and install ClamWin (I used 0.35.2)
Available at http://www.clamwin.org
2. Install to "C:\Program Files\ClamWin"
3. Change the logfile to somewhere nice.
4. Create the directory "C:\Program Files\ClamWin\VirusDB" and change the ClamWin setting.
5. Download the latest virus defs using the program.
6. Import the registry file (enables ME to use the scanner).
Available at www.publicplanet.com\MEFilter\ClamWin\MEAVCLM.Zip
7. Add the entry "MEAVCLM" to the list of processing order.
Do this by using RegEdit and changing the key:
"HKLM\Software\Mail Enable\Mail Enable\Agents\MTA\Filters\Processing Order"
This is a comma seperated list, you can put it wherever you want.
8. Using the ME Administrator program configure any required options.
9. Restart the MTA process.
10. Press the "Test" button
No results should be returned in the window, but the message "Command line scanner returned: 1" should be at the bottom of the window.
And thats it.
Last edited by MartynK on Mon Sep 13, 2004 12:13 pm, edited 1 time in total.