Plugin: clamav
This plugin scans messages against a ClamAV server. If the message data is
detected as having a virus, the message is rejected, and the error
response contains the virus name as detected by ClamAV. This scanner
only operates over TCP/IP sockets (either remotely or locally).
Notes: This plugin requires ClamAV version 0.95 or later, and
will only scan messages 4GB or smaller due to implementation
limitations. It also causes mailfront to save messages to temporary
files.
Configuration
- $CLAMAV_CONNECT_TIMEOUT
- The maximum amount of time
to wait for a response when connecting to a ClamAV scanner, in
milliseconds. (defaults to $CLAMAV_TIMEOUT below)
- $CLAMAV_MAXSIZE
- The maximum message size to be
scanned, in bytes. This limit is useful for avoiding overloading the
scanning system(s). If the incoming message is larger than this
threshold, a warning is printed and no scanning is done. If unset or
set to "0", there is no limit.
- $CLAMAV_HOST
- The hostname of the ClamAV scanner.
If this name resolves to multiple IP addresses, all of them are tried in
sequence (starting at a random point) until one scans the message.
- $CLAMAV_PORT
- Use this TCP port number for the
command/response data. (defaults to 3310)
- $CLAMAV_SEND_TIMEOUT
- The maximum amount of time to
wait for the output buffer to clear when sending data to a ClamAV
scanner, in milliseconds. (defaults to $CLAMAV_TIMEOUT
below)
- $CLAMAV_TIMEOUT
- The maximum amount of time to wait
for a response from the ClamAV scanner, in milliseconds. (defaults to
5000)
- $CLAMD_HOST
- Sets the scanner host address if
$CLAMAV_HOST is unset.
- $CLAMD_PORT
- Sets the scanner port address if
$CLAMAV_PORT is unset.
- $CLAMD_TIMEOUT
- Sets the timeout value if
$CLAMAV_TIMEOUT is unset.
Sender Action
None
Recipient Action
None
Data Action
None
Message Action
The message is scanned when all the data has been completely
transmitted (to prevent timeout issues with sending data to the ClamAV
server).