Clamav Virus Protection HOWTO V2

Hi there

Got a lot of responses and integrated/deleted accordingly. Thank you !

Via Yast install
clamav
clamav-db
clamtk gui (if you would prefer this) this needs perl repository
Klamav (kde3) you need this to for Kmail integration/screening config
install the Clamav addon for firefox (Fireclam) for download screening
Having done this
goto yast System Services (runlevel) expert mode
Configure
Clamav-milter B 2 3 5 and start
clamd B 2 3 5 and start
freshclam B 2 3 5 and start (ensures regular updates…thanks Carlos)

save and finish

…and use the latest suse 11.3… keep uptodate

Hope I got it right.

have fun

cheers Otto

On 2010-07-29 00:36, otto oz wrote:
>
> Hi there
>
> Got a lot of responses and integrated/deleted accordingly. Thank you

> Having done this
> goto yast System Services (runlevel) expert mode
> Configure
> Clamav-milter B 2 3 5 and start

No, unless you use sendmail.

> .and use the latest suse 11.3… keep uptodate

Use any openSUSE version, clamav is a security component and is kept updated in all versions (within
its supported life period).

Still, the above does nothing, the system will not scan any files by default (linux is not
considered at danger). You have to choose your method to analyze email (like amavis-new), or
integrate it with samba for on access scan to protect windows shares – not that we care, unless
they pay us :wink:


Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))

Hi Carlos…thanks for the comment

I do not quite understand your comment “No, unless you use sendmail.” If you imply that linux by default is clean anyway…Yes, I agree Clamav-milter is of no use.

cheers
Otto

milters are for sendmail (the original). openSUSE installs postfix, not sendmail, as the MTA by default. To connect up clamav to postfix a different procedure is required.

On 2010-07-29 04:36, otto oz wrote:
>
> Hi Carlos…thanks for the comment
>
> I do not quite understand your comment “No, unless you use sendmail.”
> If you imply that linux by default is clean anyway…Yes, I agree
> Clamav-milter is of no use.

It implies that you are not using sendmail. If you were, you’d immediately would have catched my
meaning, because that piece of software needs particular expertise and most (modern) admins shoo it
away >:-)

You may be using postfix, or qmail or exim (and then you would also understand me), and say so. You
might try to rebate me and point me to “/usr/sbin/sendmail”, and then I would have said to try "rpm
-qf which sendmail" and then re-think your rebate :wink:

You are surely using some kind of mail system, yes. That it will be sendmail is highly improbable,
and thus, I’m 99% sure you do not need clamav-milter :slight_smile:


Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))

Carlos E. R. wrote:
> It implies that you are not using sendmail. If you were, you’d
> immediately would have catched my meaning

what we need here is a few hundred more folks with the good intentions
of Otto and time to help by making how-tos, but with sufficient
experience to actually do them correctly, and clearly…


DenverD
CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]

On 2010-07-29 15:35, DenverD wrote:
> Carlos E. R. wrote:
>> It implies that you are not using sendmail. If you were, you’d
>> immediately would have catched my meaning
>
> what we need here is a few hundred more folks with the good intentions
> of Otto and time to help by making how-tos, but with sufficient
> experience to actually do them correctly, and clearly…

Have I been too acid? Sorry. O:-)

(I’ll take a drink of Eno salts and lurk for a while into some real world tasks :wink: )


Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))

Carlos E. R. wrote:
> Have I been too acid? Sorry. O:-)
>
> (I’ll take a drink of Eno salts and lurk for a while into some real world tasks :wink: )

NO NO…you are being overly nice…


DenverD
CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]

Hi DenverD
Thanks for your support. I would highly welcome a collaboration to make this howto technically complete so that it can be moved into the “reviewed” section for the following reasons:

  1. Newbie’s usually have dual boot and may move infected files into their windows partition, and their may “need” to run windows to use apps(for work or games) which do not run under linux.
  2. It is good system maintenance eg. you do not want to e-mail infected attachments.

thanks
Otto