Hi there,
I have seen several posts regarding clamav and I am very confused.
I want to confirm whether clamav is properly installed and running on my system. How can I do this? Note that I don't have the clamav server enabled at all times as this is low-volume system.
Should the incoming emails contain an X-antivirus header informing the reader that email was in fact scanned? I am not getting such a header in my emails (Spamassassin however is working fine).
++++++++++++++++++++++++++ My Clamav software:
rpm -qa | grep clam
clamav-filesystem-0.97.2-1.vm.el5 clamav-data-0.97.2-1.vm.el5 clamav-0.97.2-1.vm.el5 clamav-server-0.97.2-1.vm.el5 clamav-lib-0.97.2-1.vm.el5 clamav-update-0.97.2-1.vm.el5 clamav-server-sysv-0.97.2-1.vm.el5 ++++++++++++++++++++++++++
While watching the maillog I don't see anything that relate to ClamAv during an incoming email. Any ideas?
Thank you
Anyone please?
I'm not aware of any headers added by ClamAV.
If in Virtualmin, the domain has the "Virus Scanning" feature enabled, it should be scanning for viruses.
If you'd like to test that it's working, you could always send the EICAR test virus to one of your accounts. That's available here:
http://eicar.org/85-0-Download.html
Hi there and thank you for the reply. It seems that sending the eicar test from another system does not come so I presume it gets deleted automatically. The antivirus settings are of course enabled on the mailbox checked. Why however am I getting the following message on my logwatch?
The ClamAV update process (freshclam daemon) was not running! If you no longer wish to run freshclam, deleting the freshclam.log file will suppress this error message.
---------------------- clam-update End -------------------------
I checked the freshclam.log and it seems like it works ok:
Any ideas? Thank you
Yup, it does look like it's running just fine! I'm not sure why you'd be getting messages that suggest otherwise :-)
Seeing as freshclam has updated files even today, I think it's safe to ignore that message.
-Eric