Arabic  Chinese (simplified)  Chinese (traditional)  French  German  Italian  Japanese  Korean  Portuguese  Russian  Spanish 

ClamAV Win32

From ASSPSMTP

Jump to: navigation, search
ClamAV

On This Page


Installing ClamAV and the Clamd Service on Win32.

Downloads

Warning
As of version 0.92 ClamAV uses the pthreads API, which must be installed separately!
  • Downloaded the latest pthread API dll from here and then place it in the C:\Program Files\clamAV\ directory. That's it!

Either Runclamd or the PowerTools package are required along with the ClamAV software

  • Alternately you can use the PowerTools package available here.
    Free for personal use, commercial licenses are available via the contact information provided on the site.

ClamAV

Installation

  • Install clamAV.msi with the default options.
    For this example we will use C:\Program Files\clamAV\, You can change the install path if you like.
    You will need to change the "TemporaryDirectory" in C:\Program Files\clamAV\conf\clamd.conf to the Windows Temp directory:
    • Windows Server 2003 
    TemporaryDirectory "C:\Windows\Temp"
    • Windows Server 2000, NT4 
    TemporaryDirectory "C:\WINNT\Temp"
  • Note: There is no equals sign, you cannot use system variables, and the directory should be in quotes.

Configuration

Before going any further we need to disable some options in the default configuration that can cause performance issues on email servers.

  • Open C:\Program Files\clamAV\conf\clamd.conf in notepad or another text editor.
  • Search for PhishingScanURLs and MailFollowURLs.
  • We need to change them so they both read no.
    Your end result should look like this: 
    MailFollowURLs no
    PhishingScanURLs no

Windows Service

For running the windows service you can use Runclamd or PowerTools.

Runclamd

  • Extract runclamd.zip to C:\Program Files\clamAV\
  • Open C:\Program Files\clamAV\runclamd.ini
    Locate 
    PathToClamd=c:\clamav-devel\bin\clamd.exe
    Change to 
    PathToClamd=C:\Program Files\clamAV\clamd.exe
    Save file and close
  • Install service 
    "C:\Program Files\clamAV\runclamd.exe" -install
  • Make service startup on reboots
    Click Start, and then click Run.
    In the Open field type services.msc, click OK
    1. Find the "Run Clamd" service.
    2. Change Startup Type to Automatic.
    3. On the Log On Tab make sure Local System Account is checked.
    4. Start the service.


Powertools

  • Install PowerTools.msi with default setting. (Same directory as ClamAV)
  • In the Open field type services.msc, click OK".
    1. Find the "ClamAV" service.
    2. Startup Type Should already be set to Automatic.
    3. Start the service.

ASSP Configuration

  • In the ASSP administration interface make sure the AvClamdPort is set to 3310 
    AvClamdPort = 3310
  • Restart ASSP
  • Watch those viruses get blocked

Update virus signatures

  • You can create a scheduled task to run Freshclam.exe a few times a day to update the signatures for you.
    Command to run: 
    C:\Program Files\clamAV\freshclam.exe
  • In addition to the normal ClamAV signatures you may with to use the SaneSecurity signatures which contain signatures for phishing, scam, and image spam emails.
    Install instructions for the sync script can be found here ClamAV SaneSecurity Signatures

Obligatory Disclaimer

These instructions are tested on Server 2003 Standard. I can not verify they will work for other versions of windows. --Geniusfreak

Retrieved from "http://www.asspsmtp.org/wiki/ClamAV_Win32"
These icons link to social bookmarking sites where readers can share and discover new web pages. Blinklist  del.icio.us  digg  Furl  Google  ma.gnolia  Reddit  Slashdot  Spurl  YahooMyWeb 
Personal tools