ClamAV - Updating Version: Difference between revisions

m (Removed reference to current version. Need to refer to clamav website for this info.)
No edit summary
 
(29 intermediate revisions by 9 users not shown)
Line 1: Line 1:
Thanks to "Unilogic" AKA: Ben for most of this writeup. Parts have been updated to reflect lastest revision.
{{Archive}}{{Unsupported}}
{{Article Infobox|{{admin}}||{{ZCS 5.0}}|}}==Background==
Zimbra updates the ClamAV engine to latest with every release of ZCS.


If you have no idea how to upgrade or are a little shakey in doing the upgrade yourself, I recommend that you wait for the Zimbra official release.
ClamAV Virus definitions update automatically every 2h by default (zimbraVirusDefinitionsUpdateFrequency attribute).


Note: This was done on Fedora Core 4 minimal install. Also, all the following can be done either as root or as the zimbra user.
However, there are times when you may want the latest package.
If you do it all as 'root', make sure you change ownership for the resulting clamav-0.90.2 folder in /opt/zimbra to zimbra:zimbra.
This HOWTO also assumes that you are upgrading from 0.90.1 to 0.90.2
Please substitute the versions above for what you are upgrading from and to.


==Notes==
Some good tips for troubleshooting can be found in [[ClamAV - Reset Defs DB]]


When ClamAV releases a new version and gets out of date, it will complain in its log files as such.
Definitions in n ZCS 5.0.3+ were moved to a data directory to keep separate from application data, replace applicable with:
/opt/zimbra/data/clamav/db


clamd.log shows the following warning:


LibClamAV Warning: ********************************************************
Out of cycle updates RFE is [http://bugzilla.zimbra.com/show_bug.cgi?id=15137 Bug 15137]


LibClamAV Warning: ***  This version of the ClamAV engine is outdated. ***
http://wiki.zimbra.com/wiki/ClamAV_-_Updating_clamd_for_releases_earlier_than_ZCS_5.0.16


LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/faq.html ***
http://wiki.zimbra.com/wiki/ClamAV_-_Updating_from_versions_lower_than_0.90.0


LibClamAV Warning: ********************************************************
Original directions courtesy of [http://www.zimbra.com/forums/members/Unilogic.html Unilogic].


and
If you have no idea how to upgrade or are a little shaky in doing the upgrade yourself, I recommend that you wait for the Zimbra official release.


freshclam.log shows the following warning:
Step 1: Make a backup.


( Below may be different but will be similer  )
Note: This was done on Fedora Core 4 minimal install. Also, all the following can be done either as root or as the zimbra user.
If you do it all as 'root', make sure you change ownership for the resulting clamav-0.90.2 folder in /opt/zimbra to zimbra:zimbra.


Received signal: wake up
This HOWTO also assumes that you are upgrading from 0.90.1 to 0.90.2
Please substitute the versions above for what you are upgrading from and to.


ClamAV update process started at Fri May 4 15:44:46 2007
If upgrading from anything below 0.90.x, please refer to: [[ClamAV - Updating from versions lower than 0.90.0]]


WARNING: Your ClamAV installation is OUTDATED!
==Noticing Out-of-Date==


WARNING: Local version: 0.90.1 Recommended version: 0.90.2
When ClamAV releases a new version and gets out of date, it will complain in its log files as such.


DON'T PANIC! Read http://www.clamav.net/faq.html
clamd.log shows the following warning:


main.cvd is up to date (version: 42, sigs: 83951, f-level: 10, builder: tkojm)
LibClamAV Warning: ********************************************************
LibClamAV Warning: ***  This version of the ClamAV engine is outdated. ***
LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/faq.html ***
LibClamAV Warning: ********************************************************


WARNING: Your ClamAV installation is OUTDATED!
freshclam.log shows the following warning:
 
WARNING: Current functionality level = 9, recommended = 10
 
DON'T PANIC! Read http://www.clamav.net/faq.html
 
daily.cvd is up to date (version: 2580, sigs: 7879, f-level: 13, builder: ccordes)
 
WARNING: Your ClamAV installation is OUTDATED!
 
WARNING: Current functionality level = 9, recommended = 13
 
DON'T PANIC! Read http://www.clamav.net/faq.html
 


Received signal: wake up
ClamAV update process started at Fri May 4 15:44:46 2007
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.1 Recommended version: 0.90.2
DON'T PANIC! Read http://www.clamav.net/faq.html
main.cvd is up to date (version: 42, sigs: 83951, f-level: 10, builder: tkojm)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 9, recommended = 10
DON'T PANIC! Read http://www.clamav.net/faq.html
daily.cvd is up to date (version: 2580, sigs: 7879, f-level: 13, builder: ccordes)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 9, recommended = 13
DON'T PANIC! Read http://www.clamav.net/faq.html


If upgrading from anything below 0.90.x, please refer to: *[[Updating CLAMAV from version lower than 0.90.0]]
==Updating==


To update, follow the following:
To update, follow the following:
First go grab the latest ClamAV source from http://www.clamav.net/download
First go grab the latest ClamAV source from http://www.clamav.net/download (Current Stable Version is 0.96 )
Extract it to where ever you please. All this can either be done as root or as the zimbra user.  
Extract it to where ever you please. All this can either be done as root or as the zimbra user.  
If you do it all as root make sure you change ownership for the resulting clamav folder in /opt/zimbra to zimbra:zimbra.
If you do it all as root make sure you change ownership for the resulting clamav folder in /opt/zimbra to zimbra:zimbra.


Assuming that the new clamav version is in the directory:  /home/snelson ( substitute your username for 'snelson'  )
Assuming that the new clamav version is in the directory:  /home/snelson ( substitute your username for 'snelson'  )
**DO NOT use anything but a working directory!**
Stay out of the Zimbra directories for the program build part(s).
If you mess something up, all you need to do is delete your temp dir and try again.
Just sayin' ....  ;-)


So, you are in:  /home/snelson  ( substitute your username for 'snelson'  )
'''tar -xvf clamav-0.96.tar.gz'''


'''tar -xvf clamav-0.90.2.tar.gz'''
'''cd clamav-0.96'''


'''cd clamav-0.90.2'''
Next run configure inside of the clamav extract as following:


Next run configure inside of the clamav extract as following:
'''./configure --prefix=/opt/zimbra/clamav-0.96 --with-user=zimbra --with-group=zimbra'''


'''./configure --prefix=/opt/zimbra/clamav-0.90.2 --with-user=zimbra --with-group=zimbra'''
This assumes 'zimbra' is user and group id 'zimbra', change it accordingly to your system to match your zimbra user.


This assumes 'zimbra' is user and group id 'zimbra', change it accordingly to your system to match your zimbra user.
Note: I had to install gmp-devel and bzip2-devel so the configure could find all its header files. Your mileage may very. If you get an error about GNU MP missing install gmp-devel. "yum install gmp-devel", and "yum install bzip2-devel" in Fedora and Red Hat. In Ubuntu, you must install libsll-dev by this command: apt-get install libssl-dev.


Note: I had to install gmp-devel and bzip2-devel so the configure could find all its header files. Your mileage may very. If you get an error about GNU MP missing install gmp-devel. "yum install gmp-devel", and "yum install bzip2-devel" in Fedora and Red Hat.


If your 'configure' goes well, and make sure it does as you don't really want ClamAV installed without some of its available testing ability being compiled.


If your 'configure' goes well, and make sure it does as you don't really want ClamAV installed without some of its available testing ability being compiled.
Run: '''make'''


Run: '''make'''
The following steps should be run as root.


Assuming there are no errors,
Assuming there are no errors,


Run: '''make check''' and then '''make install'''.
Run: '''make check''' and then '''make install'''.
Again assuming no errors, you now have the new version installed into /opt/zimbra/clamav-0.90.2
Again assuming no errors, you now have the new version installed into /opt/zimbra/clamav-0.96


Now we compare then copy your old clamd.conf and freshclam.conf  from the previous version to the new version directory:
Now we compare then copy your old clamd.conf and freshclam.conf  from the previous version to the new version directory:


'''cd /opt/zimbra/clamav-0.90.1/etc/'''
'''cd /opt/zimbra/clamav-0.96/etc/'''


'''diff clamd.conf ../../clamav-0.90.2/etc/clamd.conf'''
'''diff clamd.conf ../../clamav/etc/clamd.conf'''


'''diff freshclam.conf ../../clamav-0.90.2/etc/freshclam.conf'''
'''diff freshclam.conf ../../clamav/etc/freshclam.conf'''


Above is just incase you are curious of what we are changing/over writing from the clamav defaults.
Above is just incase you are curious of what we are changing/over writing from the clamav defaults.


'''cd /opt/zimbra/clamav-0.90.2/etc/'''
'''mv clamd.conf  clamd.conf.org'''


'''mv clamd.conf  clamd.conf.org'''
'''mv freshclam.conf  freshclam.conf.org'''


'''mv freshclam.conf freshclam.conf.org'''
'''cd /opt/zimbra/conf'''


'''cd /opt/zimbra/conf'''
'''cp clamd.conf  /opt/zimbra/clamav-0.96/etc/'''


'''cp clamd.conf /opt/zimbra/clamav-0.90.2/etc/'''
'''cp freshclam.conf /opt/zimbra/clamav-0.96/etc/'''


'''cp freshclam.conf /opt/zimbra/clamav-0.90.2/etc/'''




As zimbra:  '''zmcontrol stop''' to stop Zimbra.


Now need to delete the symbolic link and re-link it to the new install. As root:


Run:  '''zmcontrol stop''' to stop Zimbra.


Now need to delete the symbolic link and re-link it to the new install:


'''cd /opt/zimbra'''


 
'''ls -la | grep clamav''' ( should see 'clamav -> /path/to/previous_clamAV' )
'''cd /opt/zimbra'''
 
'''ls -la 'grep' clamav''' ( should see 'clamav - /opt/zimbra/clamav-0.90.1' )


if so:
if so:


'''rm -rf clamav'''
'''rm -rf clamav''' (or if you want to keep the old install & link around, so you can easily back out, just do '''mv clamav clamav.old''')


'''ln -s /opt/zimbra/clamav-0.90.2 /opt/zimbra/clamav'''
'''ln -s /opt/zimbra/clamav-0.96 /opt/zimbra/clamav'''


Create directory /opt/zimbra/clamav/db
Create directory /opt/zimbra/clamav/db


'''mkdir /opt/zimbra/clamav/db'''
'''mkdir /opt/zimbra/clamav/db '''


Now you should make sure zimbra owns all of clamav.
Now you should make sure zimbra owns all of clamav.


'''chown -R zimbra:zimbra /opt/zimbra/clamav-0.90.2'''
'''chown -R zimbra:zimbra /opt/zimbra/clamav-0.96'''
 
zimbra also needs access to freshclam.conf
 
'''chmod a+r /opt/zimbra/clamav/etc/freshclam.conf'''




Next we need to update the virus database.
Next we need to update the virus database.


'''su zimbra'''
'''su zimbra'''
 
Run: '''/opt/zimbra/clamav/bin/freshclam'''
 
If you get any warnings, just run the command again to confirm that everything was successfully updated.
 
NOTE: if you run zimbra behind a proxy, you need to modify /opt/zimbra/clamav/etc/freshclam.conf. Please uncomment these lines:
 
        HTTPProxyServer myproxyserver.com
        HTTPProxyPort 1234
        HTTPProxyUsername myusername
        HTTPProxyPassword mypass


Run: '''/opt/zimbra/clamav/bin/freshclam'''




Need to start Zimbra.
Need to start Zimbra.
Run '''zmcontrol start'''
Run '''zmcontrol start'''


Run '''zmcontrol status''' to make sure antivirus is running. If it is, you're good to go.
Note: you may not need to stop Zimbra during this update. If you don't stop Zimbra, just do '''zmantivirusctl restart''' at this point.


You should check /opt/zimbra/log/clamd.log for errors, as well as freshclam in the same directory. Also /var/log/zimbra.log. To test out ClamAV I would suggest http://www.webmail.us/testvirus to send different variations of the EICAR test virus to one of your email addresses. Depending on if you have "Send notice ot recipient" check in Global Settings of the Admin Web UI, the user should receive around 20 email notifications of the emails being quarantined. Don't worry about the two that got through. Apparently ClamAV doesn't check for the techniques. There are although no virii included in those two emails, so it doesn't worry me.
Run '''zmcontrol status''' to make sure antivirus is running. If it is, you're good to go.
 
You should check /opt/zimbra/log/clamd.log for errors, as well as freshclam in the same directory. Also /var/log/zimbra.log. To test out ClamAV I would suggest http://www.webmail.us/testvirus to send different variations of the EICAR test virus to one of your email addresses. Depending on if you have "Send notice ot recipient" check in Global Settings of the Admin Web UI, the user should receive around 20 email notifications of the emails being quarantined. Don't worry about the two that got through. Apparently ClamAV doesn't check for the techniques. There are although no virii included in those two emails, so it doesn't worry me.
You can delete the previous install of clamav once you make sure everything is working. Delete the /opt/zimbra/clamav-0.90.1 directory and everythnig it contains. Again may want to wait a weelk or two to make sure you have the other version working well first.
You can delete the previous install of clamav once you make sure everything is working. Delete the /opt/zimbra/clamav-0.90.1 directory and everythnig it contains. Again may want to wait a weelk or two to make sure you have the other version working well first.


==Scripting==


----
Possible Script: (tweaked and tested on a CentOS server as of July 14, 2010)
 
<pre>
----
Possible Script:
#!/bin/bash
#!/bin/bash
#
#
Line 170: Line 182:
#  This script is absolutely untested.  I wrote it after the fact
#  This script is absolutely untested.  I wrote it after the fact
#  as reference, for the next time this happens.  I repeat I have
#  as reference, for the next time this happens.  I repeat I have
#  not actually tested to see if it even runs.  You probobly want
#  not actually tested to see if it even runs.  You probably want
#  to just run through the steps manually to prevent harming your
#  to just run through the steps manually to prevent harming your
#  system...  Again, this script took 2 minutes to write, and has
#  system...  Again, this script took 2 minutes to write, and has
Line 176: Line 188:
#
#
#  Otherwise, if you really want to run it, uncomment the exit
#  Otherwise, if you really want to run it, uncomment the exit
satement.
statement.
#
#
Anonomous - 20071119 updates by others 20071206
[http://www.zimbra.com/forums/members/artimus.html artimus]- 20071119 updates by others 20071206
#
#
##################################################################
##################################################################
exit
#exit
NOW=`date +%Y%m%d%H%M%S`
NOW=`date +%Y%m%d%H%M%S`
BUILDDIR=${NOW}_clamav_build
BUILDDIR=${NOW}_clamav_build


ClamVer=&amp;amp;quot;clamav-0.91.2&amp;amp;quot;
ClamVer="clamav-0.96.1"
ClamURL=&amp;amp;quot;http://easynews.dl.sourceforge.net/sourceforge/clamav/clamav-0.91.2.tar.gz&amp;amp;quot;
ClamURL="http://easynews.dl.sourceforge.net/sourceforge/clamav/clamav-0.96.1.tar.gz"


echo &amp;amp;quot;Installing dependencies if nessesary&amp;amp;quot;
echo "Installing dependencies if necessary"
yum -y install gcc glibc zlib-devel gmp-devel bzip2-devel
yum -y install gcc glibc zlib-devel gmp-devel bzip2-devel
# on Debian/Ubuntu use: apt-get build-dep clamav


# apt-get build-dep clamav


echo &amp;amp;quot;Preparing Source&amp;amp;quot;
echo "Preparing Source"
mkdir ${BUILDDIR} &amp;amp;amp;&amp;amp;amp; cd ${BUILDDIR}
mkdir ${BUILDDIR} && cd ${BUILDDIR}
wget ${ClamURL}
wget ${ClamURL}


Line 200: Line 214:
tar -zxvf ${ClamVer}.tar.gz
tar -zxvf ${ClamVer}.tar.gz
cd ${ClamVer}
cd ${ClamVer}
echo &amp;amp;quot;==== Building and Installing ClamAV ====&amp;amp;quot;
echo "==== Building and Installing ClamAV ===="
./configure --prefix=/opt/zimbra/${ClamVer} --with-user=zimbra --with-group=zimbra
./configure --prefix=/opt/zimbra/${ClamVer} --with-user=zimbra --with-group=zimbra


make &amp;amp;amp;&amp;amp;amp; make check &amp;amp;amp;&amp;amp;amp; make install
make && make check && make install




Line 211: Line 225:
mv clamd.conf clamd.conf.orig
mv clamd.conf clamd.conf.orig
mv freshclam.conf freshclam.conf.orig
mv freshclam.conf freshclam.conf.orig
chown zimbra:zimbra *.conf


cp /opt/zimbra/conf/clamd.conf .
cp /opt/zimbra/conf/clamd.conf .
cp /opt/zimbra/conf/freshclam.conf .
cp /opt/zimbra/conf/freshclam.conf .
chown zimbra:zimbra *.conf




sudo -u zimbra zmcontrol stop
sudo -u zimbra /opt/zimbra/bin/zmcontrol stop
cd /opt/zimbra
cd /opt/zimbra
unlink clamav
unlink clamav
Line 223: Line 237:




echo &amp;amp;quot;==== Freshen =========&amp;amp;quot;
echo "==== Freshen ========="
sudo -u zimbra /opt/zimbra/clamav/bin/freshclam
sudo -u zimbra /opt/zimbra/clamav/bin/freshclam




echo &amp;amp;quot;===== Starting Zimbra =======&amp;amp;quot;
echo "===== Starting Zimbra ======="
echo &amp;amp;quot; If it doesn&amp;amp;#39;t work, try a reboot&amp;amp;quot;
echo " If it doesn't work, try a reboot"
sudo -u zimbra zmcontrol start
sudo -u zimbra /opt/zimbra/bin/zmcontrol start
</pre>
 
=Related Articles=
*[[ClamAV - Updating from versions lower than 0.90.0]]
*[http://resources.infosecinstitute.com/open-source-antivirus-clamav/ http://resources.infosecinstitute.com/open-source-antivirus-clamav/]
 
 
{{Article Footer|unknown|5/6/2007}}


[[Category:Anti-virus]]
[[Category:Anti-virus]]
[[Category:ZCS 5.0]]

Latest revision as of 16:12, 31 March 2015

Admin Article

Article Information

This article applies to the following ZCS versions.

ZCS 5.0 Article ZCS 5.0

Background

Zimbra updates the ClamAV engine to latest with every release of ZCS.

ClamAV Virus definitions update automatically every 2h by default (zimbraVirusDefinitionsUpdateFrequency attribute).

However, there are times when you may want the latest package.

Notes

Some good tips for troubleshooting can be found in ClamAV - Reset Defs DB

Definitions in n ZCS 5.0.3+ were moved to a data directory to keep separate from application data, replace applicable with:

/opt/zimbra/data/clamav/db


Out of cycle updates RFE is Bug 15137

http://wiki.zimbra.com/wiki/ClamAV_-_Updating_clamd_for_releases_earlier_than_ZCS_5.0.16

http://wiki.zimbra.com/wiki/ClamAV_-_Updating_from_versions_lower_than_0.90.0

Original directions courtesy of Unilogic.

If you have no idea how to upgrade or are a little shaky in doing the upgrade yourself, I recommend that you wait for the Zimbra official release.

Step 1: Make a backup.

Note: This was done on Fedora Core 4 minimal install. Also, all the following can be done either as root or as the zimbra user. If you do it all as 'root', make sure you change ownership for the resulting clamav-0.90.2 folder in /opt/zimbra to zimbra:zimbra.

This HOWTO also assumes that you are upgrading from 0.90.1 to 0.90.2 Please substitute the versions above for what you are upgrading from and to.

If upgrading from anything below 0.90.x, please refer to: ClamAV - Updating from versions lower than 0.90.0

Noticing Out-of-Date

When ClamAV releases a new version and gets out of date, it will complain in its log files as such.

clamd.log shows the following warning:

LibClamAV Warning: ********************************************************
LibClamAV Warning: ***  This version of the ClamAV engine is outdated.  ***
LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/faq.html ***
LibClamAV Warning: ********************************************************

freshclam.log shows the following warning:

Received signal: wake up
ClamAV update process started at Fri May 4 15:44:46 2007
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.1 Recommended version: 0.90.2
DON'T PANIC! Read http://www.clamav.net/faq.html
main.cvd is up to date (version: 42, sigs: 83951, f-level: 10, builder: tkojm)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 9, recommended = 10
DON'T PANIC! Read http://www.clamav.net/faq.html
daily.cvd is up to date (version: 2580, sigs: 7879, f-level: 13, builder: ccordes)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 9, recommended = 13
DON'T PANIC! Read http://www.clamav.net/faq.html

Updating

To update, follow the following: First go grab the latest ClamAV source from http://www.clamav.net/download (Current Stable Version is 0.96 ) Extract it to where ever you please. All this can either be done as root or as the zimbra user. If you do it all as root make sure you change ownership for the resulting clamav folder in /opt/zimbra to zimbra:zimbra.

Assuming that the new clamav version is in the directory: /home/snelson ( substitute your username for &#39;snelson&#39; )

tar -xvf clamav-0.96.tar.gz

cd clamav-0.96

Next run configure inside of the clamav extract as following:

./configure --prefix=/opt/zimbra/clamav-0.96 --with-user=zimbra --with-group=zimbra

This assumes 'zimbra' is user and group id 'zimbra', change it accordingly to your system to match your zimbra user.

Note: I had to install gmp-devel and bzip2-devel so the configure could find all its header files. Your mileage may very. If you get an error about GNU MP missing install gmp-devel. &quot;yum install gmp-devel&quot;, and &quot;yum install bzip2-devel&quot; in Fedora and Red Hat. In Ubuntu, you must install libsll-dev by this command: apt-get install libssl-dev.


If your 'configure' goes well, and make sure it does as you don't really want ClamAV installed without some of its available testing ability being compiled.

Run: make

The following steps should be run as root.

Assuming there are no errors,

Run: make check and then make install. Again assuming no errors, you now have the new version installed into /opt/zimbra/clamav-0.96

Now we compare then copy your old clamd.conf and freshclam.conf from the previous version to the new version directory:

cd /opt/zimbra/clamav-0.96/etc/

diff clamd.conf ../../clamav/etc/clamd.conf

diff freshclam.conf ../../clamav/etc/freshclam.conf

Above is just incase you are curious of what we are changing/over writing from the clamav defaults.

mv clamd.conf clamd.conf.org

mv freshclam.conf freshclam.conf.org

cd /opt/zimbra/conf

cp clamd.conf /opt/zimbra/clamav-0.96/etc/

cp freshclam.conf /opt/zimbra/clamav-0.96/etc/


As zimbra: zmcontrol stop to stop Zimbra.

Now need to delete the symbolic link and re-link it to the new install. As root:


cd /opt/zimbra

ls -la | grep clamav ( should see 'clamav -> /path/to/previous_clamAV' )

if so:

rm -rf clamav (or if you want to keep the old install & link around, so you can easily back out, just do mv clamav clamav.old)

ln -s /opt/zimbra/clamav-0.96 /opt/zimbra/clamav

Create directory /opt/zimbra/clamav/db

mkdir /opt/zimbra/clamav/db

Now you should make sure zimbra owns all of clamav.

chown -R zimbra:zimbra /opt/zimbra/clamav-0.96

zimbra also needs access to freshclam.conf

chmod a+r /opt/zimbra/clamav/etc/freshclam.conf


Next we need to update the virus database.

su zimbra

Run: /opt/zimbra/clamav/bin/freshclam

If you get any warnings, just run the command again to confirm that everything was successfully updated.

NOTE: if you run zimbra behind a proxy, you need to modify /opt/zimbra/clamav/etc/freshclam.conf. Please uncomment these lines:

       HTTPProxyServer myproxyserver.com
       HTTPProxyPort 1234
       HTTPProxyUsername myusername
       HTTPProxyPassword mypass


Need to start Zimbra. Run zmcontrol start

Note: you may not need to stop Zimbra during this update. If you don't stop Zimbra, just do zmantivirusctl restart at this point.

Run zmcontrol status to make sure antivirus is running. If it is, you're good to go.

You should check /opt/zimbra/log/clamd.log for errors, as well as freshclam in the same directory. Also /var/log/zimbra.log. To test out ClamAV I would suggest http://www.webmail.us/testvirus to send different variations of the EICAR test virus to one of your email addresses. Depending on if you have &quot;Send notice ot recipient&quot; check in Global Settings of the Admin Web UI, the user should receive around 20 email notifications of the emails being quarantined. Don&#39;t worry about the two that got through. Apparently ClamAV doesn&#39;t check for the techniques. There are although no virii included in those two emails, so it doesn&#39;t worry me. You can delete the previous install of clamav once you make sure everything is working. Delete the /opt/zimbra/clamav-0.90.1 directory and everythnig it contains. Again may want to wait a weelk or two to make sure you have the other version working well first.

Scripting

Possible Script: (tweaked and tested on a CentOS server as of July 14, 2010)

#!/bin/bash
#
#
#   !!!!!! WARNING !!!!!!!!!!
#   This script is absolutely untested.  I wrote it after the fact
#   as reference, for the next time this happens.  I repeat I have
#   not actually tested to see if it even runs.  You probably want
#   to just run through the steps manually to prevent harming your
#   system...  Again, this script took 2 minutes to write, and has
#   never been tested, and there absolutely no error checking.
#
#   Otherwise, if you really want to run it, uncomment the exit
#   statement.
#
#   [http://www.zimbra.com/forums/members/artimus.html artimus]- 20071119 updates by others 20071206
#
##################################################################
#exit
NOW=`date +%Y%m%d%H%M%S`
BUILDDIR=${NOW}_clamav_build

ClamVer="clamav-0.96.1"
ClamURL="http://easynews.dl.sourceforge.net/sourceforge/clamav/clamav-0.96.1.tar.gz"

echo "Installing dependencies if necessary"
yum -y install gcc glibc zlib-devel gmp-devel bzip2-devel
# on Debian/Ubuntu use: apt-get build-dep clamav

# apt-get build-dep clamav

echo "Preparing Source"
mkdir ${BUILDDIR} && cd ${BUILDDIR}
wget ${ClamURL}



tar -zxvf ${ClamVer}.tar.gz
cd ${ClamVer}
echo "==== Building and Installing ClamAV ===="
./configure --prefix=/opt/zimbra/${ClamVer} --with-user=zimbra --with-group=zimbra

make && make check && make install


chown -R zimbra:zimbra /opt/zimbra/${ClamVer}

cd /opt/zimbra/${ClamVer}/etc
mv clamd.conf clamd.conf.orig
mv freshclam.conf freshclam.conf.orig

cp /opt/zimbra/conf/clamd.conf .
cp /opt/zimbra/conf/freshclam.conf .
chown zimbra:zimbra *.conf


sudo -u zimbra /opt/zimbra/bin/zmcontrol stop
cd /opt/zimbra
unlink clamav
ln -s ${ClamVer} clamav


echo "==== Freshen ========="
sudo -u zimbra /opt/zimbra/clamav/bin/freshclam


echo "===== Starting Zimbra ======="
echo " If it doesn't work, try a reboot"
sudo -u zimbra /opt/zimbra/bin/zmcontrol start

Related Articles


Verified Against: unknown Date Created: 5/6/2007
Article ID: https://wiki.zimbra.com/index.php?title=ClamAV_-_Updating_Version Date Modified: 2015-03-31



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search