ClamAV - Updating clamd for releases earlier than ZCS 5.0.16
For those using ZCS 5.0.16 and prior, come 15 April 2010 anti-virus definitions will no longer update AND your ClamAV instance will stop working entirely.
Zimbra includes ClamAV 0.95 as of ZCS 5.0.18+. The clamav-0.95.1 directory from an installed ZCS 5.0.18 or later installation can be copied directly to an earlier ZCS 5.0 server. To upgrade ClamAV, perform the following steps:
Update: For linux 32-bit we've made this available at http://files2.zimbra.com/downloads/clamav/clamav-0.95.1.tar
1. Install a new server with a later release of ZCS. The Free Open-Source release of ZCS is available at http://www.zimbra.com/downloads/os-downloads.html. This document was tested with 5.0.21, but any release starting with 5.0.18 or later will work. 2. After the installation is complete, tar up clamav-0.95.1 on the new server:
cd /opt/zimbra tar cf /tmp/clamav-0.95.1.tar clamav-0.95.1
3. Copy this tar file to your existing ZCS server.
cd /opt/zimbra scp user@server:/tmp/clamav-0.95.1.tar .
4. Untar the file.
tar xf clamav-0.95.1.tar
5. Stop ZCS services.
6. Change the symbolic link
ln -s clamav-0.95.1 clamav ls -l clamav
The output line will look similar to:
lrwxrwxrwx 1 root root 25 Apr 9 15:39 clamav -> /opt/zimbra/clamav-0.95.1
7. Start services.
You can confirm that the new version of ClamAV is running by checking /opt/zimbra/log/clamd.log. The most recent startup in the log should look similar to:
Fri Apr 9 15:57:16 2010 -> +++ Started at Fri Apr 9 15:57:16 2010 Fri Apr 9 15:57:16 2010 -> clamd daemon 0.95.1-broken-compiler (OS: linux-gnu, ARCH: i386, CPU: i686)
With ClamAV 0.95 in place, updates should continue uninterrupted after April 15, 2010, and your system will remain protected.
This procedure was tested using ZCS 5.0.21 and ZCS 5.0.7.
Other methods to prevent: Set zimbraVirusDefinitionsUpdateFrequency to 0 well in advance of that day to avoid receiving the remote disable code.
If reading this already past that date, try turning off ClamAV from your admin console > global/server > services 'as/av' tab then zmamavisdctl reload.