ClamAV - Updating clamd for releases earlier than ZCS 5.0.16
|This article applies to the following ZCS versions.|
For those using ZCS 5.0.16 and prior, come 15 April 2010 anti-virus definitions will no longer update AND your ClamAV instance will stop working entirely.
EOL Source: http://www.clamav.net/2009/10/05/eol-clamav-094 "Starting from 15 April 2010 our CVD will contain a special signature which disables all clamd installations older than 0.95 – that is to say older than 1 year. We plan to start releasing signatures which exceed the 980 bytes limit on May 2010."
-Update ZCS to a newer version.
-Update just the ClamAV component.
-Set zimbraVirusDefinitionsUpdateFrequency to 0 well in advance of that day to avoid receiving the remote disable code.
Past 2010.04.15 ?
If you already have daily update #10749:
-Turn off ClamAV from your admin console > server > services 'as/av' tab > uncheck av. Via CLI it's zmprov ms `zmhostname` -zimbraServiceEnabled Antivirus. (The minus sign is important, or you'll leave nothing but av running.) Then zmamavisdctl reload. (This may leave you more vulnerable of course.)
-Update just the ClamAV component.
Manual ClamAV component upgrade:
Zimbra includes ClamAV 0.95 as of ZCS 5.0.18+. The clamav-0.95.1 directory from an installed ZCS 5.0.18 or later installation can be copied directly to an earlier ZCS 5.0 server. To upgrade ClamAV, perform the following steps:
Redhat 5.x 32-bit: http://files2.zimbra.com/downloads/clamav/rhel5/clamav-0.95.1.tar
Redhat 5.x 64-bit: http://files2.zimbra.com/downloads/clamav/rhel5_64/clamav-0.95.1.tar
Redhat 4.x 32-bit: http://files2.zimbra.com/downloads/clamav/rhel4/clamav-0.95.1.tar
Redhat 4.x 64-bit: http://files2.zimbra.com/downloads/clamav/rhel4_64/clamav-0.95.1.tar
SLES 10 32-bit: http://files2.zimbra.com/downloads/clamav/susees10/clamav-0.95.1.tgz
SLES 10 64-bit: http://files2.zimbra.com/downloads/clamav/sles10_64/clamav-0.95.1.tgz
Debian 4 32-bit: http://files.zimbra.com/downloads/clamav/debian4/clamav-0.95.1.tar
Ubuntu 8.04 32-bit: http://files2.zimbra.com/downloads/clamav/ubuntu8/clamav-0.95.1.tgz
Ubuntu 8.04 64-bit: http://files2.zimbra.com/downloads/clamav/ubuntu8_64/clamav-0.95.1.tgz
Ubuntu 6.06 32-bit: http://files2.zimbra.com/downloads/clamav/ubuntu6/clamav-0.95.1.tgz
Ubuntu 6.06 64-bit: http://files2.zimbra.com/downloads/clamav/ubuntu6_64/clamav-0.95.1.tgz
Mac OS X 10.4: http://files2.zimbra.com/downloads/clamav/macosxx86_10.4/clamav-0.95.1.tgz
Mac OS X 10.5: http://files2.zimbra.com/downloads/clamav/macosxx86_10.5/clamav-0.95.1.tgz
Other methods to obtain
1. Install a new server with a later release of ZCS or use the above links. The Free Open-Source release of ZCS is available at http://www.zimbra.com/downloads/os-downloads.html. This document was tested with 5.0.21, but any release starting with 5.0.18 or later will work. 2. After the installation is complete, tar up clamav-0.95.1 on the new server:
cd /opt/zimbra tar cf /tmp/clamav-0.95.1.tar clamav-0.95.1
The Actual Update Instructions
3. Copy this tar file to your existing ZCS server.
cd /opt/zimbra scp user@server:/tmp/clamav-0.95.1.tar .
4. Untar the file.
tar xf clamav-0.95.1.tar
5. Stop ZCS services.
6. Change the symbolic link
rm clamav ln -s clamav-0.95.1 clamav ls -l clamav
The output line will look similar to:
lrwxrwxrwx 1 root root 25 Apr 9 15:39 clamav -> /opt/zimbra/clamav-0.95.1
7. Start services.
You can confirm that the new version of ClamAV is running by checking /opt/zimbra/log/clamd.log. The most recent startup in the log should look similar to:
Fri Apr 9 15:57:16 2010 -> +++ Started at Fri Apr 9 15:57:16 2010 Fri Apr 9 15:57:16 2010 -> clamd daemon 0.95.1-broken-compiler (OS: linux-gnu, ARCH: i386, CPU: i686)
Test send-recieve of mail.
With ClamAV 0.95 in place, updates should continue uninterrupted after April 15, 2010, and your system will remain protected.
This procedure was tested using ZCS 5.0.21 and ZCS 5.0.7.