Clamav unofficial sigs

Revision as of 07:46, 5 April 2016 by Twouters (talk | contribs) (Created page with "{{BC|Community Sandbox}} __FORCETOC__ <div class="col-md-12 ibox-content"> =Clamav unofficial sigs= {{KB|{{Unsupported}}|{{ZCS 8.5}}|{{ZCS 8.6}}|}} {{WIP}} The clamav-unoffic...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Clamav unofficial sigs

   KB 22579        Last updated on 2016-04-5  




0.00
(0 votes)


The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol.

The following steps should be performed to enable clamav unofficial sigs on Zimbra.

Download the latest version from https://github.com/extremeshok/clamav-unofficial-sigs/releases/latest (current release is 5.0.6)

# cd /opt/zimbra
# wget https://github.com/extremeshok/clamav-unofficial-sigs/archive/5.0.6.tar.gz
# tar -xf 5.0.6.tar.gz
# ln -sf clamav-unofficial-sigs-5.0.6 clamav-unofficial-sigs
# rm 5.0.6.tar.gz

Create the required directories

# su - zimbra
$ mkdir conf/clamav-unofficial-sigs
$ mkdir data/clamav-unofficial-sigs

Copy default config files to config dir

$ cp clamav-unofficial-sigs/config/{master.conf,user.conf} conf/clamav-unofficial-sigs/

Create zimbra specific config conf/clamav-unofficial-sigs/os.conf:

clam_user="zimbra"
clam_group="zimbra"
clam_dbs="/opt/zimbra/data/clamav/db"
clamd_pid="/opt/zimbra/log/clamd.pid"
work_dir="/opt/zimbra/data/clamav-unofficial-sigs"
log_file_path="/opt/zimbra/log"
clamd_reload_opt="/opt/zimbra/clamav/bin/clamdscan --config-file=/opt/zimbra/conf/clamd.conf --reload"
clamscan_bin="/opt/zimbra/clamav/bin/clamscan"
user_configuration_complete="yes"

Try to run clamav-unofficial-sigs and check to output for possible errors.

$ /bin/bash /opt/zimbra/clamav-unofficial-sigs/clamav-unofficial-sigs.sh -c /opt/zimbra/conf/clamav-unofficial-sigs

Additional logs are available in /opt/zimbra/log/clamav-unofficial-sigs.log

If all went well, install cron job using crontab -e:

45 * * * * /bin/bash /opt/zimbra/clamav-unofficial-sigs/clamav-unofficial-sigs.sh -c /opt/zimbra/conf/clamav-unofficial-sigs > /dev/null

Log rotation can be configured in e.g. /etc/logrotate.d/clamav-unofficial-sigs:

/opt/zimbra/log/clamav-unofficial-sigs.log {
     weekly
     rotate 4
     missingok
     notifempty
     compress
     create 0644 zimbra zimbra
}
Jump to: navigation, search