Clamav unofficial sigs
Clamav unofficial sigs
The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol.
The following steps should be performed to enable clamav unofficial sigs on Zimbra.
Download the latest version from https://github.com/extremeshok/clamav-unofficial-sigs/releases/latest (current release is 5.0.6)
# cd /opt/zimbra # wget https://github.com/extremeshok/clamav-unofficial-sigs/archive/5.0.6.tar.gz # tar -xf 5.0.6.tar.gz # ln -sf clamav-unofficial-sigs-5.0.6 clamav-unofficial-sigs # rm 5.0.6.tar.gz
Create the required directories
# su - zimbra $ mkdir conf/clamav-unofficial-sigs $ mkdir data/clamav-unofficial-sigs
Copy default config files to config dir
$ cp clamav-unofficial-sigs/config/{master.conf,user.conf} conf/clamav-unofficial-sigs/
Create zimbra specific config conf/clamav-unofficial-sigs/os.conf
:
clam_user="zimbra" clam_group="zimbra" clam_dbs="/opt/zimbra/data/clamav/db" clamd_pid="/opt/zimbra/log/clamd.pid" work_dir="/opt/zimbra/data/clamav-unofficial-sigs" log_file_path="/opt/zimbra/log" clamd_reload_opt="/opt/zimbra/clamav/bin/clamdscan --config-file=/opt/zimbra/conf/clamd.conf --reload" clamscan_bin="/opt/zimbra/clamav/bin/clamscan" user_configuration_complete="yes"
Try to run clamav-unofficial-sigs and check to output for possible errors.
$ /bin/bash /opt/zimbra/clamav-unofficial-sigs/clamav-unofficial-sigs.sh -c /opt/zimbra/conf/clamav-unofficial-sigs
Additional logs are available in /opt/zimbra/log/clamav-unofficial-sigs.log
If all went well, install cron job using crontab -e
:
45 * * * * /bin/bash /opt/zimbra/clamav-unofficial-sigs/clamav-unofficial-sigs.sh -c /opt/zimbra/conf/clamav-unofficial-sigs > /dev/null
Log rotation can be configured in e.g. /etc/logrotate.d/clamav-unofficial-sigs
:
/opt/zimbra/log/clamav-unofficial-sigs.log { weekly rotate 4 missingok notifempty compress create 0644 zimbra zimbra }