Problem

The purpose of this article is to setup ClamAV via an RPM package and configure it as an Antivirus plug-in for Kerio Connect. The example Linux distribution used is Fedora Core 6 (FC 6), but these instructions should work on any RPM based distribution.

What should you know before you start reading this article

This article is written also for less experienced users, however user who reads this article should know following (although most steps are explained for clarity):

• How to edit files under Linux, for example using vi.
• Basic knowledge about Linux systems, for example how to install files, and packages as well as how to create users.
• Example is for Fedora Core 6, but it should work for other distributions as well.
• How to “become” root. Many steps need to be taken with root privileges in this article. Although we do not advise logging in as the root user, using the su or sudo commands to create a root shell would be advantageous

System requirements:

• Supported Linux distribution, in this example is Fedora Core 6. It should be fully up to date.
• A clamav user must be installed
• Following packages are required in addition (Instructions are shown below how to do this with FC4, but not Suse or other RPM based distributions):
  • clamav-server
  • clamav-update
• Kerio MailServer 6.2 or newer (There was no ClamAV plug-in prior to 6.2)
• A working cron setup to auto run scripts

Step by step guide

Below follows a step by step guide as to how to configure ClamAV so it will work on Kerio Connect as an AV plug-in.

Installing ClamAV server and update packages
Add a clamav user. This can be done through a GUI or through the console. All worked examples here are shown through the console:

[root@localhost ~]# /sbin/groupadd clamav ; /sbin/useradd –rM –g clamav clamav

In case you haven't installed the ClamAV server and update packages yet, please install it. Commands for both Yum and Up2date are shown below:

[root@localhost ~]# yum install clamav-server clamav-update

[root@localhost ~]# up2date u clamav-server clamav-update

Yum will download the files you require and any dependencies. Once you have done this you are ready to start configuring clam. Do this using your preferred text editor. In this article vi is used.

[root@localhost ~]# vi /usr/share/doc/clamav-server-0.88.7/clamd.conf

When the above changes have been made, save and exit the clamd.conf file. Now you have a choice to make. You need to choose a service name for your clam installation. For this example I used clamd. You need to establish symlinks between the actual files and the locations your Linux distribution would like to find them.

[root@localhost ~]# cp /usr/share/doc/clamav-server-0.88.7/clamd.conf /etc/clamd.d/clamd.conf

Now we need to ensure the log file exists:

[root@localhost ~]# touch /var/log/clamd.log

[root@localhost ~]# chgrp clamav /var/log/clamd.log

[root@localhost ~]# chmod u=rwx,g=w,o-rwx /var/log/clamd.log

[root@localhost ~]# vi /usr/share/doc/clamav-server-0.88.7/clamd.logrotate

[root@localhost ~]# cp /usr/share/doc/clamav-server-0.88.7/clamd.logrotate /etc/logrotate.d/clamd.logrotate

It is now time to edit the sysconfig file for clamav. To do this:

[root@localhost ~]# vi /usr/share/doc/clamav-server-0.88.7/clamd.sysconfig

[root@localhost ~]# cp /usr/share/doc/clamav-server-0.88.7/clamd.sysconfig /etc/sysconfig/clamd.sysconfig

Now we need to adjust the init script so as we call the correct script that starts the service with the correct parameters

[root@localhost ~]# vi /usr/share/doc/clamav-server-0.88.7/clamd.init

[root@localhost ~]# cp /usr/share/doc/clamav-server-0.88.7/clamd.init /etc/init.d/clamd

[root@localhost ~]# vi /etc/init.d/clamd

[root@localhost ~]# vi /usr/share/clamav/clamd-wrapper

[root@localhost ~]# cp /usr/share/clamav/clamd-wrapper /etc/clamd.d/clamd-wrapper

[root@localhost ~]# /sbin/service clamd start

Starting clamd:                                            [  OK  ]

Setting up Freshclam, ClamAV’s updating software

In this step we describe how to setup freshclam so as ClamAV remains up to date. There are only a few steps this time, and once ClamAV is able to become updated, we will be able to add it as an antivirus plug-in on our Kerio Connect.

Firstly, you need to get your country "code" so as freshclam knows which mirror to go to when updating. Your country is quite often the two letter domain for your nation (EG uk for United Kingdom, cz for Czech Republic, us for USA, etc) If however you are unsure as to what 2 letters indicate your country, you can find a list here http://www.iana.org/cctld/cctld-whois.htm.

Once you know what your country code is, it’s once again time to start editing files. (The US is used as the example shown below. Please adjust it to your country code)

[root@localhost ~]# vi /etc/freshclam.conf

[root@localhost ~]# ln –s /usr/local/bin/freshclam /usr/bin/freshclam

[root@localhost ~]# ln –s /usr/local/sbin/clamd /usr/sbin/clamd

Now we need to quickly create a cron job to allow freshclam to run daily to update the databases

[root@localhost ~]# vi /etc/cron.daily/clamd

						 #!/bin/sh 

						 #run freshclam 

						 freshclam 

					 	 #restart clam using the new database 

						 /sbin/service clamd restart 

					

[root@localhost ~]# chmod u=rwx,g=rx,o=rx /etc/cron.daily/clamd

Setting up Freshclam, ClamAV’s updating software

We are now nearly there. All that remains is to enable the AV plug-in in the Kerio Connect admin console.
Firstly open the admin console and go to Configuration -> Content Filter -> Antivirus. Once there tick “Use External antivirus” and select Clam Antivirus from the dropdown. Then select options, as shown below

Select the UseStreamOnLocalhost option, and press the "edit" button

Change the value in the box to 1 and then press "OK"
Now all that remains is to click "Apply" and ClamAV should be up and running as an antivirus plug-in.