02 Sep 2010 
Centrum Technické podpory » Databáze znalostí » How to install ClamAV antivirus in Kerio Connect on MacOS X
 How to install ClamAV antivirus in Kerio Connect on MacOS X
Řešení

This article describes installation and configuration of ClamAV antivirus on Mac OS X 10.5 and higher.
This article only applies to Kerio MailServer 6.7.2 and higher or Kerio Connect 7.0.0 and higher.

There are few Mac OS X ports of ClamAV AntiVirus. The recommended one is ClamXav (www.clamxav.com).

  1. Download ClamXav 1.1.1 (or later) installation package for Mac OS X 10.5 with engine 0.95.2 from download page.
  2. Mount the .dmg image file and install the ClamXav by moving the icon to the Application shortcut.
  3. Start the ClamXav application.
  4. Confirm the installation of the ClamAV backend and finish the installation wizard.
  5. Edit ClamXav preferences and configure schedule for antivirus database updating.
Warning: ClamXav 1.1.1 is not compatible with Mac OS X 10.6 (Snow Leopard). For installation on Snow Leopard you need to download beta version of ClamXav 2.0.

 

Configuration of Clamd deamon

Edit the /usr/local/clamXav/etc/clamd.conf file (with administrator privileges) and make following changes:

  • Uncomment the line PidFile /var/run/clamd.pid
  • Comment the line #LocalSocket /tmp/clamd.socket
  • Uncomment the line TCPSocket 3310
  • Uncomment the line TCPAddr 127.0.0.1
  • Uncomment the line Foreground yes
  • Uncomment and change the line StreamMaxLength 30M
  • Uncomment the line DetectPUA yes
  • Uncomment the line DetectBrokenExecutables yes
  • Uncomment the line HeuristicScanPrecedence yes
  • Uncomment the line ArchiveBlockEncrypted yes
Please note, these settings are required in order to make ClamAV working properly with Kerio MailServer/Connect. The clamd daemon will be started on foreground (which is necessary for the next step) and will listen on local TCP port 3310.

 

Launch Clamd on system start

To start the clamd daemon on system start, it has to be registered as a LaunchDaemon script. Create new text file net.clamav.clamd.plist in the /Library/LaunchDaemons/ directory. Use administrator’s permissions while creating the file (eg. ‘sudo vi /Library/LaunchDaemons/net.clamav.clamd.plist’)

Add following lines to the file:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>net.clamav.clamd</string>
    <key>OnDemand</key>
    <false/>
    <key>ProgramArguments</key>
    <array>
    	<string>/usr/local/clamXav/sbin/clamd</string>
    </array>
</dict>
</plist>

Alternatively, you can edit the file with Property List editor.

Now, the clamd can be started and stoped by following commands:

launchctl load /Library/LaunchDaemons/net.clamav.clamd.plist
launchctl unload /Library/LaunchDaemons/net.clamav.clamd.plist

Set the dependency in Kerio MailServer\Connect script

Setting the dependency of Kerio MailServer\Connect service on ClamAV service is necessary in order to make sure the antivirus is started right before the start of the Kerio MailServer\Connect.
Edit the /usr/local/kerio/mailserver/KerioMailServer startup script and add the function for checking if ClamAV is running. Add the blue lines:

#!/bin/bash
#
# Start Kerio MailServer
#
APPPATH=/usr/local/kerio/mailserver/mailserver
BASEPATH=/usr/local/kerio/mailserver
. /etc/rc.common

StartClamAV ()
{
  if [ -e "/Library/LaunchDaemons/net.clamav.clamd.plist" -a ! -e "/var/run/clamd.pid" ]; then
launchctl load /Library/LaunchDaemons/net.clamav.clamd.plist;
fi
}


StartService ()
{
echo "Starting Kerio MailServer"
ulimit -c unlimited
ulimit -n 12000
exec $APPPATH $BASEPATH
}
StopService ()
{
echo "Stopping Kerio MailServer"
killall mailserver
RETVAL=$?
# Wait up to 15 seconds for KMS to actually stop
for x in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do
if [ -a /var/run/kms.pid ]; then
sleep 1;
else
break;
fi
done
# Kill KMS if it hasn’t stopped yet
[ -a /var/run/kms.pid ] && kill −9 ‘cat /var/run/kms.pid‘
return $RETVAL
}
RestartService ()
{
StopService
StartService
}
if [ "$1" = "start" ]
then
StartClamAV
StartService
elif [ "$1" = "stop" ]
then
StopService
elif [ "$1" = "restart" ]
then
RestartService
else
echo "Kerio MailServer script: unknown parameter" "$1"
fi

Warning: The Kerio MailServer\Connect script is overwritten on Kerio MailServer\Connect upgrade. It is necessary to backup the file before the upgrade and make the changes in the script installed by the update.

Configure Kerio MailServer

Open Kerio Administration Console and enable Clam AntiVirus 0.95 plug-in in the anti-virus setting. Press Apply button to save changes. The ClamAV antivirus is now running and Kerio MailServer\Connect is using the antivirus for scanning emails processed by the server. In case of any error, look at the error log in the Administration Console or enable the Antivirus Checking option in the debug log and repeat the action.

Antivirus database update

The update of ClamAV anti-virus database is automatically performed by the process called freshclam which is periodically started as defined in ClamXav settings.



Detaily článku
ID článku: 544
Vytvořeno: 23 Sep 2009 11:34 AM
Autor:
Poslední změna:

 Tato odpověď byla užitečná  Tato odpověď nebyla užitečná

 Uživatelské komentáře Přidat komentář
 Zpět
 Přihlásit [Zapomenuté heslo] 
Email:
Heslo:
Zapamatovat přihlášení:
 
 Hledat
 Možnosti článku
 Přidat komentář
 Vytisknout článek
 PDF verze
 Poslat emailem
 Přidat k oblíbeným
Domů | Registrovat | Založit ticket | Databáze znalostí | Průvodce řešením problému | Diskusní fóra | Ke stažení
Jazyk:

Kerio.com | Help Desk Software By Kayako SupportSuite v3.20.02