Ok, here is another option you can use.

This solution is based on two great pieces of software, qscanq and ClamAV. It's very unintrusive and doesn't change your qmail in any way. A single command installs and uninstalls the antivirus portion from your qmail system.

Here is the complete HOW-TO. This was also posted on the Plesk forum a while ago, so you might refer to that thread first if you need any help.

Enjoy!

any guides for freeBSD 4.9 users?

Not from me... We don't use it on our servers, so I haven't done any work on such a combination.

Which version of Ripmime do you suggest for a RH 7.3 system Ales?

The RPM's in the tutorial both give a failed dependancies error. libc.so.6(GLIBC_2.3) is needed. Got that for both RPM versions and can't find anything higher than GLIBC 2.2.5 for RH 7.3.

I tried the pldaniels.com install from source option (appears to have installed at /usr/local/bin/ripmime) but with that one I get the dreaded "451 qq read error (#4.3.0)" error, which the qscanq faq says has to do with ripmime not being installed.

Or is there something I missed in the config files pointing to Ripmime being installed at a different location perhaps?

Any help appreciated.

Squire

Yea, it's the location... The rpm installs ripmime to /usr/bin/ripmime and my altered qscanq package looks for it there.

You could either symlink your ripmime binary to that location or change the setting in "qscan-x.xx/src/conf-ripmime-cmd" file before compiling/upgrading qscanq. That should do it...

I didn't know that the source install of ripmime puts it there... I'll mention this in the how-to.

Will do. Thanks Ales !

I'll be waiting til this evening to tinker with it again since this is a production server with lots of corporate clients on it. Don't wanna take the chance of interrupting their email. I'll probably just symlink it since everything else is already installed. Seems easier.

I'll report back if I get anything else.

Appears to be working like a charm now Ales.

A simple ln -s /usr/local/bin/ripmime /usr/bin/ripmime has everything perking along like a charm.

Passed the test in your tutorial as well as the EICAR test. And has already caught one of those somebody's that keeps trying to send me the SomeFool.P (aka Netsky.P) worm.

I'll keep an eye on things today just to be safe and let ya know if anything fails, but it all looks good for now. If you want to add a note to your tutorial (this is on a PSA 7.02 RH 7.3 machine for reference) the symlink was the only thing different I did from your directions, using the Source Compile option for Ripmime to get past the GLIBC issue of the RPM's.

Good stuff! Thanks!

Squire

ClamAV 0.74 is out, upgrade is recommended.

Since crash-hat has moved it's ClamAV development to Fedora core 2 only, we switched over to Dag Wieer's ClamAV packages. You can now get them from the same source for any modern Red Hat distro (7.x, 8, 9, RHEL 2 and 3, Fedora Core 1 and 2).

Ok, here are some news:

- ClamAV updated to 0.75
- ripMIME updated to 1.3.2.0
- clamav_alter.sh updated to 1.52

This update of ClamAV enables detection of certain new viruses. Upgrade is recommended...

Just a quick question.

Does the software restart automatically if the server is rebooted or do we need to run the command from ssh?

PS.

Thanks for any excellent HOW-TO

Yes, it restarts... The clamav_alter.sh script makes all the necessary modifications so that everything restarts after a reboot.

In which file is located east message??

554 mail server permanently rejected message (#5.3.0)

Hi,
Can you please tell me if I should disable the built-in Dr Web antivirus before installing the clamav and qscanq package? If yes then how do I disable Dr Web?

Thanks,
-- Santosh