Important Note

Please note that these manual installation instructions should only be used on Ubuntu distributions, such as Ubuntu Gutsy Gibbon 7.10 server, the distribution the document was written for. If you install Scalix on an unsupported platform, this invalidates your ability to receive Scalix support. Thank you for your understanding and compliance.

This document might be inaccurate and under construction. Do not trust this document.

Configuring Clamav on Ubuntu 7.10 Server (Gutsy Gibbon)

As Ubuntu 7.10 is an unsupported platform there is currently no manual describing the configuration of Clamav (an advanced anti-virus solution) to be used with Scalix. As I managed to get Scalix it up and running and I already documented and shared this with the community (here), I thought it would be useful to share my experiences regarding the Clamav configuration as well.

So below you'll find a how-to that describes the configuration of Clamav to be used with Scalix on a Ubuntu 7.10 server.

Clamav (Clam AntiVirus) is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates.

I used several sources of information on the web. I listed the ones I can remember at the end of the document under Sources.

Applicable Environments

These Installation instructions have been tested with

• Scalix CE 11.3.0
• Ubuntu 7.10 Server (Gutsy Gibbon)

They might not apply unmodified to any other version of Scalix or Ubuntu.

Install the Clamav software

Clamav is Open Source Software available on the internet here. nder Ubuntu we have a package available that can be installed directly with apt-get, but unfortunately the 'standard' package contains an outdated version. No worries, to get an actual version, we can use the repository available here. To do so, add the following line to the file /etc/apt/sources.list:

deb http://ppa.launchpad.net/ubuntu-clamav/ubuntu gutsy main

Afterwards, run:

sudo apt-get update

sudo apt-get install clamav-base clamav clamav-daemon clamav-freshclam

Add clamav user to the Scalix group

For Clamav to be able to cooperate with Scalix, you should add the Clamav user clamav to the SCalix group Scalix. Do this by editing /etc/group with your favorite editor, in this example vi is used, but feel free to use whatever editor you like. Edit the /etc/group file:

sudo vi /etc/group

To add the clamav user to the scalix group, add clamav to the line:

scalix:x:120:

This is what the result should look like:

scalix:x:120:clamav

Configure Clamav

Create ruleset

To create a ruleset which controls the virus protection of the Scalix server, create a file in the directory /var/opt/scalix/<instance>/s/rules/ called ALL-ROUTES.VIR. This file should contain the following two lines:

VIRUS-UNCLEANED=1 ACTION=REJECT NDN-INFO=ndninfo.txt
VIRUS-UNCLEANED=0 VIRUS-FOUND=1 ACTION=ALLOW NOTIFY="A virus was found in your message. It was successfully cleaned and sent to the recipient. However we highly recommend that you install or update your virus protection software and scan your computer for viruses."

Create non-delivery notification

Next create a non-delivery notification, a text file with the message to be sent if a virus was found. This file should be called ndninfo.txt and should be created in the folder /var/opt/scalix/<instance>/s/rules/. This ndninfo.txt file should contain this text:

Text = A virus was detected in your message and could not be cleaned, therefore it was not delivered. We highly recommend that you install or update you virus protection software.

Configure mapper script

Next, you'll have to set up the mapper script. The file omvscan.map is the virus scanning mapper script that links Scalix and the Clamav virus scanning application. So let's copy the example script to our rules folder /var/opt/scalix/<instance>/s/rules/:

sudo cp /opt/scalix/examples/general/omvscan.map /var/opt/scalix/<instance>/s/rules/

Now, change the ownership and the permission of the file /var/opt/scalix/<instance>/s/rules/omvscan.map by invoking these commands:

 sudo chown root:root /var/opt/scalix/<instance>/s/rules/omvscan.map
 sudo chmod 555 /var/opt/scalix/<instance>/s/rules/omvscan.map

Sources

• https://help.ubuntu.com/community/ClamAV?highlight=%28clamav%29
• http://www.clamav.org/doc/latest/clamdoc.pdf
• http://www.clamav.net/
• https://launchpad.net/~ubuntu-clamav/+archive
• http://ubuntuforums.org/showthread.php?t=672610&highlight=clamav
• http://www.scalix.com/wiki/index.php?title=Scalix/Sendmail_%26_Amavisd-New_HOWTO
• http://www.scalix.com/forums/viewtopic.php?t=9766&highlight=allroutes+vir
• http://wiki.clamav.net/Main/TestingClamAV
• http://www.scalix.com/documents/Scalix_Setup_Guide_11.0.2.pdf
• http://www.scalix.com/forums/viewtopic.php?p=7824&sid=ce90e8a99ca29074e853d9ffb3261719

The author

The origin for this document was written by Max Wiertz. As a Scalix newbie, I invested a lot of work in getting Scalix together with Clamav to work for me on Ubuntu. I felt like sharing this with all of you, so you can probably take advantage of it.

If you have any questions, remarks, comments or suggestions regarding this document, do not hesitate to contact me by e-mail: mailto:max_DOT_wiertz_AT_gmail_DOT_com.