With the deluge of viruses and worms on the ‘net, our local antivirus software wasn’t enough. Sure it would catch it on the client usually, but why even let it get that far? With a limited budget, the commercial packages just couldn’t help - and why pay when there’s a great open source package out there?!?!

Clam AntiVirus is a wonderful open source antivirus program. I’ve only had it running for a few days, but already 40 or so viruses have been blocked.

The biggest issue was that our mail server’s sendmail was a bit dated and wasn’t compiled with milter support - sendmail’s “mail filter” API. I was temped to go the download source and compile route, but didn’t really want to deal with that - I like things that are easy to upgrade and manage these days! So I did a bit of Googling and found that RedHat 7.3 RPM support was still out there! Thanks to Dag’s packages, I was able to upgrade sendmail and install Clam all from RPMs! (I was a little weary of doing this cuz I have lots of custom stuff for sendmail - virtual domains, aliases, procmail configs, etc.)

The process:

- Install apt from Dag:

rpm -ihv apt-0.5.15cnc6-1.rh73.dag.i386.rpm

-I installed the clamav, clamd and clamav-milter packages first since I was new to apt-get and wanted to test it first:

apt-get install clamav
apt-get install clamd
apt-get install clamav-milter

-Then to upgrade sendmail:

apt-get install sendmail

The version of sendmail is 8.12.8 with a ton of good compile options, including milter support. The biggest difference is that sendmail looks for sendmail.cf in /etc/mail/ not simply /etc/.

I’ve got a custom mc file for our sendmail configuration, so I had to make a few changes to it and add some things here and there to get everything working, but the upgrade when without a hitch. The biggest issues was needed to comment out the “define(`confAUTO_REBUILD’)dnl” line by putting the standard “dnl” in front of it.

Then all I had to do was add the following:

dnl # clamav milter config
INPUT_MAIL_FILTER(`clmilter’,`S=local:/var/clamav/clmilter.socket,F=, T=S:4m;R:4m’)dnl
define(`confINPUT_MAIL_FILTERS’, `clmilter’)dnl

This is documented all over the place on the web, but to get it to work I had to this:

m4 -D_FFR_MILTER /etc/mail/market-assist.mc > /etc/mail/sendmail.cf

I’m not sure if I need to update my m4 or not - haven’t looked into that one.

I also got SMTP-S working using “temp” SSL certs.

Oh yeah… I almost fogot to mention “freshclam” - it runs as a cron job to update the local virus signature database automatically! Can’t beat that!

I’m also testing SpamAssassin - I’ll post about that soon, but so far it kicks ass!