Installing ClamAV with Sendmail on Solaris

The following are step-by-step instructions for installing ClamAV 0.83 and using clamav-milter on Sendmail 8.13.4 on a Solaris 8 system.

1. Download ClamAV.

2. Extract the ClamAV tarball.
gzip -cd clamav-0.84.tar.gz | tar xvf -

3. Create a clamav user and group.
groupadd clamav
useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav

4. Build ClamAV with milter support.
cd clamav-0.84
./configure --enable-milter
make

5. Install ClamAV.
make install

6. Configure sendmail to use clamav-milter.

Add the following two lines to sendmail.mc:
INPUT_MAIL_FILTER(`clamav-milter', `S=local:/var/run/clamav/clamav-milter.sock, T=S:4m;R:4m')
define(`confINPUT_MAIL_FILTER', `clamav-milter')

Build and install the sendmail.cf file.
./Build install-cf

7. Configure clamd.
vi /usr/local/etc/clamd.conf

Change:
# Comment or remove the line below.
Example

To:
# Comment or remove the line below.
#Example

Change:
# Run as a selected user (clamd must be started by root).
# Default: disabled
#User clamav

To:
# Run as a selected user (clamd must be started by root).
# Default: disabled
User clamav

Change:
# Path to a local socket file the daemon will listen on.
# Default: disabled
LocalSocket /tmp/clamd

To:
# Path to a local socket file the daemon will listen on.
# Default: disabled
LocalSocket /var/run/clamav/clamd.sock

Change:
# Use system logger (can work together with LogFile).
# Default: disabled
#LogSyslog

To:
# Use system logger (can work together with LogFile).
# Default: disabled
LogSyslog

Change:
# This option allows you to save a process identifier of the listening
# daemon (main thread).
# Default: disabled
#PidFile /var/run/clamd.pid

To:
# This option allows you to save a process identifier of the listening
# daemon (main thread).
# Default: disabled
PidFile /var/run/clamav/clamd.pid


8. Configure freshclam.
vi /usr/local/etc/freshclam.conf

Change:
# Comment or remove the line below.
Example

To:
# Comment or remove the line below.
#Example

Change:
# Path to the log file (make sure it has proper permissions)
# Default: disabled
#UpdateLogFile /var/log/freshclam.log

To:
# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/freshclam.log

Change:
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# Default: There is no default, which results in an error when running freshclam
#DatabaseMirror db.XY.clamav.net

To:
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# Default: There is no default, which results in an error when running freshclam
DatabaseMirror db.us.clamav.net

9. Create the freshclam.log log file.
touch /var/log/freshclam.log

10. Run freshclam hourly by adding the following entry in the root user's crontab.
7 * * * * /usr/local/bin/freshclam --quiet

11. Create the directory for the clamd and clamav-milter sockets and configure permissions.
mkdir /var/run/clamav
chown clamav:clamav /var/run/clamav

12. Start clamav-milter
/usr/local/sbin/clamav-milter --max-children=2 -ol /var/run/clamav/clamav-milter.sock

13. Create clamd and clamav-milter startup and shutdown scripts, configure permissions, and create symbolic links.

vi /etc/init.d/clamd

Add:

#!/bin/sh

case $1 in
   'start' )
      if [ ! -d /var/run/clamav ] ; then
         mkdir /var/run/clamav
         chown clamav:clamav /var/run/clamav
      fi
      /usr/local/sbin/clamd
      ;;
   'stop' )
      kill `ps -ef | awk '$NF ~ /clamd/ { print $2 }'` > /dev/null 2>&1
      ;;
   'reload' )
      # Reload virus databases
      kill -USR2 `ps -ef | awk '$NF ~ /clamd/ { print $2 }'` > /dev/null 2>&1
      ;;
   *)
      echo "usage: $0 {start|stop|reload}"
esac

vi /etc/init.d/clamav-milter

Add:

#!/bin/sh

CLAMAV_MILTER_SOCKET=/var/run/clamav/clamav-milter.sock

case $1 in
   'start' )
      [ -r $CLAMAV_MILTER_SOCKET ] && rm $CLAMAV_MILTER_SOCKET
      /usr/local/sbin/clamav-milter --max-children=2 $CLAMAV_MILTER_SOCKET
      ;;
   'stop' )
      kill `ps -ef | awk '$NF ~ /clamav-milter/ { print $2 }'` > /dev/null 2>&1
      ;;
   *)
      echo "usage: $0 {start|stop}"
esac

chmod 755 /etc/init.d/clamd /etc/init.d/clamav-milter
chown root:root /etc/init.d/clamd /etc/init.d/clamav-milter

ln -s /etc/init.d/clamd /etc/rc2.d/S86clamd
ln -s /etc/init.d/clamav-milter /etc/rc2.d/S87clamav-milter

14. Start clamd
/etc/init.d/clamd start

15. Send sendmail a SIGHUP to begin using clamav-milter.
kill -HUP `head -1 /var/run/sendmail.pid`

Back to brandonhutchinson.com.
Last modified: 12/06/2005