1

Topic: Regularly update ClamAV

==== Required information ====
- iRedMail version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Related log if you're reporting an issue:
======== Required information ====
- iRedMail version: 0.8.4
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Scientific Linux release 6.4 (Carbon)
- Related log if you're reporting an issue:
    WARNING: Your ClamAV installation is OUTDATED!
    WARNING: Local version: 0.97.7 Recommended version: 0.98.1
====

Hello,
Is it possible to regularly update version ClamAV from http://iredmail.org/yum/rpms/6/ ?

Regards

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Regularly update ClamAV

clamav does updates of virusbases automatically - either via clamav-freshclam daemon or cron job.

If you talk about application itself, it's up to admin to keep the system up to date... I personally use cronjob which periodically downloads available packages and sends out email notification if there is new version of any package on the system available. I then install new version manually.

I wouldn't recommend to automatize the installation. Many things can go wrong and you can end up with not working system in mid of night.

3

Re: Regularly update ClamAV

Hello,
Thanks for the explanation! If the question is not set correctly  to be understood I will adjust it.
The question was asked, because the section for branch 5 in the RHEL based distributions for some time has a renewal http://iredmail.org/yum/rpms/5/clamd-0. … x86_64.rpm but unfortunately in the section for branch 6 http://iredmail.org/yum/rpms/6/ the last available is clamav-0.97.7-1.el6.rf.x86_64.rpm.
Therefore I'm asking if a regular update will be made, or there are some concerns about it and therefore the latest available version in the section for branch 6 is 0.97.7-1 ?
It is repeatedly commented in the forum, that the correct practice is to update packages from the repo of iredmail.
Regards

4

Re: Regularly update ClamAV

Eh, sorry - I misunderstood your question :-) On my system (debian) iRedMail uses clamav from distribution...

5

Re: Regularly update ClamAV

Hi anniva,

Since iRedMail-0.8.5, iRedMail enables EPEL yum repo by default, and installs ClamAV from EPEL. So if you're running iRedMail-0.8.5 and later releases, it's ok to update clamav with 'yum update'.

If you're running iRedMail-0.8.4 or earlier versions, you can download RPM packages manually from repoforge and update them:
http://pkgs.repoforge.org/clamav/

6

Re: Regularly update ClamAV

Thanks for the clarification !

Thread is closed.

7 (edited by hata_ph 2014-02-27 09:21:43)

Re: Regularly update ClamAV

Sorry for hijack this thread but since iRedMail-0.8.6 enable EPEL repo by default, it is safe to run yum update from 3rd party repo?
Should it not use yum-plugin-priorities?

Currently I am manually update the clamav packages via below line with epel repo disable

yum install clamav clamav-db clamd --enablerepo=epel

8

Re: Regularly update ClamAV

If your iRedMail server was installed with old iRedMail versions, it's not safe to update ClamAV from EPEL, because it requires different permissions on some directories. But if you fix them after installation manually, it's ok.

9

Re: Regularly update ClamAV

I have manually upgrade iRedMail to 0.8.6, does that work with clamav packages from EPEL?
May I know what directories that I need change the permission?

10

Re: Regularly update ClamAV

I'm sorry that i forgot the directory and permission. You can find this in our forum with Google: "clamav epel site:www.iredmail.org/forum".

11

Re: Regularly update ClamAV

thanks for the info...
I am using clamav-0.98.1 from epel and notice it work out of the box without any permission error

[root@mail ~]# yum list installed | grep clam
clamav.i686             0.98.1-1.el6      @epel
clamav-db.i686          0.98.1-1.el6      @epel
clamd.i686              0.98.1-1.el6      @epel

here is the folder permision of /var/spool/amavisd/tmp

[root@mail amavisd]# ls -all
total 28
drwxr-x---. 7 amavis amavis 4096 Feb 28 04:39 .
drwxr-xr-x. 9 root   root   4096 Jul 21  2012 ..
srwxr-x---  1 amavis amavis    0 Feb 28 04:39 amavisd.sock
drwx------. 2 amavis amavis 4096 Feb 28 04:39 db
drwx------. 2 amavis amavis 4096 Feb 28 08:56 quarantine
drwxr-x---. 2 amavis amavis 4096 Dec 26  2012 .razor
drwx------. 2 amavis amavis 4096 Jul 21  2012 .spamassassin
drwxr-x---. 4 amavis amavis 4096 Feb 28 08:56 tmp
[root@mail amavisd]# pwd
/var/spool/amavisd
[root@mail amavisd]#

I just test send an eicar virus files on iRedMail-0.8.6 and it can detect and quarantine it without any error or problem...

Feb 28 08:56:12 mail amavis[18569]: (18569-10) Blocked INFECTED (), MYUSERS <root@xxx.org> -> <xxx@xxx.org>, quarantine: virus-H27u2bpCC57C, Message-ID: <20140228005607.7851ABF6A4@xxx.org>, mail_id: H27u2bpCC57C, Hits: -, size: 1229, 4575 ms
Feb 28 08:56:13 mail postfix/cleanup[20972]: 54F05C1B4E: message-id=<VAH27u2bpCC57C@xxx.org>
Feb 28 08:56:13 mail postfix/qmgr[1430]: 54F05C1B4E: from=<postmaster@xxx.org>, size=2388, nrcpt=1 (queue active)
Feb 28 08:56:13 mail postfix/local[20982]: 9E339C0784: to=<root@xxx.org>, relay=local, delay=0.95, delays=0.25/0.26/0/0.43, dsn=2.0.0, status=sent (forwarded as 54F05C1B4E)
Feb 28 08:56:13 mail postfix/qmgr[1430]: 9E339C0784: removed
Feb 28 08:56:13 mail postfix/smtp[20975]: 7851ABF6A4: to=<xxx@xxx.org>, relay=127.0.0.1[127.0.0.1]:10024, delay=6.5, delays=0.97/0.15/0.37/5, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=18569-10 - INFECTED: )
Feb 28 08:56:13 mail postfix/qmgr[1430]: 7851ABF6A4: removed
Feb 28 08:56:15 mail postfix/pipe[20983]: 54F05C1B4E: to=<www@xxx.org>, relay=dovecot, delay=1.8, delays=0.15/0.09/0/1.6, dsn=2.0.0, status=sent (delivered via dovecot service)

http://www.iredmail.org/forum/topic4636 … pdate.html

12 (edited by hata_ph 2014-03-18 16:44:35)

Re: Regularly update ClamAV

After update the clamav-0.98.1 from EPEL repo, I notice below error from the freshclam cron job.
If you manually run freshclam it can update without error.
My previous clamav version is 0.97.7 from http://iredmail.org/yum/rpms/6/

ERROR: Can't create temporary directory /var/lib/clamav/clamav-c284f40417148d3c0acdbe1fafeb8e71.tmp
Hint: The database directory must be writable for UID 499 or GID 498

It seem you need to change the DatabaseOwner from clamav to clam under /etc/freshclam.conf

DatabaseOwner clam

Change below settings in /etc/clamd.conf

User clam

Change ownership from clamav to clam

chown clam:clam /var/log/clamav/
chown clam:clam /var/clamav/

Dun forget to add clam user to the amavis group

[root@mail spool]# usermod -a -G amavis clam
[root@mail spool]# id clam
uid=495(clam) gid=495(clam) groups=495(clam),496(amavis)

13

Re: Regularly update ClamAV

Thanks for your sharing. smile