## ## Example config file for clamav-milter ## # Comment or remove the line below. #Example ## ## Main options ## # Define the interface through which we communicate with sendmail # This option is mandatory! Possible formats are: # [[unix|local]:]/path/to/file - to specify a unix domain socket # inet:port@[hostname|ip-address] - to specify an ipv4 socket # inet6:port@[hostname|ip-address] - to specify an ipv6 socket # # Default: no default #MilterSocket /tmp/clamav-milter.socket MilterSocket inet:7357 # Define the group ownership for the (unix) milter socket. # Default: disabled (the primary group of the user running clamd) #MilterSocketGroup virusgroup # Sets the permissions on the (unix) milter socket to the specified mode. # Default: disabled (obey umask) #MilterSocketMode 660 # Remove stale socket after unclean shutdown. # # Default: yes #FixStaleSocket yes # Run as another user (clamav-milter must be started by root for this option # to work) # # Default: unset (don't drop privileges) User clamav # Waiting for data from clamd will timeout after this time (seconds). # Value of 0 disables the timeout. # # Default: 120 #ReadTimeout 300 # Don't fork into background. # # Default: no #Foreground yes # Chroot to the specified directory. # Chrooting is performed just after reading the config file and before # dropping privileges. # # Default: unset (don't chroot) #Chroot /newroot # This option allows you to save a process identifier of the listening # daemon (main thread). # This file will be owned by root, as long as clamav-milter was started by # root. It is recommended that the directory where this file is stored is # also owned by root to keep other users from tampering with it. # # Default: disabled #PidFile /var/run/clamav-milter.pid PidFile /var/clamav/run/clamav-milter.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). # #TemporaryDirectory /var/tmp TemporaryDirectory /tmp ## ## Clamd options ## # Define the clamd socket to connect to for scanning. # This option is mandatory! Syntax: # ClamdSocket unix:path # ClamdSocket tcp:host:port # The first syntax specifies a local unix socket (needs an absolute path) e.g.: # ClamdSocket unix:/var/run/clamd/clamd.socket # The second syntax specifies a tcp local or remote tcp socket: the # host can be a hostname or an ip address; the ":port" field is only required # for IPv6 addresses, otherwise it defaults to 3310, e.g.: # ClamdSocket tcp:192.168.0.1 # # This option can be repeated several times with different sockets or even # with the same socket: clamd servers will be selected in a round-robin # fashion. # # Default: no default #ClamdSocket tcp:scanner.mydomain:7357 ClamdSocket unix:/var/clamav/run/clamd.sock ## ## Exclusions ## # Messages originating from these hosts/networks will not be scanned # This option takes a host(name)/mask pair in CIRD notation and can be # repeated several times. If "/mask" is omitted, a host is assumed. # To specify a locally originated, non-smtp, email use the keyword "local" # # Default: unset (scan everything regardless of the origin) #LocalNet local #LocalNet 192.168.0.0/24 #LocalNet 1111:2222:3333::/48 # This option specifies a file which contains a list of basic POSIX regular # expressions. Addresses (sent to or from - see below) matching these regexes # will not be scanned. Optionally each line can start with the string "From:" # or "To:" (note: no whitespace after the colon) indicating if it is, # respectively, the sender or recipient that is to be allowed. # If the field is missing, "To:" is assumed. # Lines starting with #, : or ! are ignored. # # Default unset (no exclusion applied) #AllowList /etc/allowed_addresses # Messages from authenticated SMTP users matching this extended POSIX # regular expression (egrep-like) will not be scanned. # As an alternative, a file containing a plain (not regex) list of names (one # per line) can be specified using the prefix "file:". # e.g. SkipAuthenticated file:/etc/good_guys # # Note: this is the AUTH login name! # # Default: unset (no allowing based on SMTP auth) #SkipAuthenticated ^(tom|dick|henry)$ # Messages larger than this value won't be scanned. # Make sure this value is lower or equal than StreamMaxLength in clamd.conf # # Default: 25M #MaxFileSize 10M ## ## Actions ## # The following group of options controls the delivery process under # different circumstances. # The following actions are available: # - Accept # The message is accepted for delivery # - Reject # Immediately refuse delivery (a 5xx error is returned to the peer) # - Defer # Return a temporary failure message (4xx) to the peer # - Blackhole (not available for OnFail) # Like Accept but the message is sent to oblivion # - Quarantine (not available for OnFail) # Like Accept but message is quarantined instead of being delivered # # NOTE: In Sendmail the quarantine queue can be examined via mailq -qQ # For Postfix this causes the message to be placed on hold # # Action to be performed on clean messages (mostly useful for testing) # Default: Accept #OnClean Accept # Action to be performed on infected messages # Default: Quarantine #OnInfected Quarantine # Action to be performed on error conditions (this includes failure to # allocate data structures, no scanners available, network timeouts, # unknown scanner replies and the like) # Default: Defer #OnFail Defer # This option allows to set a specific rejection reason for infected messages # and it's therefore only useful together with "OnInfected Reject" # The string "%v", if present, will be replaced with the virus name. # Default: MTA specific #RejectMsg # If this option is set to "Replace" (or "Yes"), an "X-Virus-Scanned" and an # "X-Virus-Status" headers will be attached to each processed message, possibly # replacing existing headers. # If it is set to Add, the X-Virus headers are added possibly on top of the # existing ones. # Note that while "Replace" can potentially break DKIM signatures, "Add" may # confuse procmail and similar filters. # Default: no #AddHeader Replace AddHeader Add # When AddHeader is in use, this option allows to arbitrary set the reported # hostname. This may be desirable in order to avoid leaking internal names. # If unset the real machine name is used. # Default: disabled #ReportHostname my.mail.server.name # Execute a command (possibly searching PATH) when an infected message is # found. # The following parameters are passed to the invoked program in this order: # virus name, queue id, sender, destination, subject, message id, message date. # Note #1: this requires MTA macroes to be available (see LogInfected below) # Note #2: the process is invoked in the context of clamav-milter # Note #3: clamav-milter will wait for the process to exit. Be quick or fork to # avoid unnecessary delays in email delivery # Default: disabled #VirusAction /usr/local/bin/my_infected_message_handler ## ## Logging options ## # Uncomment this option to enable logging. # LogFile must be writable for the user running daemon. # A full path is required. # # Default: disabled #LogFile /tmp/clamav-milter.log LogFile /var/clamav/log/clamav-milter.log # By default the log file is locked for writing - the lock protects against # running clamav-milter multiple times. # This option disables log file locking. # # Default: no #LogFileUnlock yes # Maximum size of the log file. # Value of 0 disables the limit. # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size # in bytes just don't use modifiers. If LogFileMaxSize is enabled, log # rotation (the LogRotate option) will always be enabled. # # Default: 1M LogFileMaxSize 2M # Log time with each message. # # Default: no #LogTime yes # Use system logger (can work together with LogFile). # # Default: no LogSyslog yes # Specify the type of syslog messages - please refer to 'man syslog' # for facility names. # # Default: LOG_LOCAL6 #LogFacility LOG_MAIL # Enable verbose logging. # # Default: no LogVerbose yes # Enable log rotation. Always enabled when LogFileMaxSize is enabled. # Default: no #LogRotate yes # This option allows to tune what is logged when a message is infected. # Possible values are Off (the default - nothing is logged), # Basic (minimal info logged), Full (verbose info logged) # Note: # For this to work properly in sendmail, make sure the msg_id, mail_addr, # rcpt_addr and i macroes are available in eom. In other words add a line like: # Milter.macros.eom={msg_id}, {mail_addr}, {rcpt_addr}, i # to your .cf file. Alternatively use the macro: # define(`confMILTER_MACROS_EOM', `{msg_id}, {mail_addr}, {rcpt_addr}, i') # Postfix should be working fine with the default settings. # # Default: disabled LogInfected Basic # This option allows to tune what is logged when no threat is found in # a scanned message. # See LogInfected for possible values and caveats. # Useful in debugging but drastically increases the log size. # Default: disabled #LogClean Basic # This option affects the behaviour of LogInfected, LogClean and VirusAction # when a message with multiple recipients is scanned: # If SupportMultipleRecipients is off (the default) # then one single log entry is generated for the message and, in case the # message is determined to be malicious, the command indicated by VirusAction # is executed just once. In both cases only the last recipient is reported. # If SupportMultipleRecipients is on: # then one line is logged for each recipient and the command indicated # by VirusAction is also executed once for each recipient. # # Note: although it's probably a good idea to enable this option, the default # value # is currently set to off for legacy reasons. # Default: no #SupportMultipleRecipients yes