rpms/clamav/devel README.fedora,1.3,1.4

ensc ensc at fedoraproject.org
Sat Aug 1 09:44:43 UTC 2009 

Author: ensc

Update of /cvs/extras/rpms/clamav/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1526

Modified Files:
	README.fedora 
Log Message:
fixed inconsistencies
added EXAMPLE section for milter setup



Index: README.fedora
===================================================================
RCS file: /cvs/extras/rpms/clamav/devel/README.fedora,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- README.fedora	8 Mar 2009 14:49:39 -0000	1.3
+++ README.fedora	1 Aug 2009 09:44:42 -0000	1.4
@@ -29,10 +29,10 @@ A clamav-milter setup consists of the fo
   --> you should know how to install this...
 
   When communicating across unix sockets with the clamav-milter, it is
-  suggested to use the /var/run/clamav-milter/clamav.sock path.  You
-  have to add something like
+  suggested to use the /var/run/clamav-milter/clamav-milter.socket
+  path.  You have to add something like
 
-    INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav-milter/clamav.sock, F=, T=S:4m;R:4m')dnl
+    INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav-milter/clamav-milter.socket, F=, T=S:4m;R:4m')dnl
 
   to your sendmail.mc.
 
@@ -40,3 +40,79 @@ A clamav-milter setup consists of the fo
 
 It is suggested that components communicate through TCP sockets as
 this eases setup.  Please add corresponding packet filter rules!
+
+
+EXAMPLE
+=======
+
+For clamav-milter, a possible setup might be created by
+
+A)  On the MTA  (assumed hostname 'host-mta')
+
+  1. Add to sendmail.mc
+
+    | INPUT_MAIL_FILTER(`clamav', `S=inet:6666 at host-milter, F=, T=S:4m;R:4m')dnl
+
+  2. Rebuild sendmail.cf
+
+
+B)  On the clamav-milter host (assumed hostname 'host-milter')
+
+  1. Install clamav-milter + clamav-milter-upstart packages
+
+  2. Set in /etc/mail/clamav-milter.conf
+
+    | MilterSocket	inet:6666
+    | ClamdSocket	tcp:host-scanner:6665
+
+     and all the other options which are required on your system
+
+  3. Edit /etc/event.d/clamav-milter and uncomment the both
+
+    | start on starting\ local
+    | start on starting local
+
+     lines. Restart your system or execute
+
+    | initctl emit starting local
+
+  4. Add something like
+
+    | iptables -N IN-cmilt
+    | iptables -A IN-cmilt -s host-mta -j ACCEPT
+    | iptables -A IN-cmilt -j DROP
+
+    | iptables -A INPUT -p tcp --dport 6666 -j IN-cmilt
+
+     to your firewall setup
+
+C)  On the clamav-scanner host (assumed hostname 'host-scanner')
+
+  1. Install clamav-scanner + clamav-scanner-upstart packages
+
+  2. Add to /etc/clamd.d/scan.conf
+
+    | TCPSocket 6665
+    | TCPAddr   host-scanner
+
+     comment out possible 'LocalSocket' lines and set all the other
+     options which are required on your system
+
+  3. Edit /etc/event.d/clamav-scanner and uncomment the both
+
+    | start on starting\ local
+    | start on starting local
+
+     lines. Restart your system or execute
+
+    | initctl emit starting local
+
+  4. Add something like
+
+    | iptables -N IN-cscan
+    | iptables -A IN-cscan -s host-milter -j ACCEPT
+    | iptables -A IN-cscan -j DROP
+
+    | iptables -A INPUT -p tcp --dport 6665 -j IN-csan
+
+     to your firewall setup

More information about the fedora-extras-commits mailing list