Install ClamAV from FreeBSD ports

  1. Make sure your sendmail installation support MILTER.

    # sendmail -d0.1 < /dev/null | grep MILTER

    If we find word MILTER then we could proceed.

  2. Instal ClamAV from ports (it's better to update ports collection first).

    # cd /usr/ports/security/clamav
    # make -D WITH_MILTER
    # make -D WITH_MILTER install

  3. If installation succeed we will have these files:

    /usr/local/bin/clamscan
    /usr/local/bin/clamdscan
    /usr/local/bin/freshclam
    /usr/local/bin/sigtool
    /usr/local/sbin/clamav-milter
    /usr/local/sbin/clamd

  4. ClamAV configuration file is clamd.conf. Edit /usr/local/etc/clamd.conf:

    LogFile /var/log/clamav/clamd.log
    LogFileMaxSize 10M
    PidFile /var/run/clamav/clamd.pid
    DatabaseDirectory /var/db/clamav
    LocalSocket /var/run/clamav/clamd

  5. Run clamd daemon

    # /usr/local/etc/rc.d/clamav-clamd.sh start

    When running, clamd will create socket /var/run/clamav/clamd

  6. Run clamav-milter daemon

    # /usr/local/etc/rc.d/clamav-milter.sh start

  7. Run freshclam daemon

    # /usr/local/etc/rc.d/clamav-freshclam.sh start

  8. Configuring clamav-milter in sendmail.cf

    Edit sendmail macro configuration (mc) file and this line:

    INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m')
    Note: mc file is /etc/mail/hostname.mc
    After editing mc file do these steps:
    # make
    # make install
    # make restart
    first "make" to copy configuration from hostname.mc to hostname.cf
    "make install" will install hostname.cf to sendmail.cf
    "make restart" to restart sendmail daemon

  9. ClamAV installation will create 3 start up file at /usr/local/etc/rc.d/ :

    /usr/local/etc/rc.d/clamav-clamd.sh
    /usr/local/etc/rc.d/clamav-freshclam.sh
    /usr/local/etc/rc.d/clamav-milter.sh

    To start up clamd, milter and freshclam at system boot edit /etc/rc.conf, and add these line:

    clamav_clamd_enable="YES"
    clamav_milter_enable="YES"
    clamav_milter_flags="-loeP -m20"
    clamav_milter_socket="/var/run/clamav/clmilter.sock"
    clamav_freshclam_enable="YES"
    clamav_freshclam_flags="-d -c 12"

  10. Run freshclam via cron, add these line at crontab -e:

    0 0 * * * /usr/local/bin/freshclam --quiet -l /var/log/clamav/freshclam.log --daemon-notify=/usr/local/etc/clamd.conf

    Make sure /var/log/clamav/freshclam.log is writable by clamav user