It’s fairly easy to get Exim and ClamAV to work together, but there are are couple of gotchas. I’m assuming that you’re using Debian (I used Debian Etch). First, install ClamAV:
apt-get install clamav clamav-daemon
Then uncomment and edit the av_scanner variable in your Exim configuration to look like the following:
av_scanner = clamd:/var/run/clamav/clamd.ctl
Next find the Exim acl_check_data ACL. There should be a configuration section that outputs a warning if the message contains malware. Uncomment the malware configuration and change warn to deny if you want to reject messages containing viruses. It should look like this when you’re finished:
deny
malware = *
message = This message was detected as possible malware ($malware_name).
Now, add ClamAV to the Debian-exim group so that Exim and ClamAV can work together.
usermod -G Debian-exim clamav
Finally, restart Exim:
/etc/init.d/exim4 restart
That’s it!
Pingback: Debugging Exim with a fake SMTP session at Trinity Net