Viruses are often distributed by email. It is therefore important to use an anti-virus scanner for the security of your mail server. In this article, we show you how to use ClamAV as a virus scanner for a mail server with Exim and Dovecot in Ubuntu or Debian.
- The steps in this article require a VPS with Ubuntu or Debian which has Exim and Dovecot installed. In this tutorial, we explain how to set up Exim and Dovecot.
- Install ClamAV in advance with the option to scan automatically, see our ClamAV tutorials for Ubuntu and Debian. Please note that ClamAV is a RAM-intensive program and will easily use +- 1GB.
- Execute the commands in this article using sudo, or as a root user.
Step 1
Connect to your VPS via SSH or the VPS console in the TransIP control panel.
Step 2
Open the Exim configuration:
nano /etc/exim4/exim4.conf.template
Step 3
Look for the piece called 'av_scanner'. Exim is automatically configured to use ClamAV but has set the wrong socket location for this. Adjust the value so that it looks like this:
av_scanner = clamd:/var/run/clamd.scan/clamd.sockThen look for 'acl_check_data' and remove the # for the lines below:
deny malware = * message = This message was detected as possible malware ($malware_name).
Step 4
Then, add the ClamAV user to the Exim group so ClamAV can scan Exim files, and the Exim user to the virus group so it can use the ClamAV socket:
usermod -aG Debian-exim clamav
usermod -aG clamav Debian-exim
Step 5
Finally, update the Exim configuration and restart ClamAV and Exim to process all changes (the restart of clamd@scan may take a while):
update-exim4.conf
systemctl restart clamav-daemon
systemctl restart exim4
This brings us to the end of this guide. In addition to a virus scanner, we highly recommend that you also add a malware scanner to your mail server, see this article.
Should you have any questions left regarding this article, do not hesitate to contact our support department. You can reach them via the ‘Contact Us’ button at the bottom of this page.