ClamAV Porblem: The standard SmarterMail install of ClamAV is very poor at catching basic viruses, trojans, and other malware, what to speak about zero-hour virus protection. Currently any .zip file attachment can contain a .exe, .js, .pdf payload and ClamAV will not catch it. The below solution has the ability to stop a lot of spam. Essentially all you’re doing is adding thousands of additional signatures to ClamAV and automating hourly updates to catch the newest threats.
How to greatly improve ClamAV virus/trojan/ransomware catching ability even zero-hour virus protection
- Download pre-configured package from this link: http://www.hostbreak.com/downloads/clamav.rar.You will be downloading a file named ClamAV.rar. You may scan it for Virus, it is clean.
- Go to your SmarterMail server and rename “C:\Program Files (x86)\SmarterTools\SmarterMail\Service\clam” to “clam.orig” .
- Extract ClamAV.rar to C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam
- If necessary edit \Clamsup\Clamsup.cfg and adjust the path. Usually, the default settings will work. If your SmarterMail program files are installed on C:\Program Files (x86)…. you don’t need to do any editing, etc. If you’ve installed SmarterMail on a different drive or path you will need to edit the ClamSup.cfg file to represent the proper paths.
- Create a schedule task to run “C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\ClamSup\ClamsUp.bat” every 1-hour. Verify the schedule task can run without errors.
- When you Run the ClamSup.bat file it will download all the signatures to your ClamAV installation “C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav”. There is a built in delay in the batch file so ClamAV can validate each new signature. It may take 10 minutes or so for the batch file to complete.
- Open SmarterMail webmail, log in as admin, go to Security > Antispam Administration, Click ClamAV and then click Update ClamAV button.
- To verify that your ClamSup installation is working properly take a look at your C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav folder (or whatever your path may be). You should see a total of 20+ files and one folder called “SIG_TMP” (this temp folder holds the new verified signatures to be integrated into ClamAV and can be ignored).
To receive latest zero-hour signatures from www.securiteinfo.com:
- Signup at https://www.securiteinfo.com/clients/customers/account.
- After signup go to Setup tab, copy the URLs and paste them in your freshclam.conf.
- Run ClamAV update through Update ClamAV button.
That’s it! You and your customers are now protected to maximum length against latest viruses.
For any comments or assistance write us notify [AT] hostbreak [dot] com