Document information

Document ID: 4655
Subject: Integrating Xeams with a third party anti virus
Creation date: 12/14/15 4:35 PM
Last modified on: 1/20/22 10:09 AM


Integration with third party anti-virus


Xeams can be configured to work with ClamAV, an open source anti-virus software. This document provides step-by-step instructions. The goal is to run ClamAV in daemon mode. Once this is done, besides running its own anti-virus rules, Xeams will consult with ClamAV in determining if an email contains a virus.

We recommend you run ClamAV on a dedicated Linux machine. We recommend Linux over Windows because it uses less resources and can be trimmed down to exactly what you need it for. In fact, you can run Linux as a Virtual machine either using VMWare or VirtualBox on any host. You can also install ClamAV on the same machine where Xeams is running, if that is what you prefer.

Integration

There are two ways to integrate Clam-AV:
Method 1
  • Download a pre-built virtual machine from here. This VM has Clam-AV pre-installed and configured
  • Login to Xeams' Admin Console as admin
  • Click Clam-AV Integration under Server Configuration
  • Specify the IP Address/Host name of the machine where ClamAV is running and click Save
  • Once values are saved, Xeams will send a test virus to ClamAV, which should be detected if ClamAV is working fine
Method 2
  • Download ClamAV from http://www.clamav.net for your appropriate platform
  • Run ClamAV in daemon mode. Click here for details.
  • Login to Xeams' Admin Console as admin
  • Click Clam-AV Integration under Server Configuration
  • Specify the IP Address/Host name of the machine where ClamAV is running and click Save
  • Once values are saved, Xeams will send a test virus to ClamAV, which should be detected if ClamAV is working fine

Troubleshooting common problems

  • Ensure ClamAV is running in daemon mode
  • If Xeams is able to connect but a test virus is not detected, update virus signatures in ClamAV
  • Ensure a firewall is not blocking communication between Xeams and ClamAV daemon








User comments

Posted by Richard on 4/25/17 12:34 PM

got this working on SBS2008sp2. I followed info in this thread. http://www.xeams.com/app?operation=forum&st=viewOneArticle&id=3248 The post has a link to blogDOTcampodoroDOTorg/?p=269 This is a setup guide for another client, but works for Xeams. My only issue was downloads. Had to manually download and put in the db folder, then restart the service.

Posted by ThyTe on 9/19/16 11:43 AM

Quem estiver com dificuldade de instalar o Clamav Daemon: 1 - aptitude install clamav clamav-daemon libclamav-dev 2 - dpkg-reconfigure clamav-base 3 - "Socket type: TCP " - "TCP port clamd will listen on: 3310" - "IP address clamd will listen on: 127.0.0.1" Para todas as outras perguntas, deixe o padrão!

Posted by Marius on 6/23/15 4:18 AM

Hi, you should reconfigure Clam-AV dpkg-reconfigure clamav-base then select TCP socked insted of unix, select port, address and many other (link that helped me: https://www.howtoforge.com/how-to-integrate-clamav-through-mod_clamav-into-proftpd-for-virus-scanning-on-debian-lenny) After thees steps I added Antivirus thru Xeams web interface (Server Configuration -> Clam-AV Integration), test was successful and in Clam-AV log started to fill with reccords (Tue Jun 23 11:03:46 2015 -> stream(127.0.0.1@1953): Eicar-Test-Signature(44d88612fea8a8f36de82e1278abb02f:68) FOUND) I think now it working correctly. Ubuntu 14.04.


Add a comment to this document

Do you have a helpful tip related to this document that you'd like to share with other users?

Important: This area is reserved for useful tips. Therefore, do not post questions here. Instead, use our public forums to post questions.