http://www.extmail.org/forum/viewthread.php?tid=25355
1.更新CLAMAV:、
a) 配置YUM源:
http://blog.51yip.com/linux/1337.html
i. rpm -ivh
http://dl.fedoraproject.org/pub/ ... ease-6-8.noarch.rpm
ii. rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
iii. yum install yum-priorities
b) 更新CLAMAV
i. /etc/init.d/clamad stop /etc/init.d/postfix stop
ii. Yum install clamav
iii. 可能在更新前需要先更新:zlib 方法:yum -y install zlib zlib-devel
iv. 如果不想用这个YUM源了,则到/etc/yum.repos.d/将:vim epel.repo里
的enabled=1改成enabled=0就行了
v. 如果还是无法yum安装,则检查:
vi. 文件“/etc/yum.repos.d/epel.repo”, 将baseurl的注释取消, mirrorlist注释掉。即可。再次执行Yum install ClamAV命令
参考:
http://www.linuxidc.com/Linux/2015-05/117932.htm
vii. 执行
freshclam提示出错:
[
root@
mail ~]# freshclam
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
解决:
[root@mail log]# chown clamav.clamav /var/log/clamav/
[root@mail clamav]# /etc/init.d/clamd restart
Stopping Clam AntiVirus Daemon: [FAILED]
ERROR: LOCAL: Socket file /var/run/clamav/clamd.sock could not be bound: Permissiondenied
[FAILED]
解决:
[root@mail clamav]# chown clamav.clamav /var/run/clamav/
执行:
[root@mail clamav]# freshclam
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
如果还提示,那么请将/var/log/clamav/之前的文件全部删掉,然后重启clamav后会重建
日志,更新日志时也会建立clamav的更新日志。
viii. 如果设置正确的话,可以在系统中新建
virusalert@XXX.COM为名字的账户,拦截到的病毒
邮件会转到这个账户里,
测试病毒文件可以用:Eicar-Test-Signature,可以直接
下载一个作为
附件测试。
c) 问题与解决:
i. PID错误:
1. vim /var/log/clamav/clamd.log发现错误:ERROR: Can't unlink the pid file /var/run/clamav/clamd.pid
2. 解决:
http://wenku.baidu.com/link?url= ... c0O3t1LH2gDCBsHkd77
[root@mail clamav]# chown clamav.clamav /var/run/clamav/
[root@mail clamav]# /etc/init.d/clamd restart
Stopping Clam AntiVirus Daemon: [ OK ]
Starting Clam AntiVirus Daemon: [ OK ]
ii. 定时更新病毒库和杀毒:
每天晚上定时跟新和定时杀毒。保存杀毒日志,crontab -e
1 3 * * * /usr/bin//freshclam
20 3 * * * /usr/bin/clamscan -r /home --remove -l /var/log/clamscan.log
iii.
iv. 参考网站:
http://linuxguest.blog.51cto.com/195664/199632/ 包括注释Example与自动更新扫描等信息
[root@mail /]# rpm -qa |grep clamav
clamav-0.99-3.el6.x86_64
clamav-db-0.99-3.el6.x86_64
clamav-devel-0.99-3.el6.x86_64
[root@mail /]#