Recently I had to test clamd/clamAV to do this today just to make sure my antivirus scanner was working. I’m a big fan of not installing antivirus software for e-mails, because I strongly believe SpamAssassin eliminates it however, sometimes your clients or e-mails have been around for years – and these days it’s getting even harder to eliminate spam and viruses.
The first step (if you have not already), is to follow my tutorial to eliminate spam using SpamAssassin. You’ll install some custom rules which will help you enormously reduce receiving spam for all e-mail accounts. SpamAssassin uses rules to help combat spam (and only spam). Sometimes when viruses are sent SpamAssassin deals with it and marks it as spam because it checks the IP of the sender using RBLs. When SpamAssassin fails to mark the virus message as spam – you’ll end up with a virus in your e-mail inbox.
That’s where ClamAV comes in!
I did not have ClamAV installed on my VestaCP machine. Luckily it’s a very simple task. Install ClamAV for VestaCP. By default, VestaCP installs ClamAV on systems with 3GB or more of RAM.
Test Clamd/ClamAV
This test will not work if you send an e-mail to the recipient on the same server.
Compose a new e-mail using a third party e-mail account (like gMail) and using the following code anywhere in the e-mail:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Now, send that email.
You should not receive that e-mail at all if ClamAV is working correctly. To double check to make sure it has been removed you can view the ClamAV log /var/log/clamav/clamd.log
and in that file you should see a line something like this:
/var/spool/exim/scan/1c5Fsw-0008GM-N1/1c5Fsw-0008GM-N1.eml: Eicar-Test-Signature FOUND
That’s it!
You may use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>