Instructions are valid for Windows 2008 or R2 versions.
For those first timers
or the ones that want to move from the outdated ClamAv/tbb version to the Win32 version 
, here is what you need to do.Prerequisits
1. Download the latest release package of hmailserver from http://www.hmailserver.com/index.php?page=download
2. Download the latest package of ClamAv from http://sourceforge.net/projects/clamav/ ... mav/win32/ Donwload the I386 package for 32 bit OS and the X86_64 for 64 bit OS
3. Download/extract/copy srvany.exe from the Windows server 2003 resource toolkit to C:\Windows\System32 folder
4. Download the ClamSup and rsync packages provided by our good friend Steve for use with sanesecurity signatures http://hideout.ath.cx/clamav/
Installation
1. Install hmailserver. Manuals can be found on the site.
2. Extract the clamav package and copy the extracted clamav folder to the root of C:
3. Extract the rsync package
4. Extract the clamsup package
5. Copy the contents of the extracted rsync folder to the extracted clamsup folder
6. Copy the clamsup folder to the root of C:\clamav folder
7. Copy and paste the clamd.conf and freshclam.conf files from C:\ClamAV\conf_examples to the root of C:\Clamav folder
8. Delete or comment out the word Example found in both config files on line 8
9. Modify both files to meet your needs (usually default settings are well balanced). Be careful do not uncomment or modify the line of temporary folder in clamd.conf
10. Do not uncomment or modify the database path in both config files. Leave the default settings
11. Modify the LOCALFOLDER variable in C:\ClamSup\Clamsup.cfg file to point to C:\ClamAv\Database
12. Create two new folders on the root of C:\ClamAv. Name it database and Logs
13. Uncomment the LogFile variable in clamd.conf to point to C:/ClamAv/Logs/clamd.log
14. Uncomment the UpdateLogFile variable in freshclam.conf file to point to C:/ClamAv/logs/freshclam.log
15. Navigate through command prompt to C:\ClamAv directory and run Clamd.exe, as this will launch the clamd service
16. Run freshclam.exe and wait until it downloads the databases and notifies the clamd service about it
17. CD to ClamSup directory and run clamsup.bat. This will download all Sanesecurity signature databases (will take some time), once download is complete, restart the clamd (close the command prompt windows and repeat step 15). This step will help to load all the signatures
18. At this point you should check the clamd logs to see if there are any errors.
19. Now configure hmailserver to use clamav
20. Go to antivirus, external virus scanner, check the use external scanner button and enter the following for the executable
C:\clamav\clamdscan.exe --config-file=C:\clamav\clamd.conf "%FILE%"
Return value should be 1, save and exit.
21. At this point your hmailserver is already using clamav to scan for viruses
Install ClamD service
• Launch the command prompt
• Type the following command to create the ClamD service sc.exe create ClamD binPath= C:\Windows\System32\srvany.exe
• At this point launch your services applet and check to see the newly created ClamD service
• Go to recovery tab and choose restart service for all three failures cases, click ok
• Do not start the service yet
• Now launch the registry editor (regedit)
• Navigate to HKEY local machine, system, current control set, services, clamD. Right click it and create a new key name it Parameters
• Right click Parameters and create new string value, name it Application, right click Application key, then modify and enter this C:\ClamAv\Clamd.exe -c C:\ClamAv\Clamd.conf , click ok
• Launch taskmanager, find and end the process ClamD
• From the services start the CLamD Service.
Note: You can also use nssm downloadable from http://nssm.cc/ to create the service. But some of my tests went wrong with it, as it made the server highly nervous abd unstable.
After Installation Tasks
.Now you should run the Eicar virus test at this website http://www.mtgsy.net/dns/virustest.php. Enter your email address and click submit, if you don"t get the email, good news. Check the clamd log to see that the eicar virus was caught by ClamAv.
.NOw using task scheduler create two tasks to upgrade your virus databses.
The first call it Clamav Update, Action=Start a Program, Program/script=C:\clamav\freshclam.exe, Add Arguments= --config-file=C:\clamav\freshclam.conf
The second to update the SaneSecurity signatures, Action= Start a Program, Program/scripts= C:\clamav\ClamSup\ClamSup.bat
Make sure both tasks run every hour or so, everyday for 24 hours.
PS: Restarting the server at this point if possible, is a good idea.
Happy Messaging
Credits: http://www.hmailserver.com/forum/viewtopic.php?f=12&t=21500
0 comments:
Post a Comment