Install ClamAV on Plesk Linux

ClamAV implementation on Plesk is pretty simple and straight forward.

Lets install ClamAV on Plesk linux server :

Step 1

Install EPEL repository , but make it as disable to avoid package conflict with Plesk repository.

# rpm –Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

# sed -i 's/^\(enabled\s*=\s*\).*$/\10/' /etc/yum.repos.d/epel.repo

Step 2

Install all ClamAV packages from EPEL repository

# yum install –enablerepo=epel clamav clamd clamav-milter

Step 3

Update virus database

# freshclam

Step 4

Add the clamd and clamav-milter to syatem startup script and start clamd service

# chkconfig clamd on

# chkconfig clamav-milter on

Step 5

Adjust clamav-milter to work with existing postfix milter program

Change and uncomment the following lines in /etc/clamav-milter.conf

# Default: unset (don't drop privileges)

User postfix

AddHeader Add

OnInfected Reject

OnFail Defer

Step 6

Start clamd deamon and clamav-milter services

# service clamd start

# service clamav-milter start

Step 7

Change the milter program in /etc/postfix/main.cnf

Replace the following line

smtpd_milters=unix:/var/run/clamav/clamav-milter.sock

Step 9

Reload postfix service to take effect

# service posrfix reload

Is it really working?

Lets make some test to check if the ClamAV is working

Test Environment

Plesk 12.5 [10.0.50.14] , Centos 6

Domain : cos601.tld

admin@cos601.tld


Plesk 12.5 [10.0.50.15], Centos 7

Domain : cos701.tld

admin@cos701.tld

Here is the test result:

Jun 18 10:27:47 pp1253 postfix/smtpd[8838]: connect from unknown[10.0.50.15]

Jun 18 10:27:47 pp1253 postfix/smtpd[8838]: 37935F681B6: client=unknown[10.0.50.15]

Jun 18 10:27:47 pp1253 postfix/cleanup[8843]: 37935F681B6: message-id=<efb98b9e2eb5b5b6015d26c4fa84b749@cos701.tld>

Jun 18 10:27:47 pp1253 postfix/cleanup[8843]: 37935F681B6: milter-reject: END-OF-MESSAGE from unknown[10.0.50.15]: 5.7.1 Command rejected; from=<admin@cos701.tld> to=<admin@cos601.tld> proto=ESMTP helo=<pp1253.cos7x64.nhit.local>

Jun 18 10:27:47 pp1253 postfix/smtpd[8838]: disconnect from unknown[10.0.50.15]

It is clearly visible that the mail has been rejected by milter. It’s time to secure web content

On Linux there is no real-time antivirus, in this case you could run a clamscan in cron during quiet periods

Add the following command to Plesk scheduler task to scan /var/www/vhosts/ directory and a summery mail will be sent to your mailbox

clamscan --tempdir=/tmp/ --infected --recursive /var/www/vhosts/ | mail -s "Clamscan Report" admin@cos601.tld

Congratulation’s! You have successfully installed clamav on Plesk linux server. Thanks for using this tutorial to install clamav on Plesk linux serer .

Advertisements

Comments are closed.