Unixhops linux, howtos, tutorials, guides, linux commands
Plesk provide 2 antivirus software with its default installation.
Odin Premium Antivirus
Kaspersky Antivirus (Required separate license)
Dr.Web antivirus is used as “Odin Premium Antivirus” on Plesk Linux. Visit Dr.Web website for more information.
The major drawback of Odin Premium Antivirus is it scans mailbox only.
I was looking for a solution, which can scan the mailboxs as well as web contents uploaded by end user.
Finally I found ClamAV, which can be used with postfix milter, as well as it can scan file system.
ClamAV implementation on Plesk is pretty simple and straight forward.
Lets install ClamAV on Plesk linux server :
Step 1
Install EPEL repository , but make it as disable to avoid package conflict with Plesk repository.
# rpm –Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm # sed -i 's/^\(enabled\s*=\s*\).*$/\10/' /etc/yum.repos.d/epel.repo
Step 2
Install all ClamAV packages from EPEL repository
# yum install –enablerepo=epel clamav clamd clamav-milter
Step 3
Update virus database
# freshclam
Step 4
Add the clamd and clamav-milter to syatem startup script and start clamd service
# chkconfig clamd on # chkconfig clamav-milter on
Step 5
Adjust clamav-milter to work with existing postfix milter program
Change and uncomment the following lines in /etc/clamav-milter.conf
# Default: unset (don't drop privileges) User postfix AddHeader Add OnInfected Reject OnFail Defer
Step 6
Start clamd deamon and clamav-milter services
# service clamd start # service clamav-milter start
Step 7
Change the milter program in /etc/postfix/main.cnf
Replace the following line
smtpd_milters=unix:/var/run/clamav/clamav-milter.sock
Step 9
Reload postfix service to take effect
# service posrfix reload
Is it really working?
Lets make some test to check if the ClamAV is working
Test Environment
Plesk 12.5 [10.0.50.14] , Centos 6 Domain : cos601.tld admin@cos601.tld Plesk 12.5 [10.0.50.15], Centos 7 Domain : cos701.tld admin@cos701.tld
I have tried to send a mail from admin@cos701.tld to admin@cos601.tld with EICAR: Anti-Malware Test File attached.
Here is the test result:
Jun 18 10:27:47 pp1253 postfix/smtpd[8838]: connect from unknown[10.0.50.15] Jun 18 10:27:47 pp1253 postfix/smtpd[8838]: 37935F681B6: client=unknown[10.0.50.15] Jun 18 10:27:47 pp1253 postfix/cleanup[8843]: 37935F681B6: message-id=<efb98b9e2eb5b5b6015d26c4fa84b749@cos701.tld> Jun 18 10:27:47 pp1253 postfix/cleanup[8843]: 37935F681B6: milter-reject: END-OF-MESSAGE from unknown[10.0.50.15]: 5.7.1 Command rejected; from=<admin@cos701.tld> to=<admin@cos601.tld> proto=ESMTP helo=<pp1253.cos7x64.nhit.local> Jun 18 10:27:47 pp1253 postfix/smtpd[8838]: disconnect from unknown[10.0.50.15]
It is clearly visible that the mail has been rejected by milter.
Its time to secure web content
On Linux there is no real-time antivirus, in this case you could run a clamscan in cron during quiet periods
Add the following command to Plesk scheduler task to scan /var/www/vhosts/ directory and a summery mail will be sent to your mailbox
clamscan --tempdir=/tmp/ --infected --recursive /var/www/vhosts/ | mail -s "Clamscan Report" admin@cos601.tld
Congratulation’s! You have successfully installed clamav on Plesk linux server. Thanks for using this tutorial to install clamav on Plesk linux serer .
Is it possible to have an update for PleskOnyx on Cent Os 7.6 ?
The same tutorial is applicable for Onyx as well.
Onyx maybe the same but CentOS 7 i beleive there are major changes, in EPEL Repo first and then the service’s and isntall names i believe have changed . Is there a possibility of an update on your topic ?
I will update by this weekend.
Hi! Thanks for the tutorial.
Any ideas why i get those errors trying to install the packages? Ples Onyx, CentOS 6.8.
With: # rpm –Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
I get the rpm help/usages.
If i tweak the usage, i get:
warning: /var/tmp/rpm-tmp.TwLx4s: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
With: # yum install –enablerepo=epel clamav clamd clamav-milter
No package clamav available.
No package clamd available.
No package clamav-milter available.
Any ideas?
Thanks in advance!
what is the output of
# yum repolist
Thanks for your answer!
the output is:
Loaded plugins: fastestmirror, priorities
Loading mirror speeds from cached hostfile
* base: centos.aol.com
* extras: centos.aol.com
* updates: mirror.symnds.com
PLESK_17_NGINX | 2.9 kB 00:00
69 packages excluded due to repository priority protections
repo id repo name status
PLESK_17_0_17-extras PLESK_17_0_17 extras 36
PLESK_17_NGINX Nginx for Plesk 17.x 1
base CentOS-6 – Base 6,653+43
extras CentOS-6 – Extras 62
mt_dv_extras mediatemple extra packages for (dv) 1,100
updates CentOS-6 – Updates 680+26
repolist: 8,532
I have verified, there is no issue with official epel repo.
try with
# yum clean all
# yum install –enablerepo=epel clamav clamd clamav-milter
Same result =(
No package clamav available.
No package clamd available.
No package clamav-milter available.
Full response:
Loaded plugins: fastestmirror, priorities
Setting up Install Process
Determining fastest mirrors
* base: mirrors.advancedhosters.com
* extras: mirror.umd.edu
* updates: mirror.cogentco.com
PLESK_17_0_17-extras | 2.9 kB 00:00
PLESK_17_0_17-extras/primary_db | 29 kB 00:00
PLESK_17_NGINX | 2.9 kB 00:00
PLESK_17_NGINX/primary_db | 3.3 kB 00:00
base | 3.7 kB 00:00
base/primary_db | 4.7 MB 00:00
extras | 3.4 kB 00:00
extras/primary_db | 37 kB 00:00
mt_dv_extras | 951 B 00:00
mt_dv_extras/primary | 336 kB 00:00
mt_dv_extras 1100/1100
updates | 3.4 kB 00:00
updates/primary_db | 3.7 MB 00:00
69 packages excluded due to repository priority protections
No package clamav available.
No package clamd available.
No package clamav-milter available.
Error: Nothing to do
I am not sure, what making the problem.
It seems you are using mediatemple server. Can you ask them once.
No need to explain everything, just mention that I am trying to download clamav from epel but is is showing ‘no package available’
They dont event know whats causing the problem. “we dont have support for that”. Maybe some other repo is causing the issue? Maybe i can disable some of the other repos to make the install?
any output for
# yum search –enablerepo=epel clam
Yes, no matches found :\
# grep -iR ‘clam’ /etc/yum.repos.d/
# grep -iR ‘clam’ /etc/yum.conf
No output at all. =S
# mv /etc/yum.repos.d/epel.repo{,.bak}
# yum install epel-release
# yum search clam
Seems that the first line taked no effect, since, the output says that the epel-release is already installed (epel-release-6.8-noarch)
I would like to suggest you to check with MT support team or find some freelancer guy to check the issue by logging into the server.
Yeah probably that will be the best way to go. Thanks for all the help man.
Found the solution! Plesk repos created some sort of conflict with the epel repo. The solution is to disable all the other repos, and enable only the epel repo for the installation:
# yum install –disablerepo=* –enablerepo=epel clamav clamd clamav-milter
Hope this helps anyone with the same problem, using MediaTemple servers.
Hi,
I have CentOS 7, Plesk Onyx.
1. Following the above tutorial, after Step 6 I get clamav-milter.service failed:
# systemctl status clamav-milter.service
● clamav-milter.service – SYSV: A virus scanning milter
Loaded: loaded (/etc/rc.d/init.d/clamav-milter; bad; vendor preset: disabled)
Active: failed (Result: exit-code) since Sun 2017-04-23 05:25:26 EEST; 8s ago
Docs: man:systemd-sysv-generator(8)
Process: 27787 ExecStart=/etc/rc.d/init.d/clamav-milter start (code=exited, status=1/FAILURE)
Apr 23 05:25:26 ns.domain.com systemd[1]: Starting SYSV: A virus scanning milter…
Apr 23 05:25:26 ns.domain.com clamav-milter[27787]: Starting clamav-milter: ERROR: Please configure the MilterSocket directive
Apr 23 05:25:26 ns.domain.com clamav-milter[27787]: [FAILED]
Apr 23 05:25:26 ns.domain.com systemd[1]: clamav-milter.service: control process exited, code=exited status=1
Apr 23 05:25:26 ns.domain.com systemd[1]: Failed to start SYSV: A virus scanning milter.
Apr 23 05:25:26 ns.domain.com systemd[1]: Unit clamav-milter.service entered failed state.
Apr 23 05:25:26 ns.domain.com systemd[1]: clamav-milter.service failed.
Should I uncomment one or both lines from /etc/mail/clamav-milter.conf:
#MilterSocket /var/run/clamav-milter/clamav-milter.socket
#MilterSocket inet:7357
2. If I uncomment in /etc/mail/clamav-milter.conf only first (MilterSocket /var/run/clamav-milter/clamav-milter.socket), after Step 6 I get:
clamav-milter[29774]: No ClamdSocket specified
# systemctl status clamav-milter
● clamav-milter.service – SYSV: A virus scanning milter
Loaded: loaded (/etc/rc.d/init.d/clamav-milter; bad; vendor preset: disabled)
Active: active (exited) since Sun 2017-04-23 05:53:17 EEST; 4s ago
Docs: man:systemd-sysv-generator(8)
Process: 29768 ExecStop=/etc/rc.d/init.d/clamav-milter stop (code=exited, status=0/SUCCESS)
Process: 29771 ExecStart=/etc/rc.d/init.d/clamav-milter start (code=exited, status=0/SUCCESS)
Apr 23 05:53:17 ns.domain.com systemd[1]: Starting SYSV: A virus scanning milter…
Apr 23 05:53:17 ns.domain.com clamav-milter[29773]: +++ Started at Sun Apr 23 05:53:17 2017
Apr 23 05:53:17 ns.domain.com clamav-milter[29774]: No ClamdSocket specified
Apr 23 05:53:17 ns.domain.com clamav-milter[29771]: Starting clamav-milter: [ OK ]
Apr 23 05:53:17 ns.domain.com systemd[1]: Started SYSV: A virus scanning milter.
What ClamdSocket should I specify?
Thank you.
Hello,
i use centos 6.8 with onyx 17.5.3 and tried to install with
# yum install –enablerepo=epel clamav clamd clamav-milter
and
# yum install –disablerepo=* –enablerepo=epel clamav clamd clamav-milter
but i get the following output:
[root ~]# yum install –enablerepo=epel clamav clamd clamav-milter
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
No package clamav available.
No package clamd available.
No package clamav-milter available.
Error: Nothing to do
How can i fix this?