Import my exiscan-acl clamd virus scanner integration notes.

I can't say enough good things about clamd.

2 files changed, 78 insertions, 1 deletions

diff --git a/mail/exim/files/POST-INSTALL-NOTES.clamd b/mail/exim/files/POST-INSTALL-NOTES.clamd
new file mode 100644
index 000000000000..cfc7b0ab405e
--- /dev/null
+++ b/mail/exim/files/POST-INSTALL-NOTES.clamd
@@ -0,0 +1,74 @@
+The following steps will enable clamd malware scanning using exiscan ACLs.
+It is important to follow them in sequence.
+
+*  Install security/clamav from the ports tree.
+
+*  Add user clamav to the mail group in /etc/group.
+
+*  Create /var/log/clamav and /var/run/clamav, and change the ownership
+   of both to clamav:clamav.
+
+*  In Exim's configure file, set av_scanner=clamd:/var/run/clamav/clamd
+
+*  Adjust the exiscan ACLs in Exim's configure file.  Make sure you use
+   the demime option with the malware check, e.g.:
+
+   deny message = This message contains malware ($malware_name)
+	demime  = *
+	malware = *
+
+*  Edit clamav.conf as follows:
+
+	LogFile /var/log/clamav/clamd.log
+	PidFile /var/run/clamav/clamd.pid
+	LocalSocket /var/run/clamav/clamd
+	User clamav
+	AllowSupplementaryGroups
+	ScanArchive
+
+   You may wish to make other changes as well.
+
+*  Install the shell script included at the end of these instructions as
+   /usr/local/etc/rc.d/clamd.sh, taking care to make it executable.
+
+*  Run freshclam.
+
+*  Add a cron job that runs freshclam --daemon-notify --quiet at least
+   once a day.
+
+*  Start clamd with /usr/local/etc/rc.d/clamd.sh start .
+
+*  Start Exim with /usr/local/etc/rc.d/exim.sh start .
+
+Sheldon Hearn <sheldonh@FreeBSD.org>
+
+#!/bin/sh
+#
+PREFIX=/usr/local
+CLAMAV_BIN=${PREFIX}/sbin
+
+case $1 in
+start)
+    [ -x ${CLAMAV_BIN}/clamd ] && {
+	${CLAMAV_BIN}/clamd
+	echo -n ' clamd'
+    }
+    ;;
+
+stop)
+	kill `cat /var/run/clamav/clamd.pid`
+	if [ $? = 0 ] ; then
+		echo -n ' clamd'
+	fi
+    ;;
+
+restart)
+	/usr/local/etc/rc.d/clamd.sh stop && \
+		/usr/local/etc/rc.d/clamd.sh start
+    ;;
+
+*)
+    echo "usage: `basename $0` {start|stop|restart}" >&2
+    exit 64
+    ;;
+esac
diff --git a/mail/exim/files/POST-INSTALL-NOTES.exiscan-acl b/mail/exim/files/POST-INSTALL-NOTES.exiscan-acl
index 29988db9e86e..148e6d1fe082 100644
--- a/mail/exim/files/POST-INSTALL-NOTES.exiscan-acl
+++ b/mail/exim/files/POST-INSTALL-NOTES.exiscan-acl
@@ -2,7 +2,10 @@ This installation of Exim includes Exiscan content scanning support,
 from http://duncanthrax.net/exiscan-acl/, which is documented in
 ${PREFIX}/share/doc/exim/exiscan-acl-spec.txt.  The ports tree
 includes various content scanners that might be useful, e.g.
-mail/p5-Mail-SpamAssassin and security/vscan.
+mail/p5-Mail-SpamAssassin and security/clamav.
+
+Notes for enabling malware scanning with the excellent clamd scanner
+are in ${PREFIX}/share/doc/exim/POST-INSTALL-NOTES.clamd.
 
 When Exiscan is actually enabled in the Exim configure file, great
 care should be taken to test upgrades, since Exiscan updates tend