ClamAV is a popular free anti-virus software designed for detecting viruses, trojans, malwares and other malicious threats. It is commonly installed for use as mail gateway scanning from small, medium, and large scale companies. Before an email arrives or leaves mail server, this tool will scan the email to make sure it is clean.
In a previous post, I told you that my company’s mail server is using Postfix with ClamAV anti-virus running on top of Centos 5.5. The version of ClamAV is 0.95.2 which is out-dated because the current stable version of ClamAV is version 0.97.
To effectively fight with viruses, trojans and other threats using ClamAV, it is highly recommended that we have the latest software and virus database installed in the system. That’s why I have to immediately upgrade ClamAV to version 0.97.
Here is the step-by-step upgrading ClamAV on Centos 5.5:
Login to the Centos 5.5 machine using root / super user account.
Run ‘yum list clamav’ to see the available update of clamav.
# yum list clamav Loading "installonlyn" plugin Setting up repositories rpmforge 100% |=========================| 1.1 kB 00:00 base 100% |=========================| 1.1 kB 00:00 updates 100% |=========================| 1.9 kB 00:00 addons 100% |=========================| 951 B 00:00 extras 100% |=========================| 2.1 kB 00:00 Reading repository metadata in from local files Installed Packages clamav.i386 0.95.2-4.el5.rf installed Available Packages clamav.i386 0.97.3-1.el5.rf rpmforge
That shows that version 0.97.3-1 is now available for download. Run ‘yum update clamav’ to download and upgrade it.
# yum update clamav Loading "installonlyn" plugin Setting up Update Process Setting up repositories Reading repository metadata in from local files Resolving Dependencies --> Populating transaction set with selected packages. Please wait. ---> Downloading header for clamav to pack into transaction set. clamav-0.97.3-1.el5.rf.i3 100% |=========================| 9.5 kB 00:00 ---> Package clamav.i386 0:0.97.3-1.el5.rf set to be updated --> Running transaction check --> Processing Dependency: clamav = 0.95.2-4.el5.rf for package: clamd --> Restarting Dependency Resolution with new changes. --> Populating transaction set with selected packages. Please wait. ---> Downloading header for clamd to pack into transaction set. clamd-0.97.3-1.el5.rf.i38 100% |=========================| 6.4 kB 00:00 ---> Package clamd.i386 0:0.97.3-1.el5.rf set to be updated --> Running transaction check Dependencies Resolved =============================================== Package Arch Version Repository Size =============================================== Updating: clamav i386 0.97.3-1.el5.rf rpmforge 2.2 M Updating for dependencies: clamd i386 0.97.3-1.el5.rf rpmforge 242 k Transaction Summary =============================================== Install 0 Package(s) Update 2 Package(s) Remove 0 Package(s) Total download size: 2.5 M Is this ok [y/N]:
Type ‘y’ to continue the upgrading process.
Downloading Packages: (1/2): clamav-0.97.3-1.el 100% |=========================| 2.2 MB 00:05 (2/2): clamd-0.97.3-1.el5 100% |=========================| 242 kB 00:01 Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Updating : clamav [1/4]warning: /etc/freshclam.conf created as /etc/freshclam.conf.rpmnew Updating : clamav ######################### [1/4] Updating : clamd [2/4]warning: /etc/clamd.conf created as /etc/clamd.conf.rpmnew Updating : clamd ######################### [2/4] Cleanup : clamav ######################### [3/4] Cleanup : clamd ######################### [4/4] Updated: clamav.i386 0:0.97.3-1.el5.rf Dependency Updated: clamd.i386 0:0.97.3-1.el5.rf Complete!
The ClamAV upgrade process has been completed. Run ‘freshclam’ to update the virus database.
# freshclam ClamAV update process started at Fri Nov 25 20:24:54 2011 main.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) Downloading daily-13988.cdiff [100%] Downloading daily-13989.cdiff [100%] daily.cld updated (version: 13989, sigs: 31892, f-level: 60, builder: guitar) Downloading bytecode.cvd [100%] bytecode.cvd updated (version: 154, sigs: 38, f-level: 60, builder: edwin) Database updated (1076317 signatures) from db.se.clamav.net (IP: 192.121.13.5) Clamd successfully notified about the update.
Now it is time to restart the ClamAV service.
/etc/init.d/clamd restart
Try to send in or out an email. Check the maillog file at /var/log/maillog. You should see the log message something like ‘Passed CLEAN’ when a clean email come or out. If you encounter any problems, share by dropping comments below!