• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Clamav

Kulturmensch

Regular Pleskian
I installed a new server with Plesk Obsidian and Ubuntu 20.X.LTS together with the free version of Plesk E-Mail-Security (amavis, spamass.) For the predecessor (Plesk Obsidian and Ubuntu 18.X.LTS) I had also installed clamav and it worked fine together with the free version of Plesk E-Mail-Security .
Currently I have some problems to install clamav again in my current setup.

Does anybody know a good recipe how to get clamav work showing up an av-header in each processed E-Mail by amavis?
 
Have you already read both of these pages?



If yes, but neither have answered your question, then you'll need to post ALL of the actual issues that you're experiencing, here on the forum, so that anybody that's using ClamAV can help; "some problems" is just generic text ;) Or, you could post a Plesk Support ticket if you're in a rush to fix this
 
Have you already read both of these pages?



If yes, but neither have answered your question, then you'll need to post ALL of the actual issues that you're experiencing, here on the forum, so that anybody that's using ClamAV can help; "some problems" is just generic text ;) Or, you could post a Plesk Support ticket if you're in a rush to fix this
Thank you for your response and yes, I know both articles. For my old server (ubuntu 18.*.LTS+Obsidian) I followed the guide of "Protect Mail Boxes against Spam and Viruses" and it seamless worked together with the free version of Plesk-EMailsecurity. Repeating this procedure again for my new server (ubuntu 18.*.LTS+Plesk Obsidian). I am faceing the problem, that no lines like "X-Virus-Scanned: amavisd-new at ..." appear in the header of my E-Mails.
This should happen by uncommenting:
@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
in the amavis-conf file.
Here could be my first problem. Which is the right conf-file?
1634461540059.png
 
This is the recent log:
clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: Global time limit set to 120000 milliseconds.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: Global size limit set to 104857600 bytes.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: File size limit set to 26214400 bytes.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: Recursion level limit set to 16.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: Files limit set to 10000.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: MaxScriptNormalize limit set to 5242880 bytes.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: MaxPartitions limit set to 50.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: MaxIconsPE limit set to 100.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: MaxRecHWP3 limit set to 16.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: PCREMatchLimit limit set to 10000.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: PCRERecMatchLimit limit set to 5000.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Limits: PCREMaxFileSize limit set to 26214400.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Archive support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> AlertExceedsMax heuristic detection disabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Heuristic alerts enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Portable Executable support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> ELF support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Mail files support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> OLE2 support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> PDF support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> SWF support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> HTML support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> XMLDOCS support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> HWP3 support enabled.
Oct 17 20:45:55 h2828820 clamd[20353]: Sun Oct 17 20:45:55 2021 -> Self checking every 3600 seconds.

Clamav seems to work but I suppose, that the interactivity between clamav and amavis does not work.
 
So, spending some hours to search for the misconfiguration I eventually succeeded. Now my e-mails are checked by clamav and this is stated in the e-mail header, too. Major problems found:
1. a service.smtpclamav sym-linked to dev0 (maybe the rest of an earlier attempt to get clamav work).
2. a problem with the freshclam-DB wich did not appear in the logs.
3. Delete the conf. @bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); in amavis conf-file as produce bei Plesk-Email (99-email-security) but kept it in 15-content_filter_mode (as provided by clamav)
Unexpected long way for me, so I hope Plesk will provide clamav as part of Plesk-EMail in future to save at least time of other users.
 
Hi,
just to add my experience with the same. I also installed Clamav manually on Ubuntu 20.04.3 plus Plesk 18.0.39. I run into the same problem + Plesk Email Security Extension installed. Solution for me:

First I followed the following guide: Setting Up Amavis and ClamAV on Ubuntu Mail Server - LinuxBabe from Step 3 (obviously the Step 1 and 2 are allready performed by installing the Plesk Security Extension).

Nevertheless I also run this "sudo adduser amavis clamav" in additon. Following this guide solved for me also what Kulturmensch probably ment with Problem 2.

Still it just worked after I removed from 99-email-security in /etc/amavis/conf.d/ file the line.
1635180660305.png

Hope this helps others as well. Not mentioning that it is a shame that Plesk does not offer this by default, since this clamav is open-source.
 
Back
Top