NAME
clamsmtpd.conf - the configuration file for clamsmtpd(8)
DESCRIPTION
clamsmtpd(8) reads a configuration file when starting up. The location of
the file is dependent on how you compiled clamsmtp but it should usually
be in either the /usr/local/etc/ or /etc/ directories. If clamsmtpd(8)
does not find its configuration file it’ll print a warning when it starts
up along with the location it’s expecting to find it in. You can also
specify a different location for a config file by passing the -f argument
to clamsmtpd(8)
The settings are specified one per line. The setting names come first,
followed by a colon and then the value. Comments start with the ’#’
character on a line of their own. Whitespace is ignored at the beginning
of line, end of line and around the colons.
A sample configuration file can be found in the doc/ directory of the
clamsmtp distribution.
SETTINGS
The various settings are as follows:
Action This option controls what clamsmtpd(8) does when it finds a
virus. The options are:
bounce Bounce the email. In most cases this is not a good
idea since many viruses spoof sender addresses.
drop Silently drop the email. Recommended.
pass Pass on the email. Inserts an ’X-Virus-Infected’ header.
[ Default: drop ]
ClamAddress
Specifies the address to connect to clamd(8) on. See syntax
of addresses below.
[ Default: /var/run/clamav/clamd ]
Header A header to add to scanned messages. Put an empty value to
suppress adding a header. You can include the following
special formatting characters in the string to include
special values:
%i Client IP Address
%l Local IP Address
%d Current Date
You can also include the standard \r or \n escapes.
[ Default: ’X-Virus-Scanned: ClamAV using ClamSMTP’ ]
KeepAlives On slow connections the server will sometimes timeout before
clamsmtpd(8) is finished scanning the file. This option sends
NOOP’s to the server to keep the connection alive. Specify
the number of seconds, or 0 to disable.
[ Default: 0 ]
Listen The address and port to listen for SMTP connections on. See
syntax of addresses below.
[ Default: port 10025 on all local IP addresses ]
PidFile Specifies a location for the a process id file to be written
to. This file contains the process id of clamsmtpd.conf and
can be used to stop the daemon. If the -p argument is passed
on the command line, then this setting will be ignored.
[ Default: none ]
Quarantine Quarantine files that contain viruses by leaving them in the
TempDirectory directory. The file names look like this (where
X is a random character or number): virus.XXXXXX
[ Default: off ]
MaxConnections
Specifies the maximum number of connections to accept at
once. clamd(8) also needs to be setup to accept at least
this number of connections.
[ Default: 64 ]
OutAddress The address of the SMTP server to send email to once it’s
been scanned. See syntax of addreses below.
[ Required ]
TempDirectory
The directory to write temp files to. This directory needs to
be accessible to both clamd(8) and clamsmtpd(8)
[ Default: /tmp ]
TimeOut The number of seconds to wait while reading data from network
connections.
[ Default: 180 seconds ]
TransparentProxy
This option enables transparent proxy support, which allows
you to route all SMTP traffic that’s going through a gateway
through clamsmtp which will then send it on to its final
destination. This setup usually involves firewall rules which
redirect traffic to clamsmtp, and the setup varies from OS to
OS.
[ Default: off ]
User The user to run as. If this option is specified then
clamsmtpd(8) must be started as root. It will then drop root
privileges and run as the specified user. The user can either
be a name or a numerical user id.
[ Optional ]
VirusAction
This is a command to run when a virus is found. See the VIRUS
ACTION section in clamsmtpd(8) for a discussion of this
option.
[ Default: off ]
XClient Send an XCLIENT command to the receiving server. This is
useful for forwarding client addresses and connection info to
servers that support this feature.
[ Default: off ]
ADDRESSES
Addresses can be specified in multiple formats:
· Unix local addresses can be specified by specifying their full path.
(ie: ’/var/run/clamav/clamd’).
· IP addresses can be specified using dotted notation with a colon
before the port number (ie: ’127.0.0.1:3310’).
· IPv6 addresses are implemented but disabled. The code needs testing.
SEE ALSO
clamsmtpd(8)
AUTHOR
Stef Walter 〈stef@memberwebs.com〉