## ## Config file for the clamav-milter daemon ## # Uncomment this option to enable logging. # LogFile must be writable for the user running daemon. # A full path is required. # Default: disabled #LogFile /var/log/clamav/clamav-milter.log # The LogFile is written to the /dev/console if it is disabled. So, real disabling LogFile /dev/null # This option allows you to save a process identifier of the listening # daemon (main thread). # Default: disabled PidFile /var/run/clamav/clamav-milter.pid # Path to a local socket file the daemon clamd will listen on. # Default: disabled LocalSocket /var/lib/clamav/clamd.socket # Remove stale socket after unclean shutdown. # Default: disabled FixStaleSocket yes # Run as a selected user (clamd must be started by root). # Default: disabled User mail # Initialize supplementary group access (clamav-milter must be started by root). # Default: disabled #AllowSupplementaryGroups # Maximal number of threads running at the same time. # Default: 10 MaxThreads 50 # Waiting for data from a client socket will timeout after this time (seconds). # Value of 0 disables the timeout. # Default: 120 #ReadTimeout 300 # Close the connection when the data size limit is exceeded. # The value should match your MTA's limit for a maximal attachment size. # Default: 10M #StreamMaxLength 20M # Enable verbose logging to LogFile. # Default: disabled #LogVerbose # Use system logger (can work together with LogFile). # Default: disabled LogSyslog yes # Specify the type of syslog messages - please refer to 'man syslog' # for facility names. # Default: LOG_LOCAL6 LogFacility LOG_MAIL # TCP port address. # Default: disabled #TCPSocket 3310 # TCP address. # By default we bind to INADDR_ANY, probably not wise. # Enable the following to provide some degree of protection # from the outside world. # Default: disabled #TCPAddr 127.0.0.1 # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). #TemporaryDirectory /var/tmp # Do not remove temporary files (for debug purposes). # Default: disabled #LeaveTemporaryFiles # Don't fork into background. # Default: disabled #Foreground # By default the log file is locked for writing - the lock protects against # running clamd multiple times (if want to run another clamd, please # copy the configuration file, change the LogFile variable, and run # the daemon with --config-file option). # This option disables log file locking. # Default: disabled #LogFileUnlock # Maximal size of the log file. # Value of 0 disables the limit. # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size # in bytes just don't use modifiers. # Default: 1M LogFileMaxSize 5M # Log time with each message. # Default: disabled LogTime yes # Also log clean files. Useful in debugging but drastically increases the # log size. # Default: disabled #LogClean # By default clamd uses scan options recommended by libclamav. This option # disables recommended options and allows you to enable selected ones below. # DO NOT TOUCH IT unless you know what you are doing. # Default: disabled #DisableDefaultScanOptions # # ! # ! Parameters for not external mode (without clamd) # ! # # Path to the database directory. # Default: hardcoded (depends on installation options) DatabaseDirectory /var/lib/clamav # Enable internal e-mail scanner. # Default: enabled ScanMail yes ## ## Executable files ## # PE stands for Portable Executable - it's an executable file format used # in all 32-bit versions of Windows operating systems. This option allows # ClamAV to perform a deeper analysis of executable files and it's also # required for decompression of popular executable packers such as UPX, FSG, # and Petite. # Default: enabled ScanPE yes # With this option clamav will try to detect broken executables and mark # them as Broken.Executable # Default: disabled #DetectBrokenExecutables ## ## Documents ## # This option enables scanning of Microsoft Office document macros. # Default: enabled ScanOLE2 yes ## ## Mail files ## # If an email contains URLs ClamAV can download and scan them. # WARNING: This option may open your system to a DoS attack. # Never use it on loaded servers. # Default: disabled #MailFollowURLs ## ## HTML ## # Perform HTML normalisation and decryption of MS Script Encoder code. # Default: enabled ScanHTML yes ## ## Archives ## # ClamAV can scan within archives and compressed files. # Default: enabled ScanArchive yes # The options below protect your system against Denial of Service attacks # using archive bombs. # Files in archives larger than this limit won't be scanned. # Value of 0 disables the limit. # Default: 10M #ArchiveMaxFileSize 15M # Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR # file, all files within it will also be scanned. This options specifies how # deep the process should be continued. # Value of 0 disables the limit. # Default: 8 #ArchiveMaxRecursion 9 # Number of files to be scanned within an archive. # Value of 0 disables the limit. # Default: 1000 #ArchiveMaxFiles 1500 # If a file in an archive is compressed more than ArchiveMaxCompressionRatio # times it will be marked as a virus (Oversized.ArchiveType, e.g. Oversized.Zip) # Value of 0 disables the limit. # Default: 250 #ArchiveMaxCompressionRatio 300 # Use slower but memory efficient decompression algorithm. # only affects the bzip2 decompressor. # Default: disabled #ArchiveLimitMemoryUsage # Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). # Default: disabled #ArchiveBlockEncrypted # Mark archives as viruses (e.g. RAR.ExceededFileSize, Zip.ExceededFilesLimit) # if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is # reached. # Default: disabled #ArchiveBlockMax