MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
May
Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
2008
Months
Jan Feb Mar
Apr MayJun
Jul Aug Sep
Oct Nov Dec


Sat, May 10, 2008 10:33 pm

Adding Another MIME Type to Apache

I posted a Microsoft Agent .acs file on my Apache webserver. I tried to download the file to a Windows XP system with a web browser, but when I opened the URL, the browser attempted to display the file rather than giving me the option to download it.

To rectify the problem, I had to add another MIME type to the Apache webserver httpd.conf file. I edited /etc/httpd/conf/httpd.conf and added an AddType line for the .acs file extension.

#
# AddType allows you to add to or override the MIME configuration
# file mime.types for specific file types.
#
#AddType application/x-tar .tgz
AddType application/octet-stream .acs

I then restarted the Apache webserver with apachectl restart. Afterwards when I visited the URL again, I was prompted as to whether I wanted to download the file.

References:

  1. Apache Module mod_mime
    The Apache Server Project
  2. Help: Unable to serve XBAP from Apache?
    Posted: August 29, 2006
    Vista Forums

[/network/web/server/apache] permanent link

Sat, May 10, 2008 7:51 pm

Using Clamav-Milter With Sendmail

For a CentOS 5.1 email server, I wanted to check email passing through the server with Clam AntiVirus I installed the clamav-milter package for sendmail with yum install clamav-milter. I had previously installed support for the RPMForge repository as described in RPMForge Packages and Yum Priorites, which allowed me to use yum to download and install clamav and clamav-milter on the system. Since clamav, clamav-db, and clamd were dependencies for clamav-milter, they were installed as well when I ran yum install clamav-milter.

After the packages were installed, I check the ClamAV definitions with the freshclam command. 

# freshclam -V
ClamAV 0.93/6688/Wed Apr  9 10:40:38 2008

I verified that the version of sendmail on the system provides milter support with sendmail -d0 < /dev/null | grep MILTER. If sendmail provides milter support, MILTER will be listed in the output. Sendmail 8.13 enables MILTER support by default. See Clam AntiVirus Milter Setup and Debugging for details on how to add MILTER support for prior versions.

# sendmail -d0 < /dev/null | grep MILTER
                MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6

According to Clam AntiVirus Milter Setup and Debugging, the libmilter* library must be installed on the system to use clamav-milter, so I checked for the presence of libmilter files with locate libmilter, but none were listed. The instructions suggested that if the library is not installed, one should "go to the Sendmail source directory, change into the libmilter subdirectory and run the install script." But there was no sendmail source directory on the system, since sendmail had been installed through a package when I initially set up the system. Since the instructions also stated "Some operating systems provide MILTER support via a port or package", I thought I would just proceed to see what happened.

The next step listed was to configure clamav with --enable-milter . I presumed that was already taken care of when I installed the clamav-milter package, so I proceeded to the "configure clamd.conf" step. I checked /etc/clamd.conf, but didn't make any changes.

The installation of the clamav-milter package placed two files in /etc/init.d. 

# ls -l /etc/init.d/clam*
-rwxr-xr-x 1 root root 1258 Mar  7  2007 /etc/init.d/clamav-milter
-rwxr-xr-x 1 root root 1130 Nov  1  2006 /etc/init.d/clamd

It also installed and turned on two system services.

# chkconfig --list clamd
clamd           0:off   1:off   2:on    3:on    4:on    5:on    6:off
# chkconfig --list clamav-milter
clamav-milter   0:off   1:off   2:on    3:on    4:on    5:on    6:off

I started the Clam AntiVirus daemon with /etc/init.d/clamd

# vi /etc/init.d/clamd
# /etc/init.d/clamd start
Starting Clam AntiVirus Daemon:                            [  OK  ]

You then need to configure sendmail for clamav-milter support. If you try launching clamav-milter first, you will get the error shown below:

# /etc/init.d/clamav-milter start
Starting Clamav Milter Daemon: clamav-milter: socket-addr (local:/var/clamav/clm
ilter.socket) doesn't agree with sendmail.cf
                                                           [FAILED]

So I put the following line as the last line in /etc/mail/sendmail.mc 

INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav-milter.sock, F=T, T=S:4m;R:4m')

I then rebuilt the sendmail.cf file from sendmail.mc with the following command:

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

When I tried restarting sendmail, though, I received a warning message:

# /etc/init.d/sendmail restart
Shutting down sm-client:                                   [  OK  ]
Shutting down sendmail:                                    [  OK  ]
Starting sendmail: WARNING: Xclmilter: local socket name /var/run/clamav/clmilte
r.sock missing
                                                           [  OK  ]
Starting sm-client:                                        [  OK  ]

I then looked in /etc/sysconfig/clamav-milter and saw the following: 

### Simple config file for clamav-milter, you should
### read the documentation and tweak it as you wish.

CLAMAV_FLAGS="
    --config-file=/etc/clamd.conf
    --force-scan
    --local
    --max-children=10
    --noreject
    --outgoing
    --quiet
"
SOCKET_ADDRESS="local:/var/clamav/clmilter.socket"

Since according to the SOCKET_ADDRESS in that file, clmilter.socket was expected in /var/clamav, I modified the line I added to the end of /etc/mail/sendmail.mc to be as shown below: 

INPUT_MAIL_FILTER(`clmilter', `S=local:/var/clamav/clmilter.socket, F=T, T=S:4m;R:4m')

I then rebuilt the sendmail.cf file from sendmail.mc, restarted clamav-milter, and restarted sendmail. 

# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# /etc/init.d/clamav-milter restart
Stopping Clamav Milter Daemon:                             [FAILED]
Starting Clamav Milter Daemon: Your LANG environment variable is set to 'en_US.U
TF-8'
This is known to cause problems for some clamav-milter installations.
If you get failures with temporary files, please try again with LANG unset.
LibClamAV Error: cl_cvdhead: Can't open file /var/clamav/daily.inc/daily.info
Loaded ClamAV version 0.93, clamav-milter version 0.93
ClamAV: Protecting against 280776 viruses
                                                           [  OK  ]
# /etc/init.d/sendmail restart
Shutting down sm-client:                                   [  OK  ]
Shutting down sendmail:                                    [  OK  ]
Starting sendmail:                                         [  OK  ]
Starting sm-client:                                        [  OK  ]

The "failed" for the restart of clamav-milter was probably because it wasn't started at the time; so I could have used clamav-milter start. I also saw an error message regarding "LibClamAV Error: cl_cvdhead: Can't open file /var/clamav/daily.inc/daily.info", but when I sent a test message to an account on another system, I saw "X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93" in the message's headers. I saw the same header in a message I sent from the account on the other system to the one running ClamAV. I also saw the header "X-Virus-Status: Clean". So ClamAV appeared to be scanning incoming and outgoing email.

References:

  1. Clam AntiVirus Milter Setup and Debugging
    Jeremy Mates's Domain
  2. Installing clamav-milter on FreeBSD
    Ring of Saturn Internetworking

[/network/email/sendmail] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo