src/clamsmtpd.8


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

.Dd July, 2004
.Dt clamsmtpd 8
.Os clamsmtp 
.Sh NAME
.Nm clamsmtpd
.Nd an SMTP server for scanning viruses via clamd
.Sh SYNOPSIS
.Nm
.Op Fl c Ar clamaddr
.Op Fl d Ar level
.Op Fl D Ar tmpdir
.Op Fl h Ar header
.Op Fl l Ar listenaddr
.Op Fl m Ar maxconn
.Op Fl p Ar pidfile
.Op Fl t Ar timeout
.Ar serveraddr
.Sh DESCRIPTION
.Nm
is an SMTP filter that allows you to check for viruses via using ClamAV
virus software. It accepts SMTP connections and forwards the SMTP commands
and responses to another SMTP server. 
.Pp
The DATA email body is intercepted and scanned before forwarding. Email with 
viruses are rejected and logged without any additional action taken.
.Pp
.Nm
aims to be lightweight and simple rather than have a myriad of options. Your
basic usage would look like the following (Be sure to see the SECURITY section
below):
.Pp
.Dl clamsmtpd -c /path/to/clam.sock mysmtp.com:25
.Pp
The above command would start 
.Nm
listening on port 10025 (the default) and forward email to mysmtp.com on port 25. 
It also specifies the socket where 
.Xr clamd 8
is listening for connections.
.Sh OPTIONS
The options are as follows:
.Bl -tag -width Fl
.It Fl c 
.Ar clamaddr 
specifies the address to connect to 
.XR clamd 8
on. See syntax of addresses below. 
[Default:  
.Pa /var/run/clamav/clamd
]
.It Fl d 
Don't detach from the console and run as a daemon. In addition the 
.Ar level
argument specifies what level of error messages to display. 0 being 
the least, 4 the most.
.It Fl D
.Ar tmpdir 
is the directory to write temp files too. This directory needs to be 
accessible to both 
.Xr clamd 8
and 
.Nm
[Default:
.Pa /tmp
]
.It Fl h
.Ar header
is a header to add to scanned messages. Add a blank argument to not add 
a header. [Default: 'X-AV-Checked: ClamAV using ClamSMTP']
.It Fl l
.Ar listenaddr
is the address and port to listen for SMTP connections on. See syntax of 
addresses below. [Default: port 25 on all local IP addresses] 
.It Fl m
.Ar maxconn 
specifies the maximum number of connections to accept at once. 
[Default: 64]
.It Fl p
This option causes 
.Nm
to write a file with the daemon's process id, which can be used to stop the 
daemon.
.Ar pidfile 
is the location of the file.
.It Fl t
.Ar timeout
is the number of seconds to wait while reading data from network connections.
[Default: 180 seconds]
.It serveraddr
The address of the SMTP server to send email to once it's been scanned. This
option must be specified. See syntax of addreses below.
.El
.Sh LOGGING
.Nm
logs to 
.Xr syslogd 
by default under the 'mail' facility. You can also output logs to the console
using the 
.Fl d 
option.
.Sh SECURITY
There's no reason to run this daemon as root. It is meant as a filter and should
listen on a high TCP port. It's probably a good idea to run it using the same 
user as the 
.Xr clamd 8
daemon. This way the temporary files it writes are accessible to 
.Xr clamd 8
.Pp
Care should be taken with the directory that 
.Nm
writes its temporary files to. In order to be secure, it should not be a world
writeable location. Specify the directory using the 
.Fl t
option.
.Sh ADDRESSES
Addresses can be specified in multiple formats:
.Bl -bullet
.It 
Unix local addresses can be specified by specifying their full path. 
(ie: '/var/run/clamav/clamd').
.It 
IP addresses can be specified using dotted notation with a colon before
the port number (ie: '127.0.0.1:3310').
.It 
IPv6 addresses can be specified using bracketted notation with a colon 
before the port number (ie: '[::1]:3310')
.El
.Sh SEE ALSO
.Xr clamd 8 ,
.Xr clamdscan 1 
.Sh AUTHOR
.An Nate Nielsen Aq nielsen@memberwebs.com