Viruses are often distributed by email. It is therefore important to use an anti-virus scanner for the security of your mail server. In this article, we show you how to use ClamAV as a virus scanner for a mail server with Exim and Dovecot in Ubuntu or Debian.

Step 1

Connect to your VPS via SSH or the VPS console in the TransIP control panel.

Step 2

Open the Exim configuration:

nano /etc/exim4/exim4.conf.template

Step 3

Look for the piece called 'av_scanner'. Exim is automatically configured to use ClamAV but has set the wrong socket location for this. Adjust the value so that it looks like this:

av_scanner = clamd:/var/run/clamd.scan/clamd.sock

Then look for 'acl_check_data' and remove the # for the lines below:

deny    
  malware    = *
  message    = This message was detected as possible malware ($malware_name).

Step 4

Then, add the ClamAV user to the Exim group so ClamAV can scan Exim files, and the Exim user to the virus group so it can use the ClamAV socket:

usermod -aG Debian-exim clamav
usermod -aG clamav Debian-exim

Step 5

Finally, update the Exim configuration and restart ClamAV and Exim to process all changes (the restart of clamd@scan may take a while):

update-exim4.conf
systemctl restart clamav-daemon
systemctl restart exim4

This brings us to the end of this guide. In addition to a virus scanner, we highly recommend that you also add a malware scanner to your mail server, see this article.

Should you have any questions left regarding this article, do not hesitate to contact our support department. You can reach them via the ‘ContactUs’ button at the bottom of this page.

If you want to discuss this article with other users, please leave a message under 'Comments'.