If for any reason you don't want to install the packages yourself, we can do it for you. The complete setup and testing costs just $30, please contact us for more details.
This solution is based on two great pieces of software, qscanq and ClamAV. It's very unintrusive and doesn't change your qmail in any way. A single command installs and uninstalls the antivirus addon from your qmail system. It was tested on several Red Hat 9, Red Hat EL 3 and Red Hat EL 5 servers with Plesk 7, 7.5 and 8.2. We have also received reports of success on Red Hat 7.3, Fedora Core 1, 2, 3, Red Hat EL 4 and also with Plesk 6 and Plesk 5.
The instructions assume you have a clean Plesk install and that you have NOT installed Dr.Web antivirus or any other antivirus addon. If you have installed other antivirus solutions or othervise modified your qmail, make sure your modifications are compatible before proceeding.
On newer RHEL distros, most likely source of troubles is SElinux. Please check your logs. Modifying your SElinux settings accordingly is beyond the scope of this how-to, though.
All paths are written as "/some/path" and all commands as 'some command'. Before you start, change your position to a suitable directory, where you will download the files to. For example: 'mkdir /usr/local/src/antivir' and than 'cd /usr/local/src/antivir'.
2.1 Use 'wget' to fetch the rpm from here and use the command 'rpm -Uvh daemontools-0.76-2.i386.rpm' to install it.
3.1 Use wget to fetch it from here.
3.2 Unpack the contents:
3.2.1 'cd /'
3.2.2 'tar -xzvf /usr/local/src/antivir/qscanq-0.43-psa-0.07.tar.gz'.
3.3 Now you should have the directory "/usr/local/qscanq-0.43". This location is important! If the directory isn't there, find it and copy it to that location. Inside it, you should have two subdirectories, "package" and "src". Make sure all this belongs to root: e.g. 'chown root:root -R /usr/local/qscanq-0.43'.
3.4 Add two system users and groups. Both users should have their passwords disabled and their homedirs should not be created. They should both belong to the same group, gqscanqg. The other group, gqscanq, should not have any users added to it.
3.4.1 to add group gqscanqg, use the command: 'groupadd gqscanqg'
3.4.2 to add group gqscanq, use the command: 'groupadd gqscanq'
3.4.3 to add user gqscanq, group gqscanqg, homedir "/var/qmail/qscanq", shell set to "/bin/true", use the command: 'useradd -d /var/qmail/qscanq -g gqscanqg -n -M -s /bin/true gqscanq'
3.4.4 to add user gqscanlog, group gqscanqg, homedir "/var/qmail/qscanq/log", shell set to "/bin/true", use the command: 'useradd -d /var/qmail/qscanq/log -g gqscanqg -n -M -s /bin/true gqscanlog'
3.5 'cd /usr/local/qscanq-0.43' and run './package/install'. It is important to run this command from the exact location, as stated here.
4.1 Get the RPMs from the Dag Wieer's repository (get the ones valid for your build, the below instructions are for RHEL 5 x86_64):
4.1.1 'cd /usr/local/src/antivir' (or to the dir you're using), use wget to fetch the RPMs
4.1.2 'rpm -Uvh clamav-0.91.2-1.el5.rf.x86_64.rpm'
4.1.3 'rpm -Uvh clamav-db-0.91.2-1.el5.rf.x86_64.rpm'
4.1.4 'rpm -Uvh clamd-0.91.2-1.el5.rf.x86_64.rpm'
4.2 Edit "/etc/clamd.conf" and make sure the following is set:
You should look at this clamd.conf as an example (this is for clamav-0.91.2), or even use it if you wish.
4.3 Make sure you're running freshclam atleast once every couple of hours or even every hour (check the setting in /etc/freshclam.conf). Do not change the user that freshclam runs under!
You can look at this freshclam.conf as an example (this is for clamav-0.91.2), or even use it if you wish.
4.4 Use wget to fetch our clamav_alter.sh script and run it:
4.4.1 'chmod 700 clamav_alter.sh'
4.4.2 to display instructions: './clamav_alter.sh help'
4.4.3 to actually run it: './clamav_alter.sh alter'.
5.1 To start using the antivirus software, run the command '/usr/local/qscanq/command/install-wrap'.
Note: your qmail binaries will not be altered in any way. Qmail-queue will be copied elsewhere and replaced so that the mail can be redirected trough ClamAV antivirus daemon before reaching qmail.
6.1 To stop using the antivirus software, run the command '/usr/local/qscanq/command/install-unwrap'.
7.1 Run the command '/var/qmail/bin/qmail-inject -a root < /usr/local/qscanq/src/TEST-BAD' and the response should be "qmail-inject: fatal: mail server permanently rejected message (#5.3.0)".
7.2 If the response was something other than "permanently rejected", check the original qscanq FAQ. Also, if you need to get more info about the errors check the logs in "/var/log/clamav" directory.
8.1 Perform the steps 3.1, 3.2, 3.3, 3.5 and than 5.1 (and 7.1 to test it if you wish)
8.2 You can delete the old "/usr/local/qscanq-x.xx" direcory if you want to. Be careful not to delete the current one, you always must have "/usr/local/qscanq" and one "/usr/local/qscanq-x.xx directory.
9.1 just follow all (!) the instructions under Fourth step again. If the instructions still describe the old version, wait until we update the how-to or upgrade on your own. It's usually not that difficult.
10.1.1 execute '/usr/local/qscanq/command/install-unwrap'
10.1.2 after you are finished upgrading Plesk or qmail, execute 'cd /usr/local/qscanq' and than execute the command './package/run'
10.1.3 to start using the antivirus software again, run the command '/usr/local/qscanq/command/install-wrap'
10.1.4 if you forgot to unwrap qscanq before you've upgraded Plesk, just execute the commands under 10.1.2 and 10.1.3. There is a good chance everything will work just fine.
11.1.1 first you should run the command '/usr/local/qscanq/command/install-unwrap', remove the file "/etc/service/qscanq", execute the command 'svc -dx /var/qmail/qscanq /var/qmail/qscanq/log', remove the files "/var/qmail/qscanq", "/usr/local/qscanq" and "/usr/local/qscanq-x.xx"
11.1.2 disable gqscanq's crontab (e.g. 'crontab -r -u gqscanq')
11.1.3 remove the users gqscanq, gqscanlog and groups gqscanq and gqscanqg ('userdel username' and 'groupdel groupname')
11.1.4 uninstall the ripMIME, daemontools and ClamAV RPMs.