Ran your suggestion.
[root@mcq amavisd]# systemctl status amavisd.service \
clamd@amavisd.service clamav-freshclam.service
● amavisd.service - Amavis mail content checker
Loaded: loaded (/usr/lib/systemd/system/amavisd.service; enabled; preset: disabled)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf
Active: active (running) since Sat 2023-04-29 07:42:56 EDT; 6h ago
Docs: http://www.ijs.si/software/amavisd/#doc
Process: 16247 ExecStart=/usr/sbin/amavisd -c /etc/amavisd/amavisd.conf (code=exited, status=0/SUCCESS)
Process: 16342 ExecReload=/usr/sbin/amavisd -c /etc/amavisd/amavisd.conf reload (code=exited, status=0/SUCCESS)
Main PID: 16254 (/usr/sbin/amavi)
Tasks: 5 (limit: 4542)
Memory: 382.3M
CPU: 44.601s
CGroup: /system.slice/amavisd.service
├─16254 "/usr/sbin/amavisd (master)"
├─16350 "/usr/sbin/amavisd (ch13-avail)"
├─16351 "/usr/sbin/amavisd (ch13-avail)"
├─16352 "/usr/sbin/amavisd (ch13-avail)"
└─16353 "/usr/sbin/amavisd (ch13-avail)"
Apr 29 14:00:54 mcq.sbanetweb.com amavis[16351]: (16351-13) lLkEg5ZskTrL FWD from <sporter@mclaneny.com> -> <khonig@sbanetweb.com>, BODY=7BIT 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as B0A4F10BC807
Apr 29 14:00:54 mcq.sbanetweb.com amavis[16351]: (16351-13) Passed CLEAN {RelayedInbound}, [209.222.82.199]:34092 [104.47.55.171] <sporter@mclaneny.com> -> <khonig@sbanetweb.com>, Queue-ID: AA34A10BC802, Message-ID: <A76743D1-024F-4C30->
Apr 29 14:13:21 mcq.sbanetweb.com amavis[16353]: (16353-13) ESMTP :10024 /var/spool/amavisd/tmp/amavis-20230429T080216-16353-R8pFb1vT: <incoming+verp-ad2471fc8c37b01d5cbced45a0feac7e@fedoraproject.discoursemail.com> -> <wspivak@sbanetwe>
Apr 29 14:13:21 mcq.sbanetweb.com amavis[16353]: (16353-13) Checking: gWOdqPuQBH53 [64.71.144.218] <incoming+verp-ad2471fc8c37b01d5cbced45a0feac7e@fedoraproject.discoursemail.com> -> <wspivak@sbanetweb.com>
Apr 29 14:13:22 mcq.sbanetweb.com amavis[16353]: (16353-13) gWOdqPuQBH53 FWD from <incoming+verp-ad2471fc8c37b01d5cbced45a0feac7e@fedoraproject.discoursemail.com> -> <wspivak@sbanetweb.com>, BODY=7BIT 250 2.0.0 from MTA(smtp:[127.0.0.1]>
Apr 29 14:13:22 mcq.sbanetweb.com amavis[16353]: (16353-13) Passed CLEAN {RelayedInbound}, [64.71.144.218]:53107 [2602:fd3f:3:107:0:242:ac11:d] <incoming+verp-ad2471fc8c37b01d5cbced45a0feac7e@fedoraproject.discoursemail.com> -> <wspivak>
Apr 29 14:14:36 mcq.sbanetweb.com amavis[16352]: (16352-13) ESMTP :10024 /var/spool/amavisd/tmp/amavis-20230429T082404-16352-lspTv8qI: <s-2tb19v2xhb7l4vbuekpu3o9o51bw1dlq5wq8gxezv6golpo0m0vxo114@bounce.linkedin.com> -> <sbaconsult@sbane>
Apr 29 14:14:36 mcq.sbanetweb.com amavis[16352]: (16352-13) Checking: 0GuaoyhIyBfs [108.174.6.150] <s-2tb19v2xhb7l4vbuekpu3o9o51bw1dlq5wq8gxezv6golpo0m0vxo114@bounce.linkedin.com> -> <sbaconsult@sbanetweb.com>
Apr 29 14:14:36 mcq.sbanetweb.com amavis[16352]: (16352-13) 0GuaoyhIyBfs FWD from <s-2tb19v2xhb7l4vbuekpu3o9o51bw1dlq5wq8gxezv6golpo0m0vxo114@bounce.linkedin.com> -> <sbaconsult@sbanetweb.com>, BODY=7BIT 250 2.0.0 from MTA(smtp:[127.0.0>
Apr 29 14:14:36 mcq.sbanetweb.com amavis[16352]: (16352-13) Passed CLEAN {RelayedInbound}, [108.174.6.150]:52663 [108.174.6.150] <s-2tb19v2xhb7l4vbuekpu3o9o51bw1dlq5wq8gxezv6golpo0m0vxo114@bounce.linkedin.com> -> <sbaconsult@sbanetweb.c>
● clamd@amavisd.service - clamd scanner (amavisd) daemon
Loaded: loaded (/usr/lib/systemd/system/clamd@.service; disabled; preset: disabled)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf
Active: active (running) since Sat 2023-04-29 04:46:26 EDT; 9h ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://www.clamav.net/documents/
Process: 2456 ExecStart=/usr/sbin/clamd -c /etc/clamd.d/amavisd.conf (code=exited, status=0/SUCCESS)
Main PID: 2537 (clamd)
Tasks: 4 (limit: 4542)
Memory: 68.2M
CPU: 26.136s
CGroup: /system.slice/system-clamd.slice/clamd@amavisd.service
└─2537 /usr/sbin/clamd -c /etc/clamd.d/amavisd.conf
Apr 29 12:46:23 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
Apr 29 12:56:23 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
Apr 29 13:06:23 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
Apr 29 13:16:23 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
Apr 29 13:26:23 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
Apr 29 13:36:23 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
Apr 29 13:46:23 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
Apr 29 13:56:23 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
Apr 29 14:06:23 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
Apr 29 14:16:24 mcq.sbanetweb.com clamd[2537]: SelfCheck: Database status OK.
● clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/usr/lib/systemd/system/clamav-freshclam.service; enabled; preset: disabled)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf
Active: active (running) since Sat 2023-04-29 04:45:13 EDT; 9h ago
Docs: man:freshclam(1)
man:freshclam.conf(5)
https://docs.clamav.net/
Main PID: 1095 (freshclam)
Tasks: 1 (limit: 4542)
Memory: 1.1M
CPU: 9.443s
CGroup: /system.slice/clamav-freshclam.service
└─1095 /usr/bin/freshclam -d --foreground=true
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: Received signal: wake up
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: Sat Apr 29 12:46:02 2023 -> ClamAV update process started at Sat Apr 29 12:46:02 2023
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: ClamAV update process started at Sat Apr 29 12:46:02 2023
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: Sat Apr 29 12:46:02 2023 -> daily.cld database is up-to-date (version: 26891, sigs: 2032357, f-level: 90, builder: raynman)
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: daily.cld database is up-to-date (version: 26891, sigs: 2032357, f-level: 90, builder: raynman)
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: Sat Apr 29 12:46:02 2023 -> main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: Sat Apr 29 12:46:02 2023 -> bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Apr 29 12:46:02 mcq.sbanetweb.com freshclam[1095]: -------------------------------------
The major differences after running the diff program:
in Diff file:
-# a minimalistic configuration file for amavis with all necessary settings
+# a minimalistic configuration file for amavisd-new with all necessary settings
<break> *<-- As in I'm skipping a whole bunch of stuff...*
-#
- ['ClamAV-clamdscan', 'clamdscan',
- "--config-file=/etc/clamd.d/amavisd.conf --fdpass --stdout --no-summary {}",
- [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
-
-# ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred)
-# # note that Mail::ClamAV requires perl to be build with threading!
-# ['Mail::ClamAV', \&ask_daemon, ['{}','clamav-perl:'],
-# [0], [1], qr/^INFECTED: (.+)/m],
-
...
+ ### http://www.clamv.net/
+ ['ClamAV-clamd',
+ \&ask_daemon, ["CONTSCAN {}\n", "/run/clamd.scan/clamd.sock"],
+ qr/\bOK$/m, qr/\bFOUND$/m,
+ qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
+ # NOTE: run clamd under the same user as amavisd - or run it under its own
+ # uid such as clamav, add user clamav to the amavis group, and then add
+ # AllowSupplementaryGroups to clamd.conf;
+ # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
+ # this entry; when running chrooted one may prefer a socket under $MYHOME.
+
<break>
# ClamAV (clamd, direct socket communication)
-#
-# http://www.clamav.net/
-#
-# In the past, this was the default way to integrate amavis and
-# clamav. However, it has some downsides relative to running
-# clamdscan; see the clamdscan entry for a comparison.
-#
-# If you decide to use this method, you will need to give the clamd
-# daemon read access to the files that amavis will want to scan. This
-# can be accomplished with filesystem ACLs, or by adding the clamav
-# user to the amavis group. Note however that the latter has security
-# implications: it grants clamav the ability to read *any* of amavis's
-# files -- not just the ones that amavis asks clamd to scan!
-#
-# You may also have to adjust the path to the clamd communication
-# socket to match your system. The path is usually defined in the file
-# /etc/clamd.conf, or may be controlled by your service manager / init.
-#
-# ['ClamAV-clamd',
-# \&ask_daemon, ["CONTSCAN {}\n", "/run/clamd.amavisd/clamd.sock"],
-# qr/\bOK$/m, qr/\bFOUND$/m,
-# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
+ # ['ClamAV-clamscan', 'clamscan',
+ # "--stdout --no-summary -r --tempdir=$TEMPBASE {}",
+ # [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
+
+# ### http://www.clamav.net/ - using remote clamd scanner as a backup
+ ['ClamAV-clamdscan', 'clamdscan',
+ # "--stdout --no-summary --config-file=/etc/clamd-client.conf {}",
+ "--stdout --no-summary --config-file=/etc/clamd.d/clamd.conf {}",
+ [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
# ['ClamAV-clamd-stream',
-# \&ask_daemon, ["*", 'clamd:/run/clamd.amavisd/clamd.sock'],
+# \&ask_daemon, ["*", 'clamd:/run/clamav/clamd.sock'],
# qr/\bOK$/m, qr/\bFOUND$/m,
# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
<break>
So am I the remove the “-” and add the “+” (including the comment character “#”)?
I made a backup copy of my current amavid.conf.
Thanks,
Wayne