HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecurity

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
armo
New user
New user
Posts: 29
Joined: 2011-11-04 21:39

HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecurity

Post by armo » 2011-11-05 21:29

For those first timers :shock: :shock: :shock: :shock: :shock: or the ones that want to move from the outdated ClamAv/tbb version :( :( :( :( :( to the Win32 version, here is what you need to do.

Prerequisits
1. Download the latest release package of hmailserver from http://www.hmailserver.com/index.php?page=download
2. Download the latest package of ClamAv from http://sourceforge.net/projects/clamav/ ... mav/win32/ Donwload the I386 package for 32 bit OS and the X86_64 for 64 bit OS
3. Download Windows server 2003 resource toolkit and install it with the default settings http://www.microsoft.com/download/en/de ... x?id=17657
4. Download the ClamSup and rsync packages provided by our good friend Steve for use with sanesecurity signatures http://hideout.ath.cx/clamav/

Installation
1. Install hmailserver. Manuals can be found on the site.
2. Extract the clamav package and copy the extracted clamav folder to the root of C:
3. Extract the rsync package
4. Extract the clamsup package
5. Copy the contents of the extracted rsync folder to the extracted clamsup folder
6. Copy the clamsup folder to the root of C:\clamav folder
7. Copy and paste the clamd.conf and freshclam.conf files from C:\ClamAV\conf_examples tp the root of C:\Clamav folder
8. Delete or comment out the word Example found in both config files on line 8
9. Modify both files to meet your needs (usually default settings are well balanced). Be careful do not uncomment or modify the line of temporary folder in clamd.conf
10. Do not uncomment or modify the database path in both config files. Leave the default settings
11. Modify the LOCALFOLDER variable in C:\ClamSup\Clamsup.cfg file to point to C:\ClamAv\Database
12. Create two new folders on the root of C:\ClamAv. Name it database and Logs
13. Uncomment the LogFile variable in clamd.conf to point to C:/ClamAv/Logs/clamd.log
14. Uncomment the UpdateLogFile variable in freshclam.conf file to point to C:/ClamAv/logs/freshclam.log
15. Navigate through command prompt to C:\ClamAv directory and run Clamd.exe, as this will launch the clamd service
16. Run freshclam.exe and wait until it downloads the databases and notifies the clamd service about it
17. CD to ClamSup directory and run clamsup.bat. This will download all Sanesecurity signature databases (will take some time), once download is complete, restart the clamd (close the command prompt windows and repeat step 15). This step will help to load all the signatures
18. At this point you should check the clamd logs to see if there are any errors.
19. Now configure hmailserver to use clamav
20. Go to antivirus, external virus scanner, check the use external scanner button and enter the following for the executable
C:\clamav\clamdscan.exe --config-file=C:\clamav\clamd.conf "%FILE%"
Return value should be 1, save and exit.
21. At this point your hmailserver is already using clamav to scan for viruses

Install ClamD service
• Launch the command shell through Windows resource toolkit (start, programs, Windows Resource Kit Tools)
• Type the following command to create the ClamD service instsrv.exe ClamD “C:\Program Files\Windows Resource Kits\Tools\srvany.exe"
• At this point launch your services applet and check to see the newly created ClamD service
• Right click the service, properties,logon tab, enter the admin account and password
• Go to recovery tab and choose restart service for all three failures cases, click ok
• Do not start the service yet
• Now launch the registry editor (regedit)
• Navigate to HKEY local machine, system, current control set, services, clamD. Right click it and create a new key name it Parameters
• Right click Parameters and create new string value, name it Application, right click Application key, then modify and enter this C:\ClamAv\Clamd.exe -c C:\ClamAv\Clamd.conf , click ok
• Launch taskmanager, find and end the process ClamD
• From the services start the CLamD Service.

PS: Restarting the server at this point if possible, is a good idea.

Happy Messaging :D :D :D :D :D

armo
New user
New user
Posts: 29
Joined: 2011-11-04 21:39

Re: HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecu

Post by armo » 2011-11-05 22:06

Since i maxed out on my post, here is the test you should run after completing the installation.
Go to http://www.mtgsy.net/dns/virustest.php , enter your email address and click submit. this will send the Eicar virus testing email (not hurmfull) so you can make sure that ClamAv is working fine.

Cloudmaster
Normal user
Normal user
Posts: 87
Joined: 2010-06-29 16:41

Re: HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecu

Post by Cloudmaster » 2012-05-05 17:21

Seems http://hideout.ath.cx/clamav/ is not available. Can we carry on regardless?

I already have a working hmail server & older tbb version of ClamAV running, and have no idea what ClamSup, rsync and sanesecurity are, am I safe to continue with your instructions to get an up to date ClamAV running?

Cloudmaster
Normal user
Normal user
Posts: 87
Joined: 2010-06-29 16:41

Re: HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecu

Post by Cloudmaster » 2012-05-07 23:17

Carried on regardless!!

I have, however, got a bunch of problems. As far as I can tell, I've installed everything correctly and set up the service correctly, the problem is, the services widget claims ClamD is running, but it doesn't show in Task Manager >> Processes, the low memory usage on our box backs that up.

Since I was upgrading from an earlier version, I thought I'd try deleting everything in the data directory and re-populate it by running Freshclam, that hasn't had any effect.

For some reason I have a hunch that it's not reading the conf file, but all settings are correct.

Another thing I've noticed (maybe connected with above) is that if I try running it in my 'home' directory with c:\clamav\clamd.exe -c c\clamav\clamd.conf (note use of full path names here) I get the following error - ERROR: Can't open/parse the config file c\clamav\clamd.conf

I've also just added C:\clamav to the Path environment variable, but I don't think that takes effect until after a reboot which I can't do until the server is quiet

Any and all help appreciated

Cloudmaster
Normal user
Normal user
Posts: 87
Joined: 2010-06-29 16:41

Re: HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecu

Post by Cloudmaster » 2012-05-08 00:17

Here we go again!! Noticed a typo somewhere, after correcting it ClamD is running properly, however, when using the supplied link to test HMS I'm getting the following in clamd.log -

Mon May 07 22:11:43 2012 -> C:\Program Files (x86)\hMailServer\Temp\{1F74A7DD-F013-4FDC-B176-68DF6091CEB6}.tmp: Can't unlink file ERROR

Any clues?

AuZee
New user
New user
Posts: 6
Joined: 2014-03-04 02:18
Location: Australia

Re: HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecu

Post by AuZee » 2014-03-06 03:22

armo wrote:Since i maxed out on my post, here is the test you should run after completing the installation.
Go to http://www.mtgsy.net/dns/virustest.php , enter your email address and click submit. this will send the Eicar virus testing email (not hurmfull) so you can make sure that ClamAv is working fine.

Try here now:

http://www.eicar.org/85-0-Download.html

Just tested mine with the ZIP and TXT files.

ClavAV (hmailserver option NOT ClamWin) picked them up and deleted the messages nicely, and let the sender/recipient know of such behaviour.

I've installed ClamWin... and pathed the conf file(s) to path to the CW databases. All working A1.

NB. Hope Nico is OK :?:

User avatar
mattg
Moderator
Moderator
Posts: 19982
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecu

Post by mattg » 2014-03-06 06:24

AuZee wrote:I've installed ClamWin... and pathed the conf file(s) to path to the CW databases. All working A1.

NB. Hope Nico is OK :?:
Watch ClamWin, it doesn't multithread, and can use lots of resources

I'm not sure about Nico. His web site seems to have ceased... :(
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
jimimaseye
Moderator
Moderator
Posts: 8067
Joined: 2011-09-08 17:48

Re: HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecu

Post by jimimaseye » 2014-08-06 23:10

That's solved.

Clamwin multi threaded (like clamAV):

"HOW TO run Clamwin and have a ClamAV system SERVICE": viewtopic.php?f=12&t=26829
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

marrco
New user
New user
Posts: 6
Joined: 2011-08-04 16:29

Re: HOWTO: Windows server 2003, Hmailserver, ClamAv,SaneSecurity

Post by marrco » 2014-11-27 11:41

please don't make easy things complicated. I use that setup (clamd and sanesecurity) for every client i have. Just follow the instructions here:
viewtopic.php?t=25791

no need to use srvany, just use the correct version and DON'T setup hmailserver to use external antivirus. Under the Anti-virus tab there's support for [] Use ClamAC and defaults (Host name: localhost and TCP/IP port 3310) are fine.

If you don't trust me just try. That's the correct way to have a fast and functional setup.

Post Reply