1
.\" Manual page created by Tomasz Kojm, 20021001.
2
.TH "clamd.conf" "5" "February 13, 2005" "Tomasz Kojm" "Clam AntiVirus"
5
\fBclamd.conf\fR \- Configuration file for Clam AntiVirus Daemon
8
clamd.conf configures the Clam AntiVirus daemon, clamd(8).
10
The file consists of comments and options with arguments. Each line that starts with a hash (\fB#\fR) symbol is a comment. Options and arguments are case sensitive and of the form \fBOption Argument\fR. The (possibly optional) arguments are are of the following types:
13
String without blank characters.
16
Size in bytes. You can use 'M' or 'm' modifiers for megabytes and 'K' or 'k' for kilobytes.
22
When an option is not used (hashed or doesn't exist in the configuration file) clamd takes a default action.
25
If this option is set clamd will not run.
28
Enable logging to selected file.
33
Disable a system lock that protects against running clamd with a same configuration file multiple times.
37
\fBLogFileMaxSize SIZE\fR
38
Limit the size of a log file. The logger will be automatically disabled if the file is greater than SIZE. Value of 0 disables the limit.
43
Log time with each message.
53
Use system logger (can work together with LogFile).
58
Specify the type of syslog messages \- please refer to 'man syslog' for facility names.
63
Enable verbose logging.
68
Save the process identifier of a listening daemon (main thread) to a specified file.
72
\fBTemporaryDirectory STRING\fR
73
Optional path to the global temporary directory.
75
Default: system specific (usually /tmp or /var/tmp).
77
\fBDatabaseDirectory STRING\fR
78
Path to a directory containing database files.
80
Default: /usr/local/share/clamav
82
\fBLocalSocket STRING\fR
83
Path to a local (Unix) socket the daemon will listen on.
88
Remove stale socket after unclean shutdown.
92
\fBTCPSocket NUMBER\fR
93
TCP port number the daemon will listen on.
98
TCP socket address to bind to. By default clamd binds to INADDR_ANY.
102
\fBMaxConnectionQueueLength NUMBER\fR
103
Maximum length the queue of pending connections may grow to.
107
\fBMaxThreads NUMBER\fR
108
Maximal number of threads running at the same time.
112
\fBReadTimeout NUMBER\fR
113
Waiting for data from a client socket will timeout after this time (seconds).
117
\fBIdleTimeout NUMBER\fR
118
Waiting for a new job will timeout after this time (seconds).
122
\fBMaxDirectoryRecursion NUMBER\fR
123
Maximal depth directories are scanned at.
127
\fBFollowDirectorySymlinks\fR
128
Follow directory symlinks.
132
\fBFollowFileSymlinks\fR
133
Follow regular file symlinks.
137
\fBSelfCheck NUMBER\fR
138
Do internal sanity checks every NUMBER seconds.
142
\fBVirusEvent COMMAND\fR
143
Execute the COMMAND when virus is found. In the command string %v will be replaced by a virus name.
149
Stop daemon when libclamav reports out of memory condition.
155
Run as selected user.
159
\fBAllowSupplementaryGroups\fR
160
Initialize supplementary group access (clamd must be started by root).
165
Don't fork into background.
170
Enable debug messages from libclamav.
172
\fBLeaveTemporaryFiles\fR
173
Do not remove temporary files (for debug purposes).
177
\fBStreamMaxLength SIZE\fR
178
Clamd uses FTP\-like protocol to receive data from remote clients. If you are using clamav\-milter to balance load between remote clamd daemons on firewall servers you may need to tune the Stream* options. This option allows you to specify the maximal limit for data transfered to remote daemon when scanning a single file. It should match your MTA's limit for a maximal attachment size.
182
\fBStreamMinPort NUMBER\fR
183
Limit data port range.
187
\fBStreamMaxPort NUMBER\fR
188
Limit data port range.
192
\fBDisableDefaultScanOptions\fR
193
By default clamd uses scan options recommended by libclamav. This option disables recommended options and allows you to enable selected options. DO NOT ENABLE IT unless you know what you are doing.
198
PE stands for Portable Executable \- it's an executable file format used in all 32\-bit versions of Windows operating systems. This option allows ClamAV to perform a deeper analysis of executable files and it's also required for decompression of popular executable packers such as UPX.
202
\fBDetectBrokenExecutables\fR
203
With this option clamd will try to detect broken executables and mark them as Broken.Executable.
208
Enables scanning of Microsoft Office document macros.
213
Enables HTML detection and normalisation.
218
Enable scanning of mail files.
223
If an email contains URLs ClamAV can download and scan them. \fBWARNING: This option may open your system to a DoS attack. Never use it on loaded servers.\fR
228
Enable archive scanning.
233
Enable scanning of RAR archives. Due to license issues libclamav does not support RAR 3.0 archives (only the old 2.0 format is supported). Because some users report stability problems with unrarlib it's disabled by default and must be enabled in the config file.
237
\fBArchiveMaxFileSize SIZE\fR
238
Files in archives larger than this limit won't be scanned. Value of 0 disables the limit.
242
\fBArchiveMaxRecursion NUMBER\fR
243
Limit archive recursion level. Value of 0 disables the limit.
247
\fBArchiveMaxFiles NUMBER\fR
248
Number of files to be scanned within archive. Value of 0 disables the limit.
252
\fBArchiveMaxCompressionRatio NUMBER\fR
253
Analyze compression ratio of every file in an archive and mark potential archive bombs as viruses (0 disables the limit).
257
\fBArchiveLimitMemoryUsage\fR
258
Use slower decompression algorithm which uses less memory. This option affects bzip2 decompressor only.
262
\fBArchiveBlockEncrypted\fR
263
Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
267
\fBArchiveBlockMax\fR
268
Mark archives as viruses (e.g RAR.ExceededFileSize, Zip.ExceededFilesLimit) if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is reached.
272
\fBClamukoScanOnAccess\fR
273
Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.
277
\fBClamukoScanOnOpen\fR
282
\fBClamukoScanOnClose\fR
287
\fBClamukoScanOnExec\fR
288
Scan files on execute.
292
\fBClamukoIncludePath STRING\fR
293
Set the include paths (all files and directories in them will be scanned). You can have multiple ClamukoIncludePath directives but each directory must be added in a separate line).
297
\fBClamukoExcludePath\fR
298
Set the exclude paths. All subdirectories will also be excluded.
302
\fBClamukoMaxFileSize SIZE\fR
303
Don't scan files larger than SIZE.
307
\fBClamukoScanArchive\fR
308
Enable archive scanning. It uses ArchiveMax* limits.
313
/usr/local/etc/clamd.conf
316
Tomasz Kojm <tkojm@clamav.net>
319
clamd(8), clamdscan(1), clamscan(1), freshclam(1), sigtool(1), clamav\-milter(8)