Hi
This should work
clamdscan -c /path/to/clamdscan.conf /email.file
clamdscan.conf contents
TCPSocket 3310
TCPAddr remote clamd IP address
On 22/09/2025 00:04, Zakaria via clamav-users wrote:
Maybe settig up a webserver can help, and post to the content of email
when received to scan. I think this would work fine if you accept the
email anyways or scan post receiving, and wont cause few seconds
delay, also you might need to store attachments in files and include
it in the post request to server.
On 2025-09-21 23:09, Paul Kosinski via clamav-users wrote:
> For many years now (well before Cisco's involvement) I have been
scanning email just before delivery by Postfix using procmail (not a
Milter). Up until now, I have been running ClamAV on the same computer
as Postfix, and scanning using clamdscan to stream (not fdpass) the
mail contents to clamd. (I do this using clamscan-procfilter.pl,
originally developed by A G Basile in 2004 and modified by me in 2007
and 2017.)
>
> Unfortunately, ClamAV has changed so much from 0.103.x to 1.0.9 (not
to mention 1.4.3 and 1.5.0) that I can't currently run ClamAV in the
same OS environment as Postfix.
>
> But I can't afford to have no email during the time that would be
needed to upgrade the OS, Dovecot, Postfix, Samba, etc. and test
everything on my current server. Nor can I afford to buy another
computer with similar power and storage (including software RAID0 and
redundant backup disks), set it up with new software versions, fully
test everything and then cut over almost atomically (as if that would
immediately work without problems).
>
> So, what I am doing is setting up ClamAV on a small (but powerful)
computer and running clamd on it so as to receive the mail contents to
be scanned via a TCP port. (This might not be practical for a
commercial email service, but the email volume associated with home
use is pretty small.)
>
> The problem I run into is that, although clamd.conf allows one to
specify a port number and even an an IP address for clamd to bind to,
there seems to be no way -- such as a command-line option -- to
specify what IP address clamdscan should talk to. (This makes the
clamd binding address almost irrelevant, I think.)
>
> The only thing I can think of, other than modifying clamdscan's
internals (a possibly risky business), is to replace the regular clamd
on the Postfix computer by a trivial mechanism that simply listens on
localhost:3310 (for example) and forwards the TCP (via netcat or
xinetd) to the ClamAV computer running the real clamd which listens on
10.23.45.67:3310 (for example).
>
> Might there be a better way to do this? (I briefly thought of
setting up a VM or a "container" on the current server running Postfix
et al, and running the latest ClamAV therein, but that would still
require a quite disruptive upgrade of the software environment.)
>
> Thanks
> Paul Kosinski
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
