clamd.conf - Configuration file for Clam AntiVirus Daemon
DESCRIPTION
clamd.conf configures the Clam AntiVirus daemon, clamd(8).
FILE FORMAT
The file consists of comments and options with arguments.
Each line that starts with a hash (#) symbol is a comment.
Options and arguments are case sensitive and of the form
Option Argument. The (possibly optional) arguments are are
of the following types:
STRING String without blank characters.
SIZE Size in bytes. You can use 'M' or 'm' modifiers for
megabytes and 'K' or 'k' for kilobytes.
NUMBER Unsigned integer.
DIRECTIVES
When an option is not used (hashed or doesn't exist in the
configuration file) clamd takes a default action.
Example
If this option is set clamd will not run.
LogFile STRING
Enable logging to selected file.
Default: disabled
LogFileUnlock
Disable a system lock that protects against running
clamd with a same configuration file multiple
times.
Default: disabled
LogFileMaxSize SIZE
Limit the size of a log file. The logger will be
automatically disabled if the file is greater than
SIZE. Value of 0 disables the limit.
Default: 1M
LogTime
Log time with each message.
Default: disabled
LogClean
Log clean files.
Default: disabled
LogSyslog
Use system logger (can work together with LogFile).
Specify the type of syslog messages - please refer
to 'man syslog' for facility names.
Default: LOG_LOCAL6
LogVerbose
Enable verbose logging.
Default: disabled
PidFile STRING
Save the process identifier of a listening daemon
(main thread) to a specified file.
Default: disabled
TemporaryDirectory STRING
Optional path to the global temporary directory.
Default: system specific (usually /tmp or
/var/tmp).
DatabaseDirectory STRING
Path to a directory containing database files.
Default: /usr/local/clamav/share/clamav
LocalSocket STRING
Path to a local (Unix) socket the daemon will lis-
ten on.
Default: disabled
FixStaleSocket
Remove stale socket after unclean shutdown.
Default: disabled
TCPSocket NUMBER
TCP port number the daemon will listen on.
Default: disabled
TCPAddr STRING
TCP socket address to bind to. By default clamd
binds to INADDR_ANY.
Default: disabled
MaxConnectionQueueLength NUMBER
Maximum length the queue of pending connections may
grow to.
Default: 15
MaxThreads NUMBER
Maximal number of threads running at the same time.
Default: 10
ReadTimeout NUMBER
Waiting for data from a client socket will timeout
after this time (seconds).
Waiting for a new job will timeout after this time
(seconds).
Default: 30
MaxDirectoryRecursion NUMBER
Maximal depth directories are scanned at.
Default: 15
FollowDirectorySymlinks
Follow directory symlinks.
Default: disabled
FollowFileSymlinks
Follow regular file symlinks.
Default: disabled
SelfCheck NUMBER
Do internal sanity checks every NUMBER seconds.
Default: 1800
VirusEvent COMMAND
Execute the COMMAND when virus is found. In the
command string %v will be replaced by a virus name.
Default: disabled
ExitOnOOM
Stop deamon when libclamav reports out of memory
condition.
Default: disabled
User STRING
Run as selected user.
Default: disabled
AllowSupplementaryGroups
Initialize supplementary group access (clamd must
be started by root).
Default: disabled
Foreground
Don't fork into background.
Default: disabled
Debug Enable debug messages from libclamav.
LeaveTemporaryFiles
Do not remove temporary files (for debug purposes).
Default: disabled
StreamMaxLength SIZE
balance load between remote clamd daemons on fire-
wall servers you may need to tune the Stream*
options. This option allows you to specify the max-
imal limit for data transfered to remote daemon
when scanning a single file. It should match your
MTA's limit for a maximal attachment size.
Default: 10M
StreamMinPort NUMBER
Limit data port range.
Default: 1024
StreamMaxPort NUMBER
Limit data port range.
Default: 2048
DisableDefaultScanOptions
By default clamd uses scan options recommended by
libclamav. This option disables recommended options
and allows you to enable selected options. DO NOT
ENABLE IT unless you know what you are doing.
Default: disabled
ScanPE PE stands for Portable Executable - it's an exe-
cutable file format used in all 32-bit versions of
Windows operating systems. This option allows Cla-
mAV to perform a deeper analysis of executable
files and it's also required for decompression of
popular executable packers such as UPX.
Default: enabled
DetectBrokenExecutables
With this option clamd will try to detect broken
executables and mark them as Broken.Executable.
Default: disabled
ScanOLE2
Enables scanning of Microsoft Office document
macros.
Default: enabled
ScanHTML
Enables HTML detection and normalisation.
Default: enabled
ScanMail
Enable scanning of mail files.
Default: enabled
MailFollowURLs
If an email contains URLs ClamAV can download and
scan them. WARNING: This option may open your sys-
Default: disabled
ScanArchive
Enable archive scanning.
Default: enabled
ScanRAR
Enable scanning of RAR archives. Due to license
issues libclamav does not support RAR 3.0 archives
(only the old 2.0 format is supported). Because
some users report stability problems with unrarlib
it's disabled by default and must be enabled in the
config file.
Default: disabled
ArchiveMaxFileSize SIZE
Files in archives larger than this limit won't be
scanned. Value of 0 disables the limit.
Default: 10M
ArchiveMaxRecursion NUMBER
Limit archive recursion level. Value of 0 disables
the limit.
Default: 8
ArchiveMaxFiles NUMBER
Number of files to be scanned within archive. Value
of 0 disables the limit.
Default: 1000
ArchiveMaxCompressionRatio NUMBER
Analyze compression ratio of every file in an
archive and mark potential archive bombs as viruses
(0 disables the limit).
Default: 250
ArchiveLimitMemoryUsage
Use slower decompression algorithm which uses less
memory. This option affects bzip2 decompressor
only.
Default: disabled
ArchiveBlockEncrypted
Mark encrypted archives as viruses (Encrypted.Zip,
Encrypted.RAR).
Default: disabled
ArchiveBlockMax
Mark archives as viruses (e.g RAR.ExceededFileSize,
Zip.ExceededFilesLimit) if ArchiveMaxFiles,
ArchiveMaxFileSize, or ArchiveMaxRecursion limit is
reached.
Enable Clamuko. Dazuko (/dev/dazuko) must be con-
figured and running.
Default: disabled
ClamukoScanOnOpen
Scan files on open.
Default: disabled
ClamukoScanOnClose
Scan files on close.
Default: disabled.
ClamukoScanOnExec
Scan files on execute.
Default: disabled
ClamukoIncludePath STRING
Set the include paths (all files and directories in
them will be scanned). You can have multiple Cla-
mukoIncludePath directives but each directory must
be added in a seperate line).
Default: disabled
ClamukoExcludePath
Set the exclude paths. All subdirectories will also
be excluded.
Default: disabled
ClamukoMaxFileSize SIZE
Don't scan files larger than SIZE.
Default: 5M
ClamukoScanArchive
Enable archive scanning. It uses ArchiveMax* lim-
its.
Default: disabled
FILES
/usr/local/clamav/etc/clamd.conf
AUTHOR
Tomasz Kojm <tkojm@clamav.net>
SEE ALSO
clamd(8), clamdscan(1), clamscan(1), freshclam(1), sig-
tool(1), clamav-milter(8)
Man(1) output converted with
man2html