System Interrupt Me!

A blog by a Mac user.

Running ClamAV on OS X Server Without Mail Server

I run OS X Server on my network and want to use ClamAV as my anti-virus software. ClamAV comes with OS X Server but is only enabled automatically if you run the Mail server. So I configured OS X Server to use ClamAV by manually enabling it.

As ClamAV is installed as part of the OS X Server installation the daemon binary resides in /Applications/Server.app/Contents/ServerRoot/usr/sbin/clamd. Fortunately the associated .plist files are already installed with OS X Server and would normally be run when the Mail server is started. So to enable ClamAV and Freshclam (to keep the definitions up to date) all that needs to happen is to copy the .plist files into the LaunchDaemons folder and launch them.

Copy the clamd and freshclam .plist files into /System/Library/LaunchDaemons/ and launch them so they will run continuously.

1
2
3
4
5
$ sudo cp /Applications/Server.app/Contents/ServerRoot/System/Library/LaunchDaemons/org.clamav.clamd.plist /System/Library/LaunchDaemons/  
$ sudo cp /Applications/Server.app/Contents/ServerRoot/System/Library/LaunchDaemons/org.clamav.freshclam.plist /System/Library/LaunchDaemons/  
$ sudo launchctl load /System/Library/LaunchDaemons/org.clamav.clamd.plist  
$ sudo launchctl load -w /System/Library/LaunchDaemons/org.clamav.freshclam.plist  
$ clamconf  

Use clamconf to confirm that virus database is being updated by freshclam.

I edited freshclam.conf and set the field Checks to 3 instead of the default 12 checks of virus database per day.

1
2
3
4
$ sudo nano /Library/Server/Mail/Config/clamav/freshclam.conf  
$ sudo launchctl unload /System/Library/LaunchDaemons/org.clamav.freshclam.plist  
$ sudo launchctl load /System/Library/LaunchDaemons/org.clamav.freshclam.plist  
$ clamconf  

I have noticed that once in a while the ClamAV and Freshclam daemons will stop running. I simply restart them at the command line with:

1
2
3
$ sudo launchctl load /System/Library/LaunchDaemons/org.clamav.clamd.plist  
$ sudo launchctl load /System/Library/LaunchDaemons/org.clamav.freshclam.plist  
$ clamconf  

To use Clam to scan for viruses run clamscan from the command line, for example:

1
$ clamscan ~/Downloads