Milter socket -
The interface through which we communicate with postfix.
unix:/path/to/file - to specify a unix domain socket.
inet:port@[hostname|ip-address] - to specify an ipv4 socket.
inet6:port@[hostname|ip-address] - to specify an ipv6 socket.
Milter socket group -
The group ownership for the (unix) milter socket.
Milter socket mode -
The permissions on the (unix) milter socket to the specified mode.
Fix stale socket -
Remove stale socket after unclean shutdown.
Run as another user (clamav-milter must be started by root for this option to work).
Allow supplementary groups -
Initialize supplementary group access (clamav-milter must be started by root).
Read timeout -
Waiting for data from clamd will timeout after this time (seconds).
Do not fork into background.
Pid file -
Save a process identifier of the listening daemon (main thread).
Temporary directory -
Optional path to the global temporary directory.
Clamd socket -
The clamd socket to connect to for scanning.
Local nets -
Messages originating from these hosts/networks will not be scanned.
Path to filename that excludes senders or recipients from anti-virus scanning.
Path to filename that excludes authenticated senders from anti-virus scanning.
Max file size -
Messages larger than this value will not be scanned. Make sure this value is lower or equal than StreamMaxLength in clamd.conf
On clean -
Action to be performed on clean messages (mostly useful for testing).
On infected -
Action to be performed on infected messages.
On fail -
Action to be performed on error conditions (this includes failure to allocate data structures, no scanners available, network timeouts, unknown scanner replies and the like).
Reject message -
Set a specific rejection reason for infected messages. Only useful together with "OnInfected Reject". The string "%v", if present, will be replaced with the virus name.
Default: "REJECT - AntiVirus detected: %v"
Add header -
If this option is set to "Replace" (or "Yes"), an "X-Virus-Scanned" and an "X-Virus-Status" headers will be attached to each processed message, possibly replacing existing headers. If it is set to Add, the X-Virus headers are added possibly on top of the existing ones. Note that while "Replace" can potentially break DKIM signatures, "Add" may confuse procmail and similar filters.
Report hostname -
When AddHeader is in use, this option allows to arbitrary set the reported hostname. This may be desirable in order to avoid leaking internal names. If unset the real machine name is used.
Virus action -
Execute a command when an infected message is found.