ClamAV Troubleshooting

ClamAV Milter Testing

Greylisting must be disabled on the domain you are sending to for this test to work.

To test ClamAV milter, it is necessary to download the eicar test virus email and send it using the command below (Replacing emailonserver@example.com with a real email account on the server). If the Anti-virus is working correctly you will see it get blocked and it will be listed in the maillog and in Warden -> Logs -> Virus Log.

Centos / RHEL / CloudLinux

wget http://www.eicar.org/download/eicar.com.txt
echo "TEST MESSAGE w/ ATTACHMENT" | mail -S smtp=localhost -r sender@example.com -s "A/V test example" -a eicar.com.txt emailonserver@example.com

Debian / Ubuntu

apt-get install s-nail
wget http://www.eicar.org/download/eicar.com.txt
echo "TEST MESSAGE w/ ATTACHMENT" | s-nail -S smtp=localhost -r sender@example.com -s "A/V test example" -a eicar.com.txt emailonserver@example.com

ClamAV Tools

You can view the current ClamAV configuration using the following command:

clamconf

You can monitor the ClamAV daemon using the following command:

clamdtop

Restarting ClamAV

Centos / RHEL / CloudLinux 7 (systemd)

// restart clamav
systemctl restart clamd@scan.service 

// restart clamav-milter
systemctl restart clamav-milter.service 

Centos / RHEL / CloudLinux 6 (sysvinit)

// restart clamav
/etc/init.d/clamd restart

// restart clamav-milter
/etc/init.d/clamav-milter restart

Debian / Ubuntu

// restart clamav
/etc/init.d/clamav-daemon restart

// restart freshclam
/etc/init.d/clamav-freshclam restart

// restart clamav-milter
/etc/init.d/clamav-milter restart

Debug

clamscan --debug 2>&1 /dev/null

Updating Signatures

freshclam

Checking Signatures

clamscan --debug 2>&1 /dev/null | grep "loaded"

Debug Signature Updates

RHEL / Centos

freshclam --debug