# Package README file for floppyfw v.2.99.3+ (http://www.zelow.no/floppyfw) # Package name: mailscan (Clam AntiVirus Daemon + POP3/SMTP mail scanning) # Packaged by: Ivo Tachev, ivotachev@mail.bg # 1. ABOUT Mailscan package for floppyfw is an email (POP3 and SMTP) transparent antivirus scanning solution. Scans all email (message and attachment) traffic at the firewall for viri. Stops infected messages and notifies the client. Attachments over a predefined file size (default=10MB) are not scanned. 2. INSTALLATION The standard floppyfw way: Rename downloaded tarball: - mailscan-0.30-ffw_2.99.3.ffw to mailscan.ffw (for floppyfw-2.99.3 and later) (to be on the safe side with 8.3 names). Put package tarball in /packages. 3. RUNNING The standard floppyfw way: Automatic (default): post-mailscan.ini script is in /etc - Manual: run "post-mailscan.ini stop" to stop daemons and clear iptables rules. Then you can start post-mailscan.ini again. 4. DEPENDENCIES - floppyfw v.2.99.3 or v.2.99.4 (uClibC 0.9.27 - based). - virus definitions for ClamAV: post-mailscan.ini downloads these each time floppyfw starts. 5. DELIVERS - ClamAV: http://www.clamav.net - p3scan: http://p3scan.sourceforge.net/ - p3pmail: http://p3scan.sourceforge.net/#p3pmail - renattach: http://www.pc-tools.net/unix/renattach/ - clamsmtp: http://memberwebs.com/nielsen/software/clamsmtp/ - zlib: http://www.zlib.org (only updated) - bzip2: http://www.bzip.org (shared library only) Versions in this package: - ClamAV: 0.88 - p3scan: 2.9.02d - p3pmail: 1.3 - renattach: 1.2.2 - clamsmtp: 1.6 - zlib: 1.2.3 (update for floppyfw) - bzip2: 1.0.3 6. MISCELANEOUS INFO Binaries are optimized for size and stripped. A Pentium or above class processor is needed. Because of running in RAM no logging is done and all infected messages are discarded. I suggest a total RAM size of 48MB as a minimum. Changes in configuration can be done by editing the config files in /etc. It is recommended to read the docs for all projects employed. !FIXME! Daemons run as root. If you experience corruption of received (HTML) e-mail messages, try disabling renattach and/or p3pmail in /etc/p3scan/p3scan.conf. To compile against uClibC some trivial tweak was applied to the sources (e.g. p3pmail). It is ugly, so feel free to make it better. 7. LICENSE Read components licensing info. Unless specified otherwise, see GNU Public License v.2: http://www.gnu.org/licenses/gpl.txt 8. COMPILING INFO: Used uClibC developer environment (root fs image). - ClamAV: ./configure --disable-clamuko --disable-dns --disable-dsig --with-zlib=/ --with-user=root --with-group=root --with-dbdir=/var/lib/clamav --sysconfdir=/etc CFLAGS=-Os -march=i386 - p3scan: ./configure --disable-pop3s --disable-ripmime --disable-pcre --disable-vcheck CFLAGS=-Os -march=i386 + Comment out mcheck.h and mcheck() in p3scan.c - p3pmail: apply the patch - renattach: ./configure CFLAGS=-Os -march=i386 - clamsmtp: ./configure CFLAGS=-Os -march=i386 - zlib: ./configure -s ; insert CFLAGS=-Os -march=i386, "prefix=/" in Makefile - bzip2: in Makefile(for .so): insert CFLAGS=-Os -march=i386 ; comment out "#BIGFILES=-D_FILE_OFFSET_BITS=64" 9. TODO - Implement Layer7 matching and redirecting in firewall rules - Add IMAP support - Port to other platforms (e.g. embedded router devices) 10. CHANGELOG: v. 0.30: - Version update of p3scan; - Version update of ClamAV; clamav now running in TCP mode (p3scan requirement). v. 0.25: - Version update of ClamAV. - Version update of clamsmtp; v. 0.24: - Version update of ClamAV. - Version update of clamsmtp; - Version update of zlib; - Firewall rules for the package are now reloaded when firewall.ini is reloaded, so mailscan should be (hopefully) more usable when outside IP is dynamic; a temporary helper script for fixing original firewall.ini upon startup was added. v. 0.23: - Version update of ClamAV. v. 0.22: - Version update of ClamAV. v. 0.21: - Version updates of ClamAV and clamsmtp. v. 0.2: - Added bzip2 support - RAR support in ClamAV now enabled by default - Fixed compilation and stripping settings, so SMTP scanning works now - Switched to uncompressed executables - performs better and saves space on floppy - Cleaned up unneded executables: clamscan, ripmime + ripole - Removed TCP mode for clamd - Removed template files (not needed now). v. 0.1 (dated 03.29.2005, was named just mailscan.bz2): Initial package release. Pretty unstable. PLEASE DO NOT USE! (EOF)