[qmail] clamav overview
ITWeb/서버관리 2012. 5. 14. 21:14[원본링크]
[원본글]
Overview
ClamAV is an anti-malware application that scans files for viruses, worms, spyware, and other forms of malware. Optimized for automated e-mail scanning on mail gateways, you can use ClamAV with SMTP, POP3, and IMAP mail servers. ClamAV also includes provisions for on-demand scans as well as test files for verifying the installation. Its major components include:
* libclamav
* clamd
* clamdscan
* clamscan
* freshclam
* sigtool
* clamav-milter
* clamuko
* clamconf
libclamav
Libclamav is the shared library for clamav and is the virus-scanning engine.
The library is thread-safe, and automatically recognizes and scans archives. Scanning is very fast. Libclamav can add virus protection to software other than ClamAV.
clamd
Clamd is a scalable, multi-threaded daemon.
Clamd uses sockets, streams, and file pointers so that it can be used thousands of times an hour and perform file and mail attachment scans as needed. Clamd uses the clamd.conf configuration file.
clamdscan
Clamdscan is a command line scanner that uses clamd.
When you need an on-demand scan and clamd is running, use clamdscan for the best performance. Clamdscan uses the running daemon and does not have to wait for ClamAV to start.
clamscan
Clamscan is the command line scanner that uses the ClamAV database.
Use clamscan to scan files on an infrequent basis or when when the clamd daemon is not running. Clamscan starts clam and the clam startup (loading database, etc.) slows overall detection time. For routine scans, use clamdscan.
freshclam
Freshclam is the ClamAV virus database-updating tool that runs either as a daemon or on the command line to update the ClamAV signature database.
Freshclam uses the freshclam.conf configuration file. It relies on an Internet connection to update the signature database, but runs in a variety of ways to compensate for intermittent connections. For installations with no connection, many distributions provide a clamav-data file and the package is not automatically updated, once installed.
sigtool
Sigtool is the ClamAV antivirus database manipulation tool.
It is for advanced users who intend to write their own signatures. Refer to the signatures portion of the documentation for more information about sigtool.
clamav-milter
Nigel Horne's clamav-milter is a very efficient email scanner.
It is a plugin for Sendmail and Postfix that enables those programs to scan email.
clamuko
Clamuko is a special thread in clamd that performs on-access scans on Linux and FreeBSD. Clamuko shares the virus database with the clamd daemon.
clamconf
Clamconf is a program that runs from a command line.
It displays information about your configuration. It is useful during ClamAV debugging. When you file a bug report, the ClamAV engineering team will often ask for clamconf output.