The installation of third party antivirus scanners on the archiving server is generally not recommended. Since MailArchiva is an archiving server, it is writing to thousands of files on a continuous basis. The antivirus product may slow the archiving server down and secondly, if the anti-virus product discovers a virus (even a false positive), it may modify files in a manner that could cause unpredictable behavior.
If the use of external anti-virus products is a strong requirement, please ensure that MailArchiva's file system locations are excluded from the antivirus scanning. In addition, all index and store directories ought to be excluded. Please also be aware that archiving and search performance will also be affected.
The in-built antivirus scanning feature of MailArchiva (outlined below) does not quarantine or remove viruses. It only flags them in the GUI.
Although in the majority of cases, MailArchiva receives emails for archiving after they have already been processed by the mail server's antivirus scanner, for extra protection, it is possible to configure MailArchiva to perform additional antivirus scanning. To enable this feature, it is necessary to install the ClamAV antivirus scanner (preferably on the same machine running MailArchiva)
Please refer to the Clam-AV website. Modify the clamd.conf file as in the Ubuntu setup instructions below.
Install the ClamAV antivirus scanner from the terminal prompt as follows:
Modify the /etc/clamav/clamd.conf configuration file as follows:
After modifying the configuration as above, reconfigure clamd as follows:
Thereafter, login to the MailArchiva console. From Configuration->Archive modify the Clamd configuration to point to the newly installed Clam deamon.
Emails that contain viruses are still archived for record keeping purposes, however, they show up with a Bug icon in the search results. The intention is to warn users that the email may contain a virus.
