1freshclam.conf(5) Clam AntiVirus freshclam.conf(5)
2
6 freshclam.conf - Configuration file for Clam AntiVirus database update
7 tool
8
10 The file freshclam.conf configures the Clam AntiVirus Database Updater,
11 freshclam(1).
12
14 The file consists of comments and options with arguments. Each line
15 which starts with a hash (#) symbol is ignored by the parser. Options
16 and arguments are case sensitive and of the form Option Argument. The
17 arguments are of the following types:
18 BOOL Boolean value (yes/no or true/false or 1/0).
20 STRING String without blank characters.
22 SIZE Size in bytes. You can use 'M' or 'm' modifiers for megabytes
24 and 'K' or 'k' for kilobytes.
25 NUMBER Unsigned integer.
27
29 When an option is not used (hashed or doesn't exist in the configura‐
30 tion file) freshclam takes a default action.
31 Example
33 If this option is set freshclam will not run.
34 DatabaseOwner STRING
36 When started by root, drop privileges to a specified user.
37 Default:
38 AllowSupplementaryGroups BOOL
40 Initialize supplementary group access (freshclam must be started
41 by root).
42 Default: disabled
43 DatabaseDirectory STRING
45 Path to a directory containing database files.
46 Default: /var/lib/clamav
47 Checks NUMBER
49 Number of database checks per day.
50 Default: 12
51 UpdateLogFile STRING
53 Enable logging to a specified file. Highly recommended.
54 Default: disabled.
55 LogFileMaxSize SIZE
57 Limit the size of the log file. The logger will be automatically
58 disabled if the file is greater than SIZE. Value of 0 disables
59 the limit.
60 Default: 1M
61 LogSyslog BOOL
63 Enable logging to Syslog. May be used in combination with
64 UpdateLogFile.
65 Default: disabled.
66 LogFacility STRING
68 Specify the type of syslog messages - please refer to 'man sys‐
69 log' for facility names.
70 Default: LOG_LOCAL6
71 PidFile STRING
73 This option allows you to save the process identifier of the
74 daemon to a file specified in the argument.
75 Default: disabled
76 LogVerbose BOOL
78 Enable verbose logging.
79 Default: disabled
80 DNSDatabaseInfo STRING
82 This directive enables database and software version checks
83 through DNS TXT records.
84 Default: enabled, pointing to current.cvd.clamav.net
85 DatabaseMirror STRING
87 Server name where database updates are downloaded from. In order
88 to download the database from the closest mirror you should con‐
89 figure freshclam to use db.xy.clamav.net where xy represents
90 your country code. If this option is given multiple times,
91 freshclam(1) tries them in the order given. It's strongly recom‐
92 mended that you use db.xy.clamav.net as the first mirror and
93 database.clamav.net as the second.
94 Default: database.clamav.net
95 MaxAttempts NUMBER
97 How many attempts (per mirror) to make before giving up.
98 Default: 3 (per mirror)
99 ScriptedUpdates BOOL
101 With this option you can control scripted updates. It's highly
102 recommended to keep it enabled.
103 Default: enabled
104 TestDatabases BOOL
106 With this option enabled, freshclam will attempt to load new
107 databases into memory to make sure they are properly handled by
108 libclamav before replacing the old ones.
109 Default: enabled
110 CompressLocalDatabase BOOL
112 By default freshclam will keep the local databases (.cld) uncom‐
113 pressed to make their handling faster. With this option you can
114 enable the compression; the change will take effect with the
115 next database update.
116 Default: no
117 DatabaseCustomURL STR
119 With this option you can provide custom sources (http:// or
120 file://) for database files. This option can be used multiple
121 times.
122 Default: no custom URLs
123 HTTPProxyServer STR, HTTPProxyPort NUMBER
125 Use given proxy server and TCP port for database downloads.
126 HTTPProxyUsername STR,HTTPProxyPassword STRING
128 Proxy usage is authenticated through given username and pass‐
129 word.
130 Default: no proxy authentication
131 HTTPUserAgent STRING
133 If your servers are behind a firewall/proxy which applies User-
134 Agent filtering, you can use this option to force the use of a
135 different User-Agent header.
136 Default: clamav/version_number
137 LocalIPAddress IP
139 Use IP as client address for downloading databases. Useful for
140 multi homed systems.
141 Default: Use OS´es default outgoing IP address.
142 NotifyClamd STRING
144 Notify a running clamd(8) to reload its database after a down‐
145 load has occurred. The path for clamd.conf file must be pro‐
146 vided.
147 Default: The default is to not notify clamd. See clamd.conf(5)´s
148 option SelfCheck for how clamd(8) handles database updates in
149 this case.
150 OnUpdateExecute STRING
152 Execute this command after the database has been successfully
153 updated.
154 Default: disabled
155 OnOutdatedExecute STRING
157 Execute this command when freshclam reports outdated version. In
158 the command string %v will be replaced by the new version num‐
159 ber.
160 Default: disabled
161 OnErrorExecute STRING
163 Execute this command after a database update has failed.
164 Default: disabled
165 ConnectTimeout NUMBER
167 Timeout in seconds when connecting to database server.
168 Default: 10
169 ReceiveTimeout NUMBER
171 Timeout in seconds when reading from database server.
172 Default: 30
173 SubmitDetectionStats STRING
175 When enabled freshclam will submit statistics to the ClamAV
176 Project about the latest virus detections in your environment.
177 The ClamAV maintainers will then use this data to determine what
178 types of malware are the most detected in the field and in what
179 geographic area they are. Freshclam will connect to clamd in
180 order to get the recent statistics. The path for clamd.conf file
181 must be provided.
182 Default: disabled
183 DetectionStatsCountry STRING
185 Country of origin of malware/detection statistics (for statisti‐
186 cal purposes only). The statistics collector at ClamAV.net will
187 look up your IP address to determine the geographical origin of
188 the malware reported by your installation. If this installation
189 is mainly used to scan data which comes from a different loca‐
190 tion, please enable this option and enter a two-letter code (see
191 http://www.iana.org/domains/root/db/) of the country of origin.
192 Default: disabled
193 DetectionStatsHostID STRING
195 This option enables support for our "Personal Statistics" ser‐
196 vice. When this option is enabled, the information on malware
197 detected by your clamd installation is made available to you
198 through our website. To get your HostID, log on
199 http://www.stats.clamav.net and add a new host to your host
200 list. Once you have the HostID, uncomment this option and paste
201 the HostID here. As soon as your freshclam starts submitting
202 information to our stats collecting service, you will be able to
203 view the statistics of this clamd installation by logging into
204 http://www.stats.clamav.net with the same credentials you used
205 to generate the HostID. For more information refer to:
206 http://www.clamav.net/support/faq/faq-cctts/. This feature
207 requires SubmitDetectionStats to be enabled.
208 Default: disabled
209 SafeBrowsing BOOL
211 This option enables support for Google Safe Browsing. When acti‐
212 vated for the first time, freshclam will download a new database
213 file (safebrowsing.cvd) which will be automatically loaded by
214 clamd and clamscan during the next reload, provided that the
215 heuristic phishing detection is turned on. This database
216 includes information about websites that may be phishing sites
217 or possible sources of malware. When using this option, it's
218 mandatory to run freshclam at least every 30 minutes. Freshclam
219 uses the ClamAV's mirror infrastructure to distribute the data‐
220 base and its updates but all the contents are provided under
221 Google's terms of use. See http://code.google.com/sup‐
222 port/bin/answer.py?answer=70015 and http://safebrowsing.cla‐
223 mav.net for more information.
224 Default: disabled
225 Bytecode BOOL
227 This option enables downloading of bytecode.cvd, which includes
228 additional detection mechanisms and improvements to the ClamAV
229 engine.
230 Default: enabled
231
233 /etc/freshclam.conf
234
236 Thomas Lamy <thomas.lamy@netwake.de>, Tomasz Kojm <tkojm@clamav.net>
237
239 freshclam(1), clamd.conf(5), clamd(8), clamscan(1)
240ClamAV 0.97.3 February 12, 2007 freshclam.conf(5)