1clamd.conf(5) Clam AntiVirus clamd.conf(5)
2
6 clamd.conf - Configuration file for Clam AntiVirus Daemon
7
9 clamd.conf configures the Clam AntiVirus daemon, clamd(8).
10
12 The file consists of comments and options with arguments. Each line
13 which starts with a hash (#) symbol is ignored by the parser. Options
14 and arguments are case sensitive and of the form Option Argument. The
15 arguments are of the following types:
16 BOOL Boolean value (yes/no or true/false or 1/0).
18 STRING String without blank characters.
20 SIZE Size in bytes. You can use 'M' or 'm' modifiers for megabytes
22 and 'K' or 'k' for kilobytes. To specify the size in bytes just
23 don't use modifiers.
24 NUMBER Unsigned integer.
26
28 When some option is not used (commented out or not included in the con‐
29 figuration file at all) clamd takes a default action.
30 Example
32 If this option is set clamd will not run.
33 LogFile STRING
35 Save all reports to a log file.
36 Default: disabled
37 LogFileUnlock BOOL
39 By default the log file is locked for writing and only a single
40 daemon process can write to it. This option disables the lock.
41 Default: no
42 LogFileMaxSize SIZE
44 Maximum size of the log file.
45 Value of 0 disables the limit.
46 Default: 1048576
47 LogTime BOOL
49 Log time for each message.
50 Default: no
51 LogClean BOOL
53 Log all clean files.
54 Useful in debugging but drastically increases the log size.
55 Default: no
56 LogSyslog BOOL
58 Use the system logger (can work together with LogFile).
59 Default: no
60 LogFacility STRING
62 Type of syslog messages
63 Please refer to 'man syslog' for facility names.
64 Default: LOG_LOCAL6
65 LogVerbose BOOL
67 Enable verbose logging.
68 Default: no
69 LogRotate BOOL
71 Rotate log file. Requires LogFileMaxSize option set prior to
72 this option.
73 Default: no
74 ExtendedDetectionInfo BOOL
76 Log additional information about the infected file, such as its
77 size and hash, together with the virus name.
78 Default: no
79 PidFile STRING
81 Save the process identifier of a listening daemon (main thread)
82 to a specified file.
83 Default: disabled
84 TemporaryDirectory STRING
86 This option allows you to change the default temporary direc‐
87 tory.
88 Default: system specific (usually /tmp or /var/tmp).
89 DatabaseDirectory STRING
91 This option allows you to change the default database directory.
92 If you enable it, please make sure it points to the same direc‐
93 tory in both clamd and freshclam.
94 Default: defined at configuration (/usr/local/share/clamav)
95 OfficialDatabaseOnly BOOL
97 Only load the official signatures published by the ClamAV
98 project.
99 Default: no
100 LocalSocket STRING
102 Path to a local (Unix) socket the daemon will listen on.
103 Default: disabled
104 LocalSocketGroup STRING
106 Sets the group ownership on the unix socket.
107 Default: the primary group of the user running clamd
108 LocalSocketMode STRING
110 Sets the permissions on the unix socket to the specified mode.
111 Default: socket is world readable and writable
112 FixStaleSocket BOOL
114 Remove stale socket after unclean shutdown.
115 Default: yes
116 TCPSocket NUMBER
118 TCP port number the daemon will listen on.
119 Default: disabled
120 TCPAddr STRING
122 By default clamd binds to INADDR_ANY.
123 This option allows you to restrict the TCP address and provide
124 some degree of protection from the outside world. This option
125 can be specified multiple times in order to listen on multiple
126 IPs. IPv6 is now supported.
127 Default: disabled
128 MaxConnectionQueueLength NUMBER
130 Maximum length the queue of pending connections may grow to.
131 Default: 200
132 StreamMaxLength SIZE
134 Close the STREAM session when the data size limit is exceeded.
135 The value should match your MTA's limit for the maximum attach‐
136 ment size.
137 Default: 25M
138 StreamMinPort NUMBER
140 The STREAM command uses an FTP-like protocol.
141 This option sets the lower boundary for the port range.
142 Default: 1024
143 StreamMaxPort NUMBER
145 This option sets the upper boundary for the port range.
146 Default: 2048
147 MaxThreads NUMBER
149 Maximum number of threads running at the same time.
150 Default: 10
151 ReadTimeout NUMBER
153 This option specifies the time (in seconds) after which clamd
154 should timeout if a client doesn't provide any data.
155 Default: 120
156 CommandReadTimeout NUMBER
158 This option specifies the time (in seconds) after which clamd
159 should timeout if a client doesn't provide any initial command
160 after connecting. The default is set to 30 to avoid timeouts
161 with TCP sockets when processing large messages. If using a
162 Unix socket, the value can be changed to 5. Note: the timeout
163 for subsequents commands, and/or data chunks is specified by
164 ReadTimeout.
165 Default: 30
166 SendBufTimeout NUMBER
168 This option specifies how long to wait (in milliseconds) if the
169 send buffer is full. Keep this value low to prevent clamd hang‐
170 ing.
171 Default: 500
172 MaxQueue NUMBER
174 Maximum number of queued items (including those being processed
175 by MaxThreads threads). It is recommended to have this value at
176 least twice MaxThreads if possible.
177 WARNING: you shouldn't increase this too much to avoid running
178 out of file descriptors, the following condition should hold:
179 MaxThreads*MaxRecursion + MaxQueue - MaxThreads + 6 <
180 RLIMIT_NOFILE. RLIMIT_NOFILE is the maximum number of open file
181 descriptors (usually 1024), set by ulimit -n.
182 Default: 100
183 IdleTimeout NUMBER
185 This option specifies how long (in seconds) the process should
186 wait for a new job.
187 Default: 30
188 ExcludePath REGEX
190 Don't scan files and directories matching REGEX. This directive
191 can be used multiple times.
192 Default: disabled
193 MaxDirectoryRecursion NUMBER
195 Maximum depth directories are scanned at.
196 Default: 15
197 FollowDirectorySymlinks BOOL
199 Follow directory symlinks.
200 Default: no
201 CrossFilesystems BOOL
203 Scan files and directories on other filesystems.
204 Default: yes
205 FollowFileSymlinks BOOL
207 Follow regular file symlinks.
208 Default: no
209 SelfCheck NUMBER
211 This option specifies the time intervals (in seconds) in which
212 clamd should perform a database check.
213 Default: 600
214 ConcurrentDatabaseReload BOOL
216 Enable non-blocking (multi-threaded/concurrent) database
217 reloads. This feature will temporarily load a second scanning
218 engine while scanning continues using the first engine. Once
219 loaded, the new engine takes over. The old engine is removed as
220 soon as all scans using the old engine have completed. This fea‐
221 ture requires more RAM, so this option is provided in case users
222 are willing to block scans during reload in exchange for lower
223 RAM requirements.
224 Default: yes
225 VirusEvent COMMAND
227 Execute a command when a virus is found. In the command string
228 %v will be replaced with the virus name. Additionally, two envi‐
229 ronment variables will be defined: $CLAM_VIRUSEVENT_FILENAME and
230 $CLAM_VIRUSEVENT_VIRUSNAME.
231 Default: disabled
232 ExitOnOOM BOOL
234 Stop daemon when libclamav reports out of memory condition.
235 Default: no
236 AllowAllMatchScan BOOL
238 Permit use of the ALLMATCHSCAN command.
239 Default: yes
240 Foreground BOOL
242 Don't fork into background.
243 Default: no
244 Debug BOOL
246 Enable debug messages from libclamav.
247 Default: no
248 LeaveTemporaryFiles BOOL
250 Do not remove temporary files (for debugging purpose).
251 Default: no
252 User STRING
254 Run the daemon as a specified user (the process must be started
255 by root).
256 Default: disabled
257 Bytecode BOOL
259 With this option enabled ClamAV will load bytecode from the
260 database. It is highly recommended you keep this option turned
261 on, otherwise you may miss detections for many new viruses.
262 Default: yes
263 BytecodeSecurity STRING
265 Set bytecode security level.
266 Possible values:
267 TrustSigned - trust bytecode loaded from signed .c[lv]d
268 files and insert runtime safety checks for bytecode loaded
269 from other sources,
270 Paranoid - don't trust any bytecode, insert runtime checks
271 for all.
272 Recommended: TrustSigned, because bytecode in .cvd files already
273 has these checks.
274 Default: TrustSigned
275 BytecodeTimeout NUMBER
277 Set bytecode timeout in milliseconds.
278 Default: 5000
279 BytecodeUnsigned BOOL
281 Allow loading bytecode from outside digitally signed .c[lv]d
282 files. **Caution**: You should NEVER run bytecode signatures
283 from untrusted sources. Doing so may result in arbitrary code
284 execution.
285 Default: no
286 BytecodeMode STRING
288 Set bytecode execution mode.
289 Possible values:
290 Auto - automatically choose JIT if possible, fallback to
291 interpreter
292 ForceJIT - always choose JIT, fail if not possible
293 ForceInterpreter - always choose interpreter
294 Test - run with both JIT and interpreter and compare
295 results. Make all failures fatal.
296 Default: Auto
297 DetectPUA BOOL
299 Detect Possibly Unwanted Applications.
300 Default: No
301 ExcludePUA CATEGORY
303 Exclude a specific PUA category. This directive can be used mul‐
304 tiple times. See https://www.clamav.net/documents/potentially-
305 unwanted-applications-pua for the complete list of PUA cate‐
306 gories.
307 Default: disabled
308 IncludePUA CATEGORY
310 Only include a specific PUA category. This directive can be used
311 multiple times. See https://www.clamav.net/documents/poten‐
312 tially-unwanted-applications-pua for the complete list of PUA
313 categories.
314 Default: disabled
315 HeuristicAlerts BOOL
317 In some cases (eg. complex malware, exploits in graphic files,
318 and others), ClamAV uses special algorithms to provide accurate
319 detection. This option controls the algorithmic detection.
320 Default: yes
321 HeuristicScanPrecedence BOOL
323 Allow heuristic match to take precedence. When enabled, if a
324 heuristic scan (such as phishingScan) detects a possible
325 virus/phishing it will stop scanning immediately. Recommended,
326 saves CPU scan-time. When disabled, virus/phishing detected by
327 heuristic scans will be reported only at the end of a scan. If
328 an archive contains both a heuristically detected virus/phish‐
329 ing, and a real malware, the real malware will be reported. Keep
330 this disabled if you intend to handle "*.Heuristics.*" viruses
331 differently from "real" malware. If a non-heuristically-detected
332 virus (signature-based) is found first, the scan is interrupted
333 immediately, regardless of this config option.
334 Default: no
335 ScanPE BOOL
337 PE stands for Portable Executable - it's an executable file for‐
338 mat used in all 32 and 64-bit versions of Windows operating sys‐
339 tems. This option allows ClamAV to perform a deeper analysis of
340 executable files and it's also required for decompression of
341 popular executable packers such as UPX.
342 If you turn off this option, the original files will still be
343 scanned, but without additional processing.
344 Default: yes
345 ScanELF BOOL
347 Executable and Linking Format is a standard format for UN*X exe‐
348 cutables. This option allows you to control the scanning of ELF
349 files.
350 If you turn off this option, the original files will still be
351 scanned, but without additional processing.
352 Default: yes
353 ScanMail BOOL
355 Enable scanning of mail files.
356 If you turn off this option, the original files will still be
357 scanned, but without parsing individual messages/attachments.
358 Default: yes
359 ScanPartialMessages BOOL
361 Scan RFC1341 messages split over many emails. You will need to
362 periodically clean up $TemporaryDirectory/clamav-partial direc‐
363 tory. WARNING: This option may open your system to a DoS attack.
364 Never use it on loaded servers.
365 Default: no
366 PhishingSignatures BOOL
368 Enable email signature-based phishing detection.
369 Default: yes
370 PhishingScanURLs BOOL
372 Enable URL signature-based phishing detection (Phishing.Heuris‐
373 tics.Email.*)
374 Default: yes
375 StructuredDataDetection BOOL
377 Enable the DLP module.
378 Default: no
379 StructuredMinCreditCardCount NUMBER
381 This option sets the lowest number of Credit Card numbers found
382 in a file to generate a detect.
383 Default: 3
384 StructuredCCOnly BOOL
386 With this option enabled the DLP module will search for valid
387 Credit Card0umbers only. Debit and Private Label cards will not
388 be searched.
389 Default: No
390 StructuredMinSSNCount NUMBER
392 This option sets the lowest number of Social Security Numbers
393 found in a file to generate a detect.
394 Default: 3
395 StructuredSSNFormatNormal BOOL
397 With this option enabled the DLP module will search for valid
398 SSNs formatted as xxx-yy-zzzz.
399 Default: Yes
400 StructuredSSNFormatStripped BOOL
402 With this option enabled the DLP module will search for valid
403 SSNs formatted as xxxyyzzzz.
404 Default: No
405 ScanHTML BOOL
407 Perform HTML/JavaScript/ScriptEncoder normalisation and decryp‐
408 tion.
409 If you turn off this option, the original files will still be
410 scanned, but without additional processing.
411 Default: yes
412 ScanOLE2 BOOL
414 This option enables scanning of OLE2 files, such as Microsoft
415 Office documents and .msi files.
416 If you turn off this option, the original files will still be
417 scanned, but without additional processing.
418 Default: yes
419 ScanPDF BOOL
421 This option enables scanning within PDF files.
422 If you turn off this option, the original files will still be
423 scanned, but without additional processing.
424 Default: yes
425 ScanSWF BOOL
427 This option enables scanning within SWF files.
428 If you turn off this option, the original files will still be
429 scanned, but without decoding and additional processing.
430 Default: yes
431 ScanXMLDOCS BOOL
433 This option enables scanning xml-based document files supported
434 by libclamav.
435 If you turn off this option, the original files will still be
436 scanned, but without additional processing.
437 Default: yes
438 ScanHWP3 BOOL
440 This option enables scanning HWP3 files.
441 If you turn off this option, the original files will still be
442 scanned, but without additional processing.
443 Default: yes
444 ScanArchive BOOL
446 Scan within archives and compressed files.
447 If you turn off this option, the original files will still be
448 scanned, but without unpacking and additional processing.
449 Default: yes
450 AlertBrokenExecutables BOOL
452 Alert on broken executable files (PE & ELF).
453 Default: no
454 AlertBrokenMedia BOOL
456 Alert on broken graphics files (JPEG, TIFF, PNG, GIF).
457 Default: no
458 AlertEncrypted BOOL
460 Alert on encrypted archives and documents (encrypted .zip,
461 .7zip, .rar, .pdf).
462 Default: no
463 AlertEncryptedArchive BOOL
465 Alert on encrypted archives (encrypted .zip, .7zip, .rar).
466 Default: no
467 AlertEncryptedDoc BOOL
469 Alert on encrypted documents (encrypted .pdf).
470 Default: no
471 AlertOLE2Macros BOOL
473 Alert on OLE2 files containing VBA macros (Heuristics.OLE2.Con‐
474 tainsMacros).
475 Default: no
476 AlertExceedsMax BOOL
478 Alert on files that exceed max file size, max scan size, or max
479 recursion limit (Heuristics.Limits.Exceeded).
480 Default: no
481 AlertPhishingSSLMismatch BOOL
483 Alert on emails containing SSL mismatches in URLs (might lead to
484 false positives!).
485 Default: no
486 AlertPhishingCloak BOOL
488 Alert on emails containing cloaked URLs (might lead to some
489 false positives).
490 Default: no
491 AlertPartitionIntersection BOOL
493 Alert on raw DMG image files containing partition intersections.
494 Default: no
495 ForceToDisk
497 This option causes memory or nested map scans to dump the con‐
498 tent to disk.
499 If you turn on this option, more data is written to disk and is
500 available when the leave-temps option is enabled at the cost of
501 more disk writes.
502 Default: no
503 MaxScanTime SIZE
505 This option sets the maximum amount of time a scan may take to
506 complete. The value is in milliseconds. The value of 0 disables
507 the limit. WARNING: disabling this limit or setting it too high
508 may result allow scanning of certain files to lock up the scan‐
509 ning process/threads resulting in a Denial of Service.
510 Default: 12000
511 MaxScanSize SIZE
513 Sets the maximum amount of data to be scanned for each input
514 file. Archives and other containers are recursively extracted
515 and scanned up to this value. The size of an archive plus the
516 sum of the sizes of all files within archive count toward the
517 scan size. For example, a 1M uncompressed archive containing a
518 single 1M inner file counts as 2M toward the max scan size.
519 Warning: disabling this limit or setting it too high may result
520 in severe damage to the system.
521 Default: 100M
522 MaxFileSize SIZE
524 Files larger than this limit won't be scanned. Affects the input
525 file itself as well as files contained inside it (when the input
526 file is an archive, a document or some other kind of container).
527 Warning: disabling this limit or setting it too high may result
528 in severe damage to the system. Technical design limitations
529 prevent ClamAV from scanning files greater than 2 GB at this
530 time.
531 Default: 25M
532 MaxRecursion NUMBER
534 Nested archives are scanned recursively, e.g. if a Zip archive
535 contains a RAR file, all files within it will also be scanned.
536 This options specifies how deeply the process should be contin‐
537 ued. Warning: setting this limit too high may result in severe
538 damage to the system.
539 Default: 16
540 MaxFiles NUMBER
542 Number of files to be scanned within an archive, a document, or
543 any other kind of container. Warning: disabling this limit or
544 setting it too high may result in severe damage to the system.
545 Default: 10000
546 MaxEmbeddedPE SIZE
548 This option sets the maximum size of a file to check for embed‐
549 ded PE.
550 Files larger than this value will skip the additional analysis
551 step.
552 Negative values are not allowed.
553 Default: 10M
554 MaxHTMLNormalize SIZE
556 This option sets the maximum size of a HTML file to normalize.
557 HTML files larger than this value will not be normalized or
558 scanned.
559 Negative values are not allowed.
560 Default: 10M
561 MaxHTMLNoTags SIZE
563 This option sets the maximum size of a normalized HTML file to
564 scan.
565 HTML files larger than this value after normalization will not
566 be scanned.
567 Negative values are not allowed.
568 Default: 2M
569 MaxScriptNormalize SIZE
571 This option sets the maximum size of a script file to normalize.
572 Script content larger than this value will not be normalized or
573 scanned.
574 Negative values are not allowed.
575 Default: 5M
576 MaxZipTypeRcg SIZE
578 This option sets the maximum size of a ZIP file to reanalyze
579 type recognition.
580 ZIP files larger than this value will skip the step to poten‐
581 tially reanalyze as PE.
582 Negative values are not allowed.
583 WARNING: setting this limit too high may result in severe damage
584 or impact performance.
585 Default: 1M
586 MaxPartitions SIZE
588 This option sets the maximum number of partitions of a raw disk
589 image to be scanned.
590 Raw disk images with more partitions than this value will have
591 up to the value partitions scanned.
592 Negative values are not allowed.
593 WARNING: setting this limit too high may result in severe damage
594 or impact performance.
595 Default: 50
596 MaxIconsPE SIZE
598 This option sets the maximum number of icons within a PE to be
599 scanned.
600 PE files with more icons than this value will have up to the
601 value number icons scanned.
602 Negative values are not allowed.
603 WARNING: setting this limit too high may result in severe damage
604 or impact performance.
605 Default: 100
606 MaxRecHWP3 NUMBER
608 This option sets the maximum recursive calls to HWP3 parsing
609 function.
610 HWP3 files using more than this limit will be terminated and
611 alert the user.
612 Scans will be unable to scan any HWP3 attachments if the recur‐
613 sive limit is reached.
614 Negative values are not allowed.
615 WARNING: setting this limit too high may result in severe damage
616 or impact performance.
617 Default: 16
618 PCREMatchLimit NUMBER
620 This option sets the maximum calls to the PCRE match function
621 during an instance of regex matching.
622 Instances using more than this limit will be terminated and
623 alert the user but the scan will continue.
624 For more information on match_limit, see the PCRE documentation.
625 Negative values are not allowed.
626 WARNING: setting this limit too high may severely impact perfor‐
627 mance.
628 Default: 10000
629 PCRERecMatchLimit NUMBER
631 This option sets the maximum recursive calls to the PCRE match
632 function during an instance of regex matching.
633 Instances using more than this limit will be terminated and
634 alert the user but the scan will continue.
635 For more information on match_limit_recursion, see the PCRE doc‐
636 umentation.
637 Negative values are not allowed and values > PCREMatchLimit are
638 superfluous.
639 WARNING: setting this limit too high may severely impact perfor‐
640 mance.
641 Default: 2000
642 PCREMaxFileSize SIZE
644 This option sets the maximum filesize for which PCRE subsigs
645 will be executed.
646 Files exceeding this limit will not have PCRE subsigs executed
647 unless a subsig is encompassed to a smaller buffer.
648 Negative values are not allowed.
649 Setting this value to zero disables the limit.
650 WARNING: setting this limit too high or disabling it may severe‐
651 ly impact performance.
652 Default: 25M
653 OnAccessIncludePath STRING
655 This option specifies a directory (including all files and
656 directories inside it), which should be scanned on access. This
657 option can be used multiple times.
658 Default: disabled
659 OnAccessExcludePath STRING
661 This option allows excluding directories from on-access scan‐
662 ning. It can be used multiple times.
663 Default: disabled
664 OnAccessExcludeRootUID BOOL
666 With this option you can whitelist the root UID (0). Processes
667 run under root will be able to access all files without trigger‐
668 ing scans or permission denied events.
669 Note that if clamd cannot check the uid of the process that gen‐
670 erated an on-access scan event (e.g., because OnAccessPrevention
671 was not enabled, and the process already exited), clamd will
672 perform a scan. Thus, setting OnAccessExcludeRootUID is not
673 guaranteed to prevent every access by the root user from trig‐
674 gering a scan (unless OnAccessPrevention is enabled).
675 Default: no
676 OnAccessExcludeUID NUMBER
678 With this option you can whitelist specific UIDs. Processes with
679 these UIDs will be able to access all files without triggering
680 scans or permission denied events.
681 This option can be used multiple times (one per line).
682 Note: using a value of 0 on any line will disable this option
683 entirely. To whitelist the root UID (0) please enable the OnAc‐
684 cessExcludeRootUID option.
685 Also note that if clamd cannot check the uid of the process that
686 generated an on-access scan event (e.g., because OnAccessPreven‐
687 tion was not enabled, and the process already exited), clamd
688 will perform a scan. Thus, setting OnAccessExcludeUID is not
689 guaranteed to prevent every access by the specified uid from
690 triggering a scan (unless OnAccessPrevention is enabled).
691 Default: disabled
692 OnAccessExcludeUname STRING
694 This option allows exclusions via user names when using the on-
695 access scanning client. It can be used multiple times, and has
696 the same potential race condition limitations of the OnAccessEx‐
697 cludeUID option.
698 Default: disabled
699 OnAccessMaxFileSize SIZE
701 Files larger than this value will not be scanned in on access.
702 Default: 5M
703 OnAccessMaxThreads NUMBER
705 Max number of scanning threads to allocate to the OnAccess
706 thread pool at startup. These threads are the ones responsible
707 for creating a connection with the daemon and kicking off scan‐
708 ning after an event has been processed. To prevent clamonacc
709 from consuming all clamd's resources keep this lower than
710 clamd's max threads.
711 Default: 5
712 OnAccessCurlTimeout NUMBER
714 Max amount of time (in milliseconds) that the OnAccess client
715 should spend for every connect, send, and recieve attempt when
716 communicating with clamd via curl.
717 Default: 5000 (5 seconds)
718 OnAccessMountPath STRING
720 Specifies a mount point (including all files and directories
721 under it), which should be scanned on access. This option can be
722 used multiple times.
723 Default: disabled
724 OnAccessDisableDDD BOOL
726 Disables the dynamic directory determination system which allows
727 for recursively watching include paths.
728 Default: no
729 OnAccessPrevention BOOL
731 Enables fanotify blocking when malicious files are found.
732 Default: disabled
733 OnAccessRetryAttempts NUMBER
735 Number of times the OnAccess client will retry a failed scan due
736 to connection problems (or other issues).
737 Default: 0
738 OnAccessDenyOnError BOOL
740 When using prevention, if this option is turned on, any errors
741 that occur during scanning will result in the event attempt
742 being denied. This could potentially lead to unwanted system be‐
743 haviour with certain configurations, so the client defaults this
744 to off and prefers allowing access events in case of scan or
745 connection error.
746 Default: no
747 OnAccessExtraScanning BOOL
749 Toggles extra scanning and notifications when a file or direc‐
750 tory is created or moved.
751 Requires the DDD system to kick-off extra scans.
752 Default: no
753 DisableCertCheck BOOL
755 Disable authenticode certificate chain verification in PE files.
756 Default: no
757
759 All options expressing a size are limited to max 4GB. Values in excess
760 will be reset to the maximum.
761
763 /etc/clamd.d/scan.conf
764
766 Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>
767
769 clamd(8), clamdscan(1), clamav-milter(8), freshclam(1), fresh‐
770 clam.conf(5)
771ClamAV 0.103.2 December 4, 2013 clamd.conf(5)