1clamd.conf(5) Clam AntiVirus clamd.conf(5)
2
6 clamd.conf - Configuration file for Clam AntiVirus Daemon
7
9 clamd.conf configures the Clam AntiVirus daemon, clamd(8).
10
12 The file consists of comments and options with arguments. Each line
13 which starts with a hash (#) symbol is ignored by the parser. Options
14 and arguments are case sensitive and of the form Option Argument. The
15 arguments are of the following types:
16 BOOL Boolean value (yes/no or true/false or 1/0).
18 STRING String without blank characters.
20 SIZE Size in bytes. You can use 'M' or 'm' modifiers for megabytes
22 and 'K' or 'k' for kilobytes. To specify the size in bytes just
23 don't use modifiers.
24 NUMBER Unsigned integer.
26
28 When some option is not used (commented out or not included in the con‐
29 figuration file at all) clamd takes a default action.
30 Example
32 If this option is set clamd will not run.
33 LogFile STRING
35 Save all reports to a log file.
36 Default: disabled
37 LogFileUnlock BOOL
39 By default the log file is locked for writing and only a single
40 daemon process can write to it. This option disables the lock.
41 Default: no
42 LogFileMaxSize SIZE
44 Maximum size of the log file.
45 Value of 0 disables the limit.
46 Default: 1048576
47 LogTime BOOL
49 Log time for each message.
50 Default: no
51 LogClean BOOL
53 Log all clean files.
54 Useful in debugging but drastically increases the log size.
55 Default: no
56 LogSyslog BOOL
58 Use the system logger (can work together with LogFile).
59 Default: no
60 LogFacility STRING
62 Type of syslog messages
63 Please refer to 'man syslog' for facility names.
64 Default: LOG_LOCAL6
65 LogVerbose BOOL
67 Enable verbose logging.
68 Default: no
69 LogRotate BOOL
71 Rotate log file. Requires LogFileMaxSize option set prior to
72 this option.
73 Default: no
74 ExtendedDetectionInfo BOOL
76 Log additional information about the infected file, such as its
77 size and hash, together with the virus name.
78 Default: no
79 PidFile STRING
81 Save the process identifier of a listening daemon (main thread)
82 to a specified file.
83 Default: disabled
84 TemporaryDirectory STRING
86 This option allows you to change the default temporary direc‐
87 tory.
88 Default: system specific (usually /tmp or /var/tmp).
89 DatabaseDirectory STRING
91 This option allows you to change the default database directory.
92 If you enable it, please make sure it points to the same direc‐
93 tory in both clamd and freshclam.
94 Default: defined at configuration (/usr/local/share/clamav)
95 OfficialDatabaseOnly BOOL
97 Only load the official signatures published by the ClamAV
98 project.
99 Default: no
100 LocalSocket STRING
102 Path to a local (Unix) socket the daemon will listen on.
103 Default: disabled
104 LocalSocketGroup STRING
106 Sets the group ownership on the unix socket.
107 Default: the primary group of the user running clamd
108 LocalSocketMode STRING
110 Sets the permissions on the unix socket to the specified mode.
111 Default: socket is world readable and writable
112 FixStaleSocket BOOL
114 Remove stale socket after unclean shutdown.
115 Default: yes
116 TCPSocket NUMBER
118 TCP port number the daemon will listen on.
119 Default: disabled
120 TCPAddr STRING
122 By default clamd binds to INADDR_ANY.
123 This option allows you to restrict the TCP address and provide
124 some degree of protection from the outside world. This option
125 can be specified multiple times in order to listen on multiple
126 IPs. IPv6 is now supported.
127 Default: disabled
128 MaxConnectionQueueLength NUMBER
130 Maximum length the queue of pending connections may grow to.
131 Default: 200
132 StreamMaxLength SIZE
134 Close the STREAM session when the data size limit is exceeded.
135 The value should match your MTA's limit for the maximum attach‐
136 ment size.
137 Default: 25M
138 StreamMinPort NUMBER
140 The STREAM command uses an FTP-like protocol.
141 This option sets the lower boundary for the port range.
142 Default: 1024
143 StreamMaxPort NUMBER
145 This option sets the upper boundary for the port range.
146 Default: 2048
147 MaxThreads NUMBER
149 Maximum number of threads running at the same time.
150 Default: 10
151 ReadTimeout NUMBER
153 This option specifies the time (in seconds) after which clamd
154 should timeout if a client doesn't provide any data.
155 Default: 120
156 CommandReadTimeout NUMBER
158 This option specifies the time (in seconds) after which clamd
159 should timeout if a client doesn't provide any initial command
160 after connecting. The default is set to 30 to avoid timeouts
161 with TCP sockets when processing large messages. If using a
162 Unix socket, the value can be changed to 5. Note: the timeout
163 for subsequents commands, and/or data chunks is specified by
164 ReadTimeout.
165 Default: 30
166 SendBufTimeout NUMBER
168 This option specifies how long to wait (in milliseconds) if the
169 send buffer is full. Keep this value low to prevent clamd hang‐
170 ing.
171 Default: 500
172 MaxQueue NUMBER
174 Maximum number of queued items (including those being processed
175 by MaxThreads threads). It is recommended to have this value at
176 least twice MaxThreads if possible.
177 WARNING: you shouldn't increase this too much to avoid running
178 out of file descriptors, the following condition should hold:
179 MaxThreads*MaxRecursion + MaxQueue - MaxThreads + 6 <
180 RLIMIT_NOFILE. RLIMIT_NOFILE is the maximum number of open file
181 descriptors (usually 1024), set by ulimit -n.
182 Default: 100
183 IdleTimeout NUMBER
185 This option specifies how long (in seconds) the process should
186 wait for a new job.
187 Default: 30
188 ExcludePath REGEX
190 Don't scan files and directories matching REGEX. This directive
191 can be used multiple times.
192 Default: disabled
193 MaxDirectoryRecursion NUMBER
195 Maximum depth directories are scanned at.
196 Default: 15
197 FollowDirectorySymlinks BOOL
199 Follow directory symlinks.
200 Default: no
201 CrossFilesystems BOOL
203 Scan files and directories on other filesystems.
204 Default: yes
205 FollowFileSymlinks BOOL
207 Follow regular file symlinks.
208 Default: no
209 SelfCheck NUMBER
211 This option specifies the time intervals (in seconds) in which
212 clamd should perform a database check.
213 Default: 600
214 ConcurrentDatabaseReload BOOL
216 Enable non-blocking (multi-threaded/concurrent) database
217 reloads. This feature will temporarily load a second scanning
218 engine while scanning continues using the first engine. Once
219 loaded, the new engine takes over. The old engine is removed as
220 soon as all scans using the old engine have completed. This fea‐
221 ture requires more RAM, so this option is provided in case users
222 are willing to block scans during reload in exchange for lower
223 RAM requirements.
224 Default: yes
225 VirusEvent COMMAND
227 Execute a command when a virus is found. In the command string
228 %v will be replaced with the virus name. Additionally, two envi‐
229 ronment variables will be defined: $CLAM_VIRUSEVENT_FILENAME and
230 $CLAM_VIRUSEVENT_VIRUSNAME.
231 Default: disabled
232 ExitOnOOM BOOL
234 Stop daemon when libclamav reports out of memory condition.
235 Default: no
236 AllowAllMatchScan BOOL
238 Permit use of the ALLMATCHSCAN command.
239 Default: yes
240 Foreground BOOL
242 Don't fork into background.
243 Default: no
244 Debug BOOL
246 Enable debug messages from libclamav.
247 Default: no
248 LeaveTemporaryFiles BOOL
250 Do not remove temporary files (for debugging purpose).
251 Default: no
252 User STRING
254 Run the daemon as a specified user (the process must be started
255 by root).
256 Default: disabled
257 Bytecode BOOL
259 With this option enabled ClamAV will load bytecode from the
260 database. It is highly recommended you keep this option turned
261 on, otherwise you may miss detections for many new viruses.
262 Default: yes
263 BytecodeSecurity STRING
265 Set bytecode security level.
266 Possible values:
267 TrustSigned - trust bytecode loaded from signed .c[lv]d
268 files and insert runtime safety checks for bytecode loaded
269 from other sources,
270 Paranoid - don't trust any bytecode, insert runtime checks
271 for all.
272 Recommended: TrustSigned, because bytecode in .cvd files already
273 has these checks.
274 Default: TrustSigned
275 BytecodeTimeout NUMBER
277 Set bytecode timeout in milliseconds.
278 Default: 5000
279 BytecodeUnsigned BOOL
281 Allow loading bytecode from outside digitally signed .c[lv]d
282 files. **Caution**: You should NEVER run bytecode signatures
283 from untrusted sources. Doing so may result in arbitrary code
284 execution.
285 Default: no
286 BytecodeMode STRING
288 Set bytecode execution mode.
289 Possible values:
290 Auto - automatically choose JIT if possible, fallback to in‐
291 terpreter
292 ForceJIT - always choose JIT, fail if not possible
293 ForceInterpreter - always choose interpreter
294 Test - run with both JIT and interpreter and compare re‐
295 sults. Make all failures fatal.
296 Default: Auto
297 DetectPUA BOOL
299 Detect Possibly Unwanted Applications.
300 Default: No
301 ExcludePUA CATEGORY
303 Exclude a specific PUA category. This directive can be used mul‐
304 tiple times. See https://docs.clamav.net/faq/faq-pua.html for
305 the complete list of PUA categories.
306 Default: disabled
307 IncludePUA CATEGORY
309 Only include a specific PUA category. This directive can be used
310 multiple times. See https://docs.clamav.net/faq/faq-pua.html for
311 the complete list of PUA categories.
312 Default: disabled
313 HeuristicAlerts BOOL
315 In some cases (eg. complex malware, exploits in graphic files,
316 and others), ClamAV uses special algorithms to provide accurate
317 detection. This option controls the algorithmic detection.
318 Default: yes
319 HeuristicScanPrecedence BOOL
321 Allow heuristic match to take precedence. When enabled, if a
322 heuristic scan (such as phishingScan) detects a possible
323 virus/phishing it will stop scanning immediately. Recommended,
324 saves CPU scan-time. When disabled, virus/phishing detected by
325 heuristic scans will be reported only at the end of a scan. If
326 an archive contains both a heuristically detected virus/phish‐
327 ing, and a real malware, the real malware will be reported. Keep
328 this disabled if you intend to handle "*.Heuristics.*" viruses
329 differently from "real" malware. If a non-heuristically-detected
330 virus (signature-based) is found first, the scan is interrupted
331 immediately, regardless of this config option.
332 Default: no
333 ScanPE BOOL
335 PE stands for Portable Executable - it's an executable file for‐
336 mat used in all 32 and 64-bit versions of Windows operating sys‐
337 tems. This option allows ClamAV to perform a deeper analysis of
338 executable files and it's also required for decompression of
339 popular executable packers such as UPX.
340 If you turn off this option, the original files will still be
341 scanned, but without additional processing.
342 Default: yes
343 ScanELF BOOL
345 Executable and Linking Format is a standard format for UN*X exe‐
346 cutables. This option allows you to control the scanning of ELF
347 files.
348 If you turn off this option, the original files will still be
349 scanned, but without additional processing.
350 Default: yes
351 ScanMail BOOL
353 Enable scanning of mail files.
354 If you turn off this option, the original files will still be
355 scanned, but without parsing individual messages/attachments.
356 Default: yes
357 ScanPartialMessages BOOL
359 Scan RFC1341 messages split over many emails. You will need to
360 periodically clean up $TemporaryDirectory/clamav-partial direc‐
361 tory. WARNING: This option may open your system to a DoS attack.
362 Never use it on loaded servers.
363 Default: no
364 PhishingSignatures BOOL
366 Enable email signature-based phishing detection.
367 Default: yes
368 PhishingScanURLs BOOL
370 Enable URL signature-based phishing detection (Heuristics.Phish‐
371 ing.Email.*)
372 Default: yes
373 StructuredDataDetection BOOL
375 Enable the DLP module.
376 Default: no
377 StructuredMinCreditCardCount NUMBER
379 This option sets the lowest number of Credit Card numbers found
380 in a file to generate a detect.
381 Default: 3
382 StructuredCCOnly BOOL
384 With this option enabled the DLP module will search for valid
385 Credit Card0umbers only. Debit and Private Label cards will not
386 be searched.
387 Default: No
388 StructuredMinSSNCount NUMBER
390 This option sets the lowest number of Social Security Numbers
391 found in a file to generate a detect.
392 Default: 3
393 StructuredSSNFormatNormal BOOL
395 With this option enabled the DLP module will search for valid
396 SSNs formatted as xxx-yy-zzzz.
397 Default: Yes
398 StructuredSSNFormatStripped BOOL
400 With this option enabled the DLP module will search for valid
401 SSNs formatted as xxxyyzzzz.
402 Default: No
403 ScanHTML BOOL
405 Perform HTML/JavaScript/ScriptEncoder normalisation and decryp‐
406 tion.
407 If you turn off this option, the original files will still be
408 scanned, but without additional processing.
409 Default: yes
410 ScanOLE2 BOOL
412 This option enables scanning of OLE2 files, such as Microsoft
413 Office documents and .msi files.
414 If you turn off this option, the original files will still be
415 scanned, but without additional processing.
416 Default: yes
417 ScanPDF BOOL
419 This option enables scanning within PDF files.
420 If you turn off this option, the original files will still be
421 scanned, but without additional processing.
422 Default: yes
423 ScanSWF BOOL
425 This option enables scanning within SWF files.
426 If you turn off this option, the original files will still be
427 scanned, but without decoding and additional processing.
428 Default: yes
429 ScanXMLDOCS BOOL
431 This option enables scanning xml-based document files supported
432 by libclamav.
433 If you turn off this option, the original files will still be
434 scanned, but without additional processing.
435 Default: yes
436 ScanHWP3 BOOL
438 This option enables scanning HWP3 files.
439 If you turn off this option, the original files will still be
440 scanned, but without additional processing.
441 Default: yes
442 ScanArchive BOOL
444 Scan within archives and compressed files.
445 If you turn off this option, the original files will still be
446 scanned, but without unpacking and additional processing.
447 Default: yes
448 AlertBrokenExecutables BOOL
450 Alert on broken executable files (PE & ELF).
451 Default: no
452 AlertBrokenMedia BOOL
454 Alert on broken graphics files (JPEG, TIFF, PNG, GIF).
455 Default: no
456 AlertEncrypted BOOL
458 Alert on encrypted archives and documents (encrypted .zip,
459 .7zip, .rar, .pdf).
460 Default: no
461 AlertEncryptedArchive BOOL
463 Alert on encrypted archives (encrypted .zip, .7zip, .rar).
464 Default: no
465 AlertEncryptedDoc BOOL
467 Alert on encrypted documents (encrypted .pdf).
468 Default: no
469 AlertOLE2Macros BOOL
471 Alert on OLE2 files containing VBA macros (Heuristics.OLE2.Con‐
472 tainsMacros).
473 Default: no
474 AlertExceedsMax BOOL
476 When AlertExceedsMax is set, files exceeding the MaxFileSize,
477 MaxScanSize, or MaxRecursion limit will be flagged with the
478 virus name starting with "Heuristics.Limits.Exceeded".
479 Default: no
480 AlertPhishingSSLMismatch BOOL
482 Alert on emails containing SSL mismatches in URLs (might lead to
483 false positives!).
484 Default: no
485 AlertPhishingCloak BOOL
487 Alert on emails containing cloaked URLs (might lead to some
488 false positives).
489 Default: no
490 AlertPartitionIntersection BOOL
492 Alert on raw DMG image files containing partition intersections.
493 Default: no
494 ForceToDisk
496 This option causes memory or nested map scans to dump the con‐
497 tent to disk.
498 If you turn on this option, more data is written to disk and is
499 available when the leave-temps option is enabled at the cost of
500 more disk writes.
501 Default: no
502 MaxScanTime SIZE
504 This option sets the maximum amount of time a scan may take to
505 complete. The value is in milliseconds. The value of 0 disables
506 the limit. WARNING: disabling this limit or setting it too high
507 may result allow scanning of certain files to lock up the scan‐
508 ning process/threads resulting in a Denial of Service.
509 Default: 12000
510 MaxScanSize SIZE
512 Sets the maximum amount of data to be scanned for each input
513 file. Archives and other containers are recursively extracted
514 and scanned up to this value. The size of an archive plus the
515 sum of the sizes of all files within archive count toward the
516 scan size. For example, a 1M uncompressed archive containing a
517 single 1M inner file counts as 2M toward the max scan size.
518 Warning: disabling this limit or setting it too high may result
519 in severe damage to the system.
520 Default: 100M
521 MaxFileSize SIZE
523 Files larger than this limit won't be scanned. Affects the input
524 file itself as well as files contained inside it (when the input
525 file is an archive, a document or some other kind of container).
526 Warning: disabling this limit or setting it too high may result
527 in severe damage to the system. Technical design limitations
528 prevent ClamAV from scanning files greater than 2 GB at this
529 time.
530 Default: 25M
531 MaxRecursion NUMBER
533 Nested archives are scanned recursively, e.g. if a Zip archive
534 contains a RAR file, all files within it will also be scanned.
535 This options specifies how deeply the process should be contin‐
536 ued. Warning: setting this limit too high may result in severe
537 damage to the system.
538 Default: 17
539 MaxFiles NUMBER
541 Number of files to be scanned within an archive, a document, or
542 any other kind of container. Warning: disabling this limit or
543 setting it too high may result in severe damage to the system.
544 Default: 10000
545 MaxEmbeddedPE SIZE
547 This option sets the maximum size of a file to check for embed‐
548 ded PE.
549 Files larger than this value will skip the additional analysis
550 step.
551 Negative values are not allowed.
552 Default: 10M
553 MaxHTMLNormalize SIZE
555 This option sets the maximum size of a HTML file to normalize.
556 HTML files larger than this value will not be normalized or
557 scanned.
558 Negative values are not allowed.
559 Default: 10M
560 MaxHTMLNoTags SIZE
562 This option sets the maximum size of a normalized HTML file to
563 scan.
564 HTML files larger than this value after normalization will not
565 be scanned.
566 Negative values are not allowed.
567 Default: 2M
568 MaxScriptNormalize SIZE
570 This option sets the maximum size of a script file to normalize.
571 Script content larger than this value will not be normalized or
572 scanned.
573 Negative values are not allowed.
574 Default: 5M
575 MaxZipTypeRcg SIZE
577 This option sets the maximum size of a ZIP file to reanalyze
578 type recognition.
579 ZIP files larger than this value will skip the step to poten‐
580 tially reanalyze as PE.
581 Negative values are not allowed.
582 WARNING: setting this limit too high may result in severe damage
583 or impact performance.
584 Default: 1M
585 MaxPartitions SIZE
587 This option sets the maximum number of partitions of a raw disk
588 image to be scanned.
589 Raw disk images with more partitions than this value will have
590 up to the value partitions scanned.
591 Negative values are not allowed.
592 WARNING: setting this limit too high may result in severe damage
593 or impact performance.
594 Default: 50
595 MaxIconsPE SIZE
597 This option sets the maximum number of icons within a PE to be
598 scanned.
599 PE files with more icons than this value will have up to the
600 value number icons scanned.
601 Negative values are not allowed.
602 WARNING: setting this limit too high may result in severe damage
603 or impact performance.
604 Default: 100
605 MaxRecHWP3 NUMBER
607 This option sets the maximum recursive calls to HWP3 parsing
608 function.
609 HWP3 files using more than this limit will be terminated and
610 alert the user.
611 Scans will be unable to scan any HWP3 attachments if the recur‐
612 sive limit is reached.
613 Negative values are not allowed.
614 WARNING: setting this limit too high may result in severe damage
615 or impact performance.
616 Default: 16
617 PCREMatchLimit NUMBER
619 This option sets the maximum calls to the PCRE match function
620 during an instance of regex matching.
621 Instances using more than this limit will be terminated and
622 alert the user but the scan will continue.
623 For more information on match_limit, see the PCRE documentation.
624 Negative values are not allowed.
625 WARNING: setting this limit too high may severely impact perfor‐
626 mance.
627 Default: 10000
628 PCRERecMatchLimit NUMBER
630 This option sets the maximum recursive calls to the PCRE match
631 function during an instance of regex matching.
632 Instances using more than this limit will be terminated and
633 alert the user but the scan will continue.
634 For more information on match_limit_recursion, see the PCRE doc‐
635 umentation.
636 Negative values are not allowed and values > PCREMatchLimit are
637 superfluous.
638 WARNING: setting this limit too high may severely impact perfor‐
639 mance.
640 Default: 2000
641 PCREMaxFileSize SIZE
643 This option sets the maximum filesize for which PCRE subsigs
644 will be executed.
645 Files exceeding this limit will not have PCRE subsigs executed
646 unless a subsig is encompassed to a smaller buffer.
647 Negative values are not allowed.
648 Setting this value to zero disables the limit.
649 WARNING: setting this limit too high or disabling it may se‐
650 verely impact performance.
651 Default: 25M
652 OnAccessIncludePath STRING
654 This option specifies a directory (including all files and di‐
655 rectories inside it), which should be scanned on access. This
656 option can be used multiple times.
657 Default: disabled
658 OnAccessExcludePath STRING
660 This option allows excluding directories from on-access scan‐
661 ning. It can be used multiple times.
662 Default: disabled
663 OnAccessExcludeRootUID BOOL
665 With this option you can whitelist the root UID (0). Processes
666 run under root will be able to access all files without trigger‐
667 ing scans or permission denied events.
668 Note that if clamd cannot check the uid of the process that gen‐
669 erated an on-access scan event (e.g., because OnAccessPrevention
670 was not enabled, and the process already exited), clamd will
671 perform a scan. Thus, setting OnAccessExcludeRootUID is not
672 guaranteed to prevent every access by the root user from trig‐
673 gering a scan (unless OnAccessPrevention is enabled).
674 Default: no
675 OnAccessExcludeUID NUMBER
677 With this option you can whitelist specific UIDs. Processes with
678 these UIDs will be able to access all files without triggering
679 scans or permission denied events.
680 This option can be used multiple times (one per line).
681 Note: using a value of 0 on any line will disable this option
682 entirely. To whitelist the root UID (0) please enable the OnAc‐
683 cessExcludeRootUID option.
684 Also note that if clamd cannot check the uid of the process that
685 generated an on-access scan event (e.g., because OnAccessPreven‐
686 tion was not enabled, and the process already exited), clamd
687 will perform a scan. Thus, setting OnAccessExcludeUID is not
688 guaranteed to prevent every access by the specified uid from
689 triggering a scan (unless OnAccessPrevention is enabled).
690 Default: disabled
691 OnAccessExcludeUname STRING
693 This option allows exclusions via user names when using the on-
694 access scanning client. It can be used multiple times, and has
695 the same potential race condition limitations of the OnAccessEx‐
696 cludeUID option.
697 Default: disabled
698 OnAccessMaxFileSize SIZE
700 Files larger than this value will not be scanned in on access.
701 Default: 5M
702 OnAccessMaxThreads NUMBER
704 Max number of scanning threads to allocate to the OnAccess
705 thread pool at startup. These threads are the ones responsible
706 for creating a connection with the daemon and kicking off scan‐
707 ning after an event has been processed. To prevent clamonacc
708 from consuming all clamd's resources keep this lower than
709 clamd's max threads.
710 Default: 5
711 OnAccessCurlTimeout NUMBER
713 Max amount of time (in milliseconds) that the OnAccess client
714 should spend for every connect, send, and recieve attempt when
715 communicating with clamd via curl.
716 Default: 5000 (5 seconds)
717 OnAccessMountPath STRING
719 Specifies a mount point (including all files and directories un‐
720 der it), which should be scanned on access. This option can be
721 used multiple times.
722 Default: disabled
723 OnAccessDisableDDD BOOL
725 Disables the dynamic directory determination system which allows
726 for recursively watching include paths.
727 Default: no
728 OnAccessPrevention BOOL
730 Enables fanotify blocking when malicious files are found.
731 Default: disabled
732 OnAccessRetryAttempts NUMBER
734 Number of times the OnAccess client will retry a failed scan due
735 to connection problems (or other issues).
736 Default: 0
737 OnAccessDenyOnError BOOL
739 When using prevention, if this option is turned on, any errors
740 that occur during scanning will result in the event attempt be‐
741 ing denied. This could potentially lead to unwanted system be‐
742 haviour with certain configurations, so the client defaults this
743 to off and prefers allowing access events in case of scan or
744 connection error.
745 Default: no
746 OnAccessExtraScanning BOOL
748 Toggles extra scanning and notifications when a file or direc‐
749 tory is created or moved.
750 Requires the DDD system to kick-off extra scans.
751 Default: no
752 DisableCertCheck BOOL
754 Disable authenticode certificate chain verification in PE files.
755 Default: no
756
758 All options expressing a size are limited to max 4GB. Values in excess
759 will be reset to the maximum.
760
762 /etc/clamd.d/scan.conf
763
765 Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>
766
768 clamd(8), clamdscan(1), clamav-milter(8), freshclam(1), fresh‐
769 clam.conf(5)
770ClamAV 0.103.4 December 4, 2013 clamd.conf(5)