ClamAV Plugin for Kerio Connect 8+
Unfortunately, starting with version 8 of Kerio Connect built-in support for ClamAV has been dropped. Up until this version it was possible to easily setup ClamAV in conjunction with Kerio Connect, as described in Setting up ClamAV for Kerio Connect. Fortunately, Kerio provides a SDK for developing AV plugins, including code for ClamAV. This post describes the steps required to compile and setup the ClamAV plugin using Windows and Cygwin for Kerio Connect 8.
In case you just want to download the compiled version scroll down to the Download section. 32bit and 64bit versions are available.
First of all download the SDK from GitHub and extract it to your Cygwin /home/user directory, e.g. /home/mkerstner/antivirus-sdk-master.
Next we need to compile the ClamAV plugin. Open a Cygwin terminal and open the folder where you’ve just extracted the SDK, e.g. /home/mkerstner/antivirus-sdk-master. For the compilation process to work you need to following tools:
- gcc (gcc-core and gcc-g++)
- boost (libboost-devel and runtime)
Please refer to the README included in the SDK for further information regarding the setup process of these tools. Once you’ve installed these tools (via your Cygwin setup.exe) you are ready to compile the plugin. Note this guide has been tested to work with gcc 3.4.4, cmake 2.8.9-2, make 3.82.90-1 and libboost 1.48.0-1 on Cygwin setup.exe version 2.774 on a Windows 7 64bit machine.
1. run CMake
From withing the clam folder of your SDK directory run cmake as follows:
mkerstner@Homer ~/antivirus-sdk-master/clam $ cmake . -- The C compiler identification is GNU 4.5.3 -- The CXX compiler identification is GNU 4.5.3 CMake Warning at /usr/share/cmake-2.8.9/Modules/Platform/CYGWIN.cmake:15 (message): CMake no longer defines WIN32 on Cygwin! (1) If you are just trying to build this project, ignore this warning or quiet it by setting CMAKE_LEGACY_CYGWIN_WIN32=0 in your environment or in the CMake cache. If later configuration or build errors occur then this project may have been written under the assumption that Cygwin is WIN32. In that case, set CMAKE_LEGACY_CYGWIN_WIN32=1 instead. (2) If you are developing this project, add the line set(CMAKE_LEGACY_CYGWIN_WIN32 0) # Remove when CMake >= 2.8.4 is required at the top of your top-level CMakeLists.txt file or set the minimum required version of CMake to 2.8.4 or higher. Then teach your project to build on Cygwin without WIN32. Call Stack (most recent call first): /usr/share/cmake-2.8.9/Modules/CMakeSystemSpecificInformation.cmake:36 (INCLUD E) CMakeLists.txt:1 (PROJECT) -- Check for working C compiler: /usr/bin/gcc.exe -- Check for working C compiler: /usr/bin/gcc.exe -- works -- Detecting C compiler ABI info -- Detecting C compiler ABI info - done -- Check for working CXX compiler: /usr/bin/c++.exe -- Check for working CXX compiler: /usr/bin/c++.exe -- works -- Detecting CXX compiler ABI info -- Detecting CXX compiler ABI info - done cygwin warning: MS-DOS style path detected: C:/boost/lib Preferred POSIX equivalent is: /cygdrive/c/boost/lib CYGWIN environment variable option "nodosfilewarning" turns off this warning. Consult the user's guide for more details about POSIX paths: http://cygwin.com/cygwin-ug-net/using.html#using-pathnames -- Boost version: 1.48.0 -- Found the following Boost libraries: -- thread -- filesystem -- system -- date_time -- regex -- chrono -- Configuring done -- Generating done -- Build files have been written to: /home/Anmat/antivirus-sdk-master/clam
2. Run make
Once all dependencies have been satisfied it’s time to run make to start the compilation process:
mkerstner@Homer ~/antivirus-sdk-master/clam $ make all Scanning dependencies of target avir_clam [ 33%] Building CXX object CMakeFiles/avir_clam.dir/avPlugin.cpp.o [ 66%] Building CXX object CMakeFiles/avir_clam.dir/ClamPlugin.cpp.o [100%] Building C object CMakeFiles/avir_clam.dir/home/Anmat/antivirus-sdk-master/api/avCommon.c.o Linking CXX shared library avir_clam.dll Creating library file: libavir_clam.dll.a [100%] Built target avir_clam
Done! The plugin was successfully compiled.
Copy Plugin to Plugin Container
In order for Kerio Connect to recognize the plugin we need to copy the the compiled plugin to Kerio’s AV connect plugin dir. Thus, copy avir_clam.dll and libavir_clam.dll.a to your Kerio installation folder, e.g. C:Program Files (x86)KerioMailServerpluginsAvirs Be sure to restart Kerio Connect server afterwards.
Setting up the Plugin
In versions prior to 8 external antivirus plugins could be easily selected via the “Use external antivirus” option in the administration web console. It seems like this option has been made invisible by default. Luckily, you can still edit this option in mailserver.cfg directly:
<table name="Antivir"> <variable name="AvirEnabled">0</variable> <variable name="UsedInternal">0</variable> <variable name="UseMcAfee">0</variable> <variable name="UsedPlugin">avir_clam</variable> <variable name="EnabledExtAV">avir_clam</variable> <variable name="JpegEnabled">1</variable> <variable name="AdminNotify"></variable> <variable name="AdminNotifyFiltered"></variable> <variable name="Bounce">1</variable> <variable name="RemoveAttachments">1</variable> <variable name="InsertSubjectPrefix">0</variable> <variable name="SubjectPrefix">**VIRUS**</variable> <variable name="CheckImpossibleMode">1</variable> <variable name="DelayIfFailed">1</variable> <variable name="UpdateInterval">6</variable> <variable name="UpdateDatabaseTime">0</variable> <variable name="UpdateLastCheck">0</variable> <variable name="ShortTimeout">60</variable> <variable name="LongTimeout">120</variable> <variable name="UpdateTimeout">3600</variable> <variable name="RestartWait">300</variable> <variable name="MaxScanningThreads">8</variable> </table>
The options you need to edit are:
<variable name="UsedPlugin">avir_clam</variable> <variable name="EnabledExtAV">avir_clam</variable>
Be sure to restart the server again. Finally, open the administration web interface and select your shiny new ClamAV plugin from the external antivirus plugins selection box: You will get a warning message upon startup saying that support for external plugins will be discountinued: You can ignore this warning. The plugin should work as expected. That’s it! Enjoy 🙂