Clamav:ConfigurationOptions

From SME Server
Revision as of 14:44, 2 December 2020 by ReetP (talk | contribs) (A list of ClamAV options and their defaults)
Jump to navigation Jump to search

ClamAv Options

Configuration options for ClamAV 0.102.4

Note that 'Default' comes before the option

List of Options

Default: disabled

LogFile /var/log/clamd.scan

Default: no

LogFileUnlock yes

Default: 1M

LogFileMaxSize 2M

Default: no

LogTime yes

Default: no

LogClean yes

Default: no

LogSyslog yes

Default: LOG_LOCAL6

LogFacility LOG_MAIL

Default: no

LogVerbose yes

Default: no

LogRotate yes

Default: no

PreludeEnable yes

Default: ClamAV

PreludeAnalyzerName ClamAV

ExtendedDetectionInfo yes

Default: disabled

PidFile /run/clamd.scan/clamd.pid

Default: system specific (usually /tmp or /var/tmp).

TemporaryDirectory /var/tmp

Default: hardcoded (depends on installation options)

DatabaseDirectory /var/lib/clamav

Default: no

OfficialDatabaseOnly no

Default: disabled (must be specified by a user)

LocalSocket /run/clamd.scan/clamd.sock

Default: disabled (the primary group of the user running clamd)

LocalSocketGroup virusgroup

Default: disabled (socket is world accessible)

LocalSocketMode 660

Default: yes

FixStaleSocket yes

Default: no

TCPSocket 3310

Default: no

TCPAddr 127.0.0.1

Default: 200

MaxConnectionQueueLength 30

Default: 25M

StreamMaxLength 10M

Default: 1024

StreamMinPort 30000

Default: 2048

StreamMaxPort 32000

Default: 10

MaxThreads 20

Default: 120

ReadTimeout 300

Default: 30

CommandReadTimeout 30

Default: 500

SendBufTimeout 200

Default: 100

MaxQueue 200

Default: 30

IdleTimeout 60

Default: scan all

ExcludePath ^/proc/

ExcludePath ^/sys/

Default: 15

MaxDirectoryRecursion 20

Default: no

FollowDirectorySymlinks yes

Default: no

FollowFileSymlinks yes

Default: yes

CrossFilesystems yes

Default: 600 (10 min)

SelfCheck 600

Default: no

VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"

Default: don't drop privileges

User clamscan

ExitOnOOM yes

Default: no

Foreground yes

Default: no

Debug yes

Default: no

LeaveTemporaryFiles yes

Default: yes

AllowAllMatchScan no

Default: no

DetectPUA yes

Default: Load all categories (if DetectPUA is activated)

ExcludePUA NetTool

ExcludePUA PWTool

Default: Load all categories (if DetectPUA is activated)

IncludePUA Spy

IncludePUA Scanner

IncludePUA RAT

ForceToDisk yes

Default, the engine will store an MD5 in a cache of any files that are

Default: no

DisableCache yes

Default: yes

HeuristicAlerts yes

Default: no

HeuristicScanPrecedence yes

Default: no

AlertBrokenExecutables yes

Default: no

AlertEncrypted yes

Default: no

AlertEncryptedArchive yes

Default: no

AlertEncryptedDoc yes

Default: no

AlertOLE2Macros yes

Default: no

AlertPhishingSSLMismatch yes

Default: no

AlertPhishingCloak yes

Default: no

AlertPartitionIntersection yes

Default: yes

ScanPE yes

Default: no

DisableCertCheck yes

Default: yes

ScanELF yes

Default: yes

ScanOLE2 yes

Default: yes

ScanPDF yes

Default: yes

ScanSWF yes

Default: yes

ScanXMLDOCS yes

Default: yes

ScanHWP3 yes

Default: yes

ScanMail yes

Default: no

ScanPartialMessages yes

Default: yes

PhishingSignatures no

Default: yes

PhishingScanURLs no

Default: No

StructuredDataDetection yes

Default: 3

StructuredMinCreditCardCount 5

Default: 3

StructuredMinSSNCount 5

Default: yes

StructuredSSNFormatNormal yes

Default: no

StructuredSSNFormatStripped yes

Default: yes

ScanHTML yes

Default: yes

ScanArchive yes

Default: 120000

MaxScanTime 300000

Default: 100M

MaxScanSize 150M

Default: 25M

MaxFileSize 30M

Default: 16

Default: 10000

MaxFiles 15000

Default: 10M

Default: 10M

MaxHTMLNormalize 10M

Default: 2M

MaxHTMLNoTags 2M

Default: 5M

MaxScriptNormalize 5M

Default: 1M

MaxZipTypeRcg 1M

Default: 50

MaxPartitions 128

Default: 100

MaxIconsPE 200

Default: 16

MaxRecHWP3 16

Default: 100000

PCREMatchLimit 20000

Default: 2000

PCRERecMatchLimit 10000

Default: 25M

PCREMaxFileSize 100M

Default: no

AlertExceedsMax yes

Default: 5M

OnAccessMaxFileSize 10M

Default: 5

OnAccessMaxThreads 10

Default: 5000 (5 seconds)

OnAccessCurlTimeout 10000

Default: no

OnAccessDisableDDD yes

Default: disabled

OnAccessIncludePath /home

OnAccessIncludePath /students

Default: disabled

OnAccessExcludePath /home/user

Default: no

OnAccessPrevention yes

Default: no

OnAccessDenyOnError yes

Default: no

OnAccessExtraScanning yes

Default: disabled

OnAccessMountPath /

OnAccessMountPath /home/user

Default: no

OnAccessExcludeRootUID no

Default: disabled

OnAccessExcludeUID -1

Default: disabled

OnAccessExcludeUname clamav

Default: 0

OnAccessRetryAttempts 3

Default: yes

Bytecode yes

Default: TrustSigned

BytecodeSecurity TrustSigned

Default: 5000

BytecodeTimeout 1000