.\" Manual page created by Tomasz Kojm, 20021001.

 .TH "clamd.conf" "5" "September 27, 2004" "Tomasz Kojm" "Clam AntiVirus"

 .SH "NAME"
 .LP 

 \fBclamd.conf\fR \- Configuration file for Clam AntiVirus Daemon

 .SH "DESCRIPTION"
 .LP 
 clamd.conf configures the Clam AntiVirus daemon, clamd(8).
 .SH "FILE FORMAT"

 The file consists of comments and options with arguments. Each line that starts with a hash (\fB#\fR) symbol is a comment. Options and arguments are case sensitive and of the form \fBOption Argument\fR. The (possibly optional) arguments are are of the following types:

 .TP 
 \fBSTRING\fR
 String without blank characters.
 .TP 
 \fBSIZE\fR

 Size in bytes. You can use 'M' or 'm' modifiers for megabytes and 'K' or 'k' for kilobytes.

 .TP 
 \fBNUMBER\fR
 Unsigned integer.
 .SH "DIRECTIVES"
 .LP 

 When an option is not used (hashed or doesn't exist in the configuration file) clamd takes a default action.

 .TP 
 \fBExample\fR
 If this option is set clamd will not run.
 .TP 
 \fBLogFile STRING\fR
 Enable logging to selected file.
 .br 

 Default: disabled

 .TP 
 \fBLogFileUnlock\fR
 Disable a system lock that protects against running clamd with a same configuration file multiple times.
 .br 

 Default: disabled

 .TP 
 \fBLogFileMaxSize SIZE\fR

 Limit the size of a log file. The logger will be automatically disabled  if the file is greater than SIZE. Value of 0 disables the limit.

 .br 
 Default: 1M
 .TP 
 \fBLogTime\fR
 Log time with each message.
 .br 

 Default: disabled

 .TP 
 \fBLogClean\fR
 Log clean files.
 .br 

 Default: disabled

 .TP 
 \fBLogSyslog\fR
 Use system logger (can work together with LogFile).
 .br 

 Default: disabled
 .TP 
 \fBLogFacility\fR
 Specify the type of syslog messages \- please refer to 'man syslog' for facility names.
 .br 
 Default: LOG_LOCAL6

 .TP 
 \fBLogVerbose\fR
 Enable verbose logging.
 .br 

 Default: disabled

 .TP 
 \fBPidFile STRING\fR

 Save the process identifier of a listening daemon (main thread) to a specified file.

 .br 

 Default: disabled

 .TP 
 \fBDatabaseDirectory STRING\fR
 Path to a directory containing database files.
 .br 

 Default: @DBDIR@

 .TP 
 \fBLocalSocket STRING\fR
 Path to a local (Unix) socket the daemon will listen on.
 .br 

 Default: disabled

 .TP 
 \fBFixStaleSocket\fR
 Remove stale socket after unclean shutdown.
 .br 

 Default: disabled

 .TP 
 \fBTCPSocket NUMBER\fR
 TCP port number the daemon will listen on.
 .br 

 Default: disabled

 .TP 
 \fBTCPAddr STRING\fR
 TCP address to bind to. By default clamd binds to INADDR_ANY.
 .br 

 Default: disabled

 .TP 
 \fBMaxConnectionQueueLength NUMBER\fR
 Maximum length the queue of pending connections may grow to.
 .br 
 Default: 15
 .TP 
 \fBMaxThreads NUMBER\fR
 Maximal number of threads running at the same time.
 .br 

 Default: 10

 .TP 

 \fBReadTimeout NUMBER\fR
 Waiting for data from a client socket will timeout after this time (seconds).

 .br 

 Default: 120

 .TP 
 \fBMaxDirectoryRecursion NUMBER\fR

 Maximal depth directories are scanned at.

 .br 

 Default: 15

 .TP 
 \fBFollowDirectorySymlinks\fR

 Follow directory symlinks.

 .br 

 Default: disabled

 .TP 
 \fBFollowFileSymlinks\fR
 Follow regular file symlinks.
 .br 

 Default: disabled

 .TP 
 \fBSelfCheck NUMBER\fR

 Do internal sanity checks every NUMBER seconds.

 .br 

 Default: 1800

 .TP 
 \fBVirusEvent COMMAND\fR
 Execute the COMMAND when virus is found. In the command string %v will be replaced by a virus name.
 \fR
 .br 

 Default: disabled

 .TP 

 \fBExitOnOOM\fR
 Stop deamon when libclamav reports out of memory condition.
 .br 
 Default: disabled
 .TP 
 .TP 

 \fBUser STRING\fR

 Run as selected user.

 .br 

 Default: disabled

 .TP 
 \fBAllowSupplementaryGroups\fR

 Initialize supplementary group access (clamd must be started by root).

 .br 

 Default: disabled

 .TP 
 \fBForeground\fR

 Don't fork into background.

 .br 

 Default: disabled

 .TP 
 \fBDebug\fR

 Enable debug messages from libclamav.

 .TP 
 \fBStreamMaxLength SIZE\fR
 Close the connection when this limit is exceeded.
 .br 

 Default: 10M
 .TP 
 \fBDisableDefaultScanOptions\fR
 By default clamd uses scan options recommended by libclamav. This option disables recommended options and allows you to enable selected options. DO NOT ENABLE IT unless you know what you are doing.
 .br 
 Default: disabled

 .TP 
 \fBScanPE\fR
 PE stands for Portable Executable \- it's an executable file format used in all 32\-bit versions of Windows operating systems. This option allows ClamAV to perform a deeper analysis of executable files and it's also required for decompression of popular executable packers such as UPX.
 .br 

 Default: enabled

 .TP 
 \fBDetectBrokenExecutables\fR

 With this option clamd will try to detect broken executables and mark them as Broken.Executable.

 .br 

 Default: disabled

 .TP 
 \fBScanOLE2\fR
 Enables scanning of Microsoft Office document macros.
 .br 

 Default: enabled

 .TP 
 \fBScanHTML\fR
 Enables HTML detection and normalisation.
 .br 

 Default: enabled

 .TP 
 \fBScanMail\fR
 Enable scanning of mail files.
 .br 

 Default: enabled

 .TP 
 \fBMailFollowURLs\fR
 If an email contains URLs ClamAV can download and scan them. \fBWARNING: This option may open your system to a DoS attack. Never use it on loaded servers.\fR
 .br 

 Default: disabled

 .TP 
 \fBScanArchive\fR
 Enable archive scanning.
 .br 

 Default: enabled

 .TP 

 \fBScanRAR\fR
 Enable scanning of RAR archives. Due to license issues libclamav does not support RAR 3.0 archives (only the old 2.0 format is supported). Because some users report stability problems with unrarlib it's disabled by default and must be enabled in the config file.
 .br 
 Default: disabled
 .TP 

 \fBArchiveMaxFileSize SIZE\fR
 Files in archives larger than this limit won't be scanned. Value of 0 disables the limit.
 .br 
 Default: 10M
 .TP 
 \fBArchiveMaxRecursion NUMBER\fR
 Limit archive recursion level. Value of 0 disables the limit.
 .br 
 Default: 5
 .TP 
 \fBArchiveMaxFiles NUMBER\fR
 Number of files to be scanned within archive. Value of 0 disables the limit.
 .br 
 Default: 1000
 .TP 
 \fBArchiveMaxCompressionRatio NUMBER\fR

 Analyze compression ratio of every file in an archive and mark potential archive bombs as viruses (0 disables the limit).

 .br 

 Default: 250

 .TP 
 \fBArchiveLimitMemoryUsage\fR
 Use slower decompression algorithm which uses less memory. This option affects bzip2 decompressor only.
 .br 
 Default: disabled
 .TP 
 \fBArchiveBlockEncrypted\fR
 Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
 .br 
 Default: disabled
 .TP 
 \fBArchiveBlockMax\fR

 Mark archives as viruses (e.g RAR.ExceededFileSize, Zip.ExceededFilesLimit) if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is reached.

 .br 
 Default: disabled
 .TP 
 \fBClamukoScanOnLine\fR
 Enable Clamuko \- on\-access scanner for Linux. Dazuko must be already running.
 .br 

 Default: disabled

 .TP 
 \fBClamukoScanOnOpen\fR

 Scan files on open.

 .br 

 Default: disabled

 .TP 
 \fBClamukoScanOnClose\fR

 Scan files on close.

 .br 
 Default: disabled.
 .TP 
 \fBClamukoScanOnExec\fR

 Scan files on execute.

 .br 

 Default: disabled

 .TP 
 \fBClamukoIncludePath STRING\fR

 Set the include paths (all files and directories in them will be scanned). You can have multiple ClamukoIncludePath directives but each directory must be added in a seperate line).

 .br 

 Default: disabled

 .TP 
 \fBClamukoExcludePath\fR

 Set the exclude paths. All subdirectories will also be excluded.

 .br 

 Default: disabled

 .TP 
 \fBClamukoMaxFileSize SIZE\fR
 Don't scan files larger than SIZE.
 .br 
 Default: 5M
 .TP 
 \fBClamukoScanArchive\fR
 Enable archive scanning. It uses ArchiveMax* limits.
 .br 

 Default: disabled

 .SH "FILES"
 .LP 
 @CFGDIR@/clamd.conf
 .SH "AUTHOR"
 .LP 
 Tomasz Kojm <tkojm@clamav.net>
 .SH "SEE ALSO"
 .LP 
 clamd(8), clamdscan(1), clamscan(1), freshclam(1), sigtool(1), clamav\-milter(8)