Tune sample configs to be more readable and fit into normal 80 chars wide
console
... | ... |
@@ -33,7 +33,8 @@ Example |
33 | 33 |
# Default: yes |
34 | 34 |
#FixStaleSocket yes |
35 | 35 |
|
36 |
-# Run as another user (clamav-milter must be started by root for this option to work) |
|
36 |
+# Run as another user (clamav-milter must be started by root for this option |
|
37 |
+# to work) |
|
37 | 38 |
# |
38 | 39 |
# Default: unset (don't drop privileges) |
39 | 40 |
#User clamav |
... | ... |
@@ -50,7 +51,8 @@ Example |
50 | 50 |
#Foreground yes |
51 | 51 |
|
52 | 52 |
# Chroot to the specified directory. |
53 |
-# Chrooting is performed just after reading the config file and before dropping privileges. |
|
53 |
+# Chrooting is performed just after reading the config file and before |
|
54 |
+# dropping privileges. |
|
54 | 55 |
# |
55 | 56 |
# Default: unset (don't chroot) |
56 | 57 |
#Chroot /newroot |
... | ... |
@@ -82,7 +84,8 @@ Example |
82 | 82 |
# ClamdSocket tcp:192.168.0.1 |
83 | 83 |
# |
84 | 84 |
# This option can be repeated several times with different sockets or even |
85 |
-# with the same socket: clamd servers will be selected in a round-robin fashion. |
|
85 |
+# with the same socket: clamd servers will be selected in a round-robin |
|
86 |
+# fashion. |
|
86 | 87 |
# |
87 | 88 |
# Default: no default |
88 | 89 |
#ClamdSocket tcp:scanner.mydomain:7357 |
... | ... |
@@ -188,7 +191,8 @@ Example |
188 | 188 |
# Default: disabled |
189 | 189 |
#ReportHostname my.mail.server.name |
190 | 190 |
|
191 |
-# Execute a command (possibly searching PATH) when an infected message is found. |
|
191 |
+# Execute a command (possibly searching PATH) when an infected message is |
|
192 |
+# found. |
|
192 | 193 |
# The following parameters are passed to the invoked program in this order: |
193 | 194 |
# virus name, queue id, sender, destination, subject, message id, message date. |
194 | 195 |
# Note #1: this requires MTA macroes to be available (see LogInfected below) |
... | ... |
@@ -265,7 +269,8 @@ Example |
265 | 265 |
# Default: disabled |
266 | 266 |
#LogInfected Basic |
267 | 267 |
|
268 |
-# This option allows to tune what is logged when no threat is found in a scanned message. |
|
268 |
+# This option allows to tune what is logged when no threat is found in |
|
269 |
+# a scanned message. |
|
269 | 270 |
# See LogInfected for possible values and caveats. |
270 | 271 |
# Useful in debugging but drastically increases the log size. |
271 | 272 |
# Default: disabled |
... | ... |
@@ -281,7 +286,8 @@ Example |
281 | 281 |
# then one line is logged for each recipient and the command indicated |
282 | 282 |
# by VirusAction is also executed once for each recipient. |
283 | 283 |
# |
284 |
-# Note: although it's probably a good idea to enable this option, the default value |
|
284 |
+# Note: although it's probably a good idea to enable this option, the default |
|
285 |
+# value |
|
285 | 286 |
# is currently set to off for legacy reasons. |
286 | 287 |
# Default: no |
287 | 288 |
#SupportMultipleRecipients yes |
... | ... |
@@ -148,17 +148,21 @@ Example |
148 | 148 |
# Default: 5 |
149 | 149 |
#CommandReadTimeout 5 |
150 | 150 |
|
151 |
-# This option specifies how long to wait (in milliseconds) if the send buffer is full. |
|
151 |
+# This option specifies how long to wait (in milliseconds) if the send buffer |
|
152 |
+# is full. |
|
152 | 153 |
# Keep this value low to prevent clamd hanging |
153 | 154 |
# |
154 | 155 |
# Default: 500 |
155 | 156 |
#SendBufTimeout 200 |
156 | 157 |
|
157 |
-# Maximum number of queued items (including those being processed by MaxThreads threads) |
|
158 |
+# Maximum number of queued items (including those being processed by |
|
159 |
+# MaxThreads threads) |
|
158 | 160 |
# It is recommended to have this value at least twice MaxThreads if possible. |
159 |
-# WARNING: you shouldn't increase this too much to avoid running out of file descriptors, |
|
161 |
+# WARNING: you shouldn't increase this too much to avoid running out of file |
|
162 |
+# descriptors, |
|
160 | 163 |
# the following condition should hold: |
161 |
-# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024) |
|
164 |
+# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual |
|
165 |
+# max is 1024) |
|
162 | 166 |
# |
163 | 167 |
# Default: 100 |
164 | 168 |
#MaxQueue 200 |
... | ... |
@@ -263,8 +267,8 @@ Example |
263 | 263 |
## |
264 | 264 |
|
265 | 265 |
# PE stands for Portable Executable - it's an executable file format used |
266 |
-# in all 32 and 64-bit versions of Windows operating systems. This option allows |
|
267 |
-# ClamAV to perform a deeper analysis of executable files and it's also |
|
266 |
+# in all 32 and 64-bit versions of Windows operating systems. This option |
|
267 |
+# allows ClamAV to perform a deeper analysis of executable files and it's also |
|
268 | 268 |
# required for decompression of popular executable packers such as UPX, FSG, |
269 | 269 |
# and Petite. If you turn off this option, the original files will still be |
270 | 270 |
# scanned, but without additional processing. |
... | ... |
@@ -346,7 +350,8 @@ Example |
346 | 346 |
#ScanMail yes |
347 | 347 |
|
348 | 348 |
# Scan RFC1341 messages split over many emails. |
349 |
-# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory. |
|
349 |
+# You will need to periodically clean up $TemporaryDirectory/clamav-partial |
|
350 |
+# directory. |
|
350 | 351 |
# WARNING: This option may open your system to a DoS attack. |
351 | 352 |
# Never use it on loaded servers. |
352 | 353 |
# Default: no |
... | ... |
@@ -381,9 +386,9 @@ Example |
381 | 381 |
# When enabled, if a heuristic scan (such as phishingScan) detects |
382 | 382 |
# a possible virus/phish it will stop scan immediately. Recommended, saves CPU |
383 | 383 |
# scan-time. |
384 |
-# When disabled, virus/phish detected by heuristic scans will be reported only at |
|
385 |
-# the end of a scan. If an archive contains both a heuristically detected |
|
386 |
-# virus/phish, and a real malware, the real malware will be reported |
|
384 |
+# When disabled, virus/phish detected by heuristic scans will be reported |
|
385 |
+# only at the end of a scan. If an archive contains both a heuristically |
|
386 |
+# detected virus/phish, and a real malware, the real malware will be reported. |
|
387 | 387 |
# |
388 | 388 |
# Keep this disabled if you intend to handle "*.Heuristics.*" viruses |
389 | 389 |
# differently from "real" malware. |
... | ... |
@@ -456,9 +461,10 @@ Example |
456 | 456 |
# The options below protect your system against Denial of Service attacks |
457 | 457 |
# using archive bombs. |
458 | 458 |
|
459 |
-# This option sets the maximum amount of data to be scanned for each input file. |
|
460 |
-# Archives and other containers are recursively extracted and scanned up to this |
|
461 |
-# value. |
|
459 |
+# This option sets the maximum amount of data to be scanned for each input |
|
460 |
+# file. |
|
461 |
+# Archives and other containers are recursively extracted and scanned up to |
|
462 |
+# this value. |
|
462 | 463 |
# Value of 0 disables the limit |
463 | 464 |
# Note: disabling this limit or setting it too high may result in severe damage |
464 | 465 |
# to the system. |
... | ... |
@@ -524,54 +530,68 @@ Example |
524 | 524 |
# Default: 1M |
525 | 525 |
#MaxZipTypeRcg 1M |
526 | 526 |
|
527 |
-# This option sets the maximum number of partitions of a raw disk image to be scanned. |
|
528 |
-# Raw disk images with more partitions than this value will have up to the value number |
|
529 |
-# partitions scanned. Negative values are not allowed. |
|
530 |
-# Note: setting this limit too high may result in severe damage or impact performance. |
|
527 |
+# This option sets the maximum number of partitions of a raw disk image to be |
|
528 |
+# scanned. |
|
529 |
+# Raw disk images with more partitions than this value will have up to |
|
530 |
+# the value number partitions scanned. Negative values are not allowed. |
|
531 |
+# Note: setting this limit too high may result in severe damage or impact |
|
532 |
+# performance. |
|
531 | 533 |
# Default: 50 |
532 | 534 |
#MaxPartitions 128 |
533 | 535 |
|
534 | 536 |
# This option sets the maximum number of icons within a PE to be scanned. |
535 |
-# PE files with more icons than this value will have up to the value number icons scanned. |
|
537 |
+# PE files with more icons than this value will have up to the value number |
|
538 |
+# icons scanned. |
|
536 | 539 |
# Negative values are not allowed. |
537 |
-# WARNING: setting this limit too high may result in severe damage or impact performance. |
|
540 |
+# WARNING: setting this limit too high may result in severe damage or impact |
|
541 |
+# performance. |
|
538 | 542 |
# Default: 100 |
539 | 543 |
#MaxIconsPE 200 |
540 | 544 |
|
541 |
-# This option sets the maximum recursive calls for HWP3 parsing during scanning. |
|
542 |
-# HWP3 files using more than this limit will be terminated and alert the user. |
|
543 |
-# Scans will be unable to scan any HWP3 attachments if the recursive limit is reached. |
|
545 |
+# This option sets the maximum recursive calls for HWP3 parsing during |
|
546 |
+# scanning. HWP3 files using more than this limit will be terminated and |
|
547 |
+# alert the user. |
|
548 |
+# Scans will be unable to scan any HWP3 attachments if the recursive limit |
|
549 |
+# is reached. |
|
544 | 550 |
# Negative values are not allowed. |
545 |
-# WARNING: setting this limit too high may result in severe damage or impact performance. |
|
551 |
+# WARNING: setting this limit too high may result in severe damage or impact |
|
552 |
+# performance. |
|
546 | 553 |
# Default: 16 |
547 | 554 |
#MaxRecHWP3 16 |
548 | 555 |
|
549 |
-# This option sets the maximum calls to the PCRE match function during an instance of regex matching. |
|
550 |
-# Instances using more than this limit will be terminated and alert the user but the scan will continue. |
|
556 |
+# This option sets the maximum calls to the PCRE match function during |
|
557 |
+# an instance of regex matching. |
|
558 |
+# Instances using more than this limit will be terminated and alert the user |
|
559 |
+# but the scan will continue. |
|
551 | 560 |
# For more information on match_limit, see the PCRE documentation. |
552 | 561 |
# Negative values are not allowed. |
553 | 562 |
# WARNING: setting this limit too high may severely impact performance. |
554 | 563 |
# Default: 100000 |
555 | 564 |
#PCREMatchLimit 20000 |
556 | 565 |
|
557 |
-# This option sets the maximum recursive calls to the PCRE match function during an instance of regex matching. |
|
558 |
-# Instances using more than this limit will be terminated and alert the user but the scan will continue. |
|
566 |
+# This option sets the maximum recursive calls to the PCRE match function |
|
567 |
+# during an instance of regex matching. |
|
568 |
+# Instances using more than this limit will be terminated and alert the user |
|
569 |
+# but the scan will continue. |
|
559 | 570 |
# For more information on match_limit_recursion, see the PCRE documentation. |
560 | 571 |
# Negative values are not allowed and values > PCREMatchLimit are superfluous. |
561 | 572 |
# WARNING: setting this limit too high may severely impact performance. |
562 | 573 |
# Default: 5000 |
563 | 574 |
#PCRERecMatchLimit 10000 |
564 | 575 |
|
565 |
-# This option sets the maximum filesize for which PCRE subsigs will be executed. |
|
566 |
-# Files exceeding this limit will not have PCRE subsigs executed unless a subsig is encompassed to a smaller buffer. |
|
576 |
+# This option sets the maximum filesize for which PCRE subsigs will be |
|
577 |
+# executed. Files exceeding this limit will not have PCRE subsigs executed |
|
578 |
+# unless a subsig is encompassed to a smaller buffer. |
|
567 | 579 |
# Negative values are not allowed. |
568 | 580 |
# Setting this value to zero disables the limit. |
569 |
-# WARNING: setting this limit too high or disabling it may severely impact performance. |
|
581 |
+# WARNING: setting this limit too high or disabling it may severely impact |
|
582 |
+# performance. |
|
570 | 583 |
# Default: 25M |
571 | 584 |
#PCREMaxFileSize 100M |
572 | 585 |
|
573 |
-# When BlockMax is set, files exceeding the MaxFileSize, MaxScanSize, or MaxRecursion limit will be flagged |
|
574 |
-# with the virus "Heuristic.Limits.Exceeded". |
|
586 |
+# When BlockMax is set, files exceeding the MaxFileSize, MaxScanSize, or |
|
587 |
+# MaxRecursion limit will be flagged with the virus |
|
588 |
+# "Heuristic.Limits.Exceeded". |
|
575 | 589 |
# Default: no |
576 | 590 |
#BlockMax yes |
577 | 591 |
|
... | ... |
@@ -584,9 +604,10 @@ Example |
584 | 584 |
# Default: no |
585 | 585 |
#ScanOnAccess yes |
586 | 586 |
|
587 |
-# Set the mount point to be scanned. The mount point specified, or the mount point |
|
588 |
-# containing the specified directory will be watched. If any directories are specified, |
|
589 |
-# this option will preempt the DDD system. This will notify only. It can be used multiple times. |
|
587 |
+# Set the mount point to be scanned. The mount point specified, or the mount |
|
588 |
+# point containing the specified directory will be watched. If any directories |
|
589 |
+# are specified, this option will preempt the DDD system. This will notify |
|
590 |
+# only. It can be used multiple times. |
|
590 | 591 |
# (On-access scan only) |
591 | 592 |
# Default: disabled |
592 | 593 |
#OnAccessMountPath / |
... | ... |
@@ -624,8 +645,9 @@ Example |
624 | 624 |
# will be able to access all files without triggering scans or permission |
625 | 625 |
# denied events. |
626 | 626 |
# This option can be used multiple times (one per line). |
627 |
-# Using a value of 0 on any line will disable this option entirely. To whitelist |
|
628 |
-# the root UID (0) please enable the OnAccessExcludeRootUID option. |
|
627 |
+# Using a value of 0 on any line will disable this option entirely. |
|
628 |
+# To whitelist the root UID (0) please enable the OnAccessExcludeRootUID |
|
629 |
+# option. |
|
629 | 630 |
# Also note that if clamd cannot check the uid of the process that generated an |
630 | 631 |
# on-access scan event (e.g., because OnAccessPrevention was not enabled, and |
631 | 632 |
# the process already exited), clamd will perform a scan. Thus, setting |
... | ... |
@@ -634,7 +656,8 @@ Example |
634 | 634 |
# Default: disabled |
635 | 635 |
#OnAccessExcludeUID -1 |
636 | 636 |
|
637 |
-# Toggles dynamic directory determination. Allows for recursively watching include paths. |
|
637 |
+# Toggles dynamic directory determination. Allows for recursively watching |
|
638 |
+# include paths. |
|
638 | 639 |
# (On-access scan only) |
639 | 640 |
# Default: no |
640 | 641 |
#OnAccessDisableDDD yes |
... | ... |
@@ -646,7 +669,8 @@ Example |
646 | 646 |
# Default: no |
647 | 647 |
#OnAccessPrevention yes |
648 | 648 |
|
649 |
-# Toggles extra scanning and notifications when a file or directory is created or moved. |
|
649 |
+# Toggles extra scanning and notifications when a file or directory is |
|
650 |
+# created or moved. |
|
650 | 651 |
# Requires the DDD system to kick-off extra scans. |
651 | 652 |
# (On-access scan only) |
652 | 653 |
# Default: no |
... | ... |
@@ -657,18 +681,22 @@ Example |
657 | 657 |
## |
658 | 658 |
|
659 | 659 |
# With this option enabled ClamAV will load bytecode from the database. |
660 |
-# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses. |
|
660 |
+# It is highly recommended you keep this option on, otherwise you'll miss |
|
661 |
+# detections for many new viruses. |
|
661 | 662 |
# Default: yes |
662 | 663 |
#Bytecode yes |
663 | 664 |
|
664 | 665 |
# Set bytecode security level. |
665 | 666 |
# Possible values: |
666 |
-# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS |
|
667 |
-# This value is only available if clamav was built with --enable-debug! |
|
668 |
-# TrustSigned - trust bytecode loaded from signed .c[lv]d files, |
|
669 |
-# insert runtime safety checks for bytecode loaded from other sources |
|
670 |
-# Paranoid - don't trust any bytecode, insert runtime checks for all |
|
671 |
-# Recommended: TrustSigned, because bytecode in .cvd files already has these checks |
|
667 |
+# None - No security at all, meant for debugging. |
|
668 |
+# DO NOT USE THIS ON PRODUCTION SYSTEMS. |
|
669 |
+# This value is only available if clamav was built |
|
670 |
+# with --enable-debug! |
|
671 |
+# TrustSigned - Trust bytecode loaded from signed .c[lv]d files, insert |
|
672 |
+# runtime safety checks for bytecode loaded from other sources. |
|
673 |
+# Paranoid - Don't trust any bytecode, insert runtime checks for all. |
|
674 |
+# Recommended: TrustSigned, because bytecode in .cvd files already has these |
|
675 |
+# checks. |
|
672 | 676 |
# Note that by default only signed bytecode is loaded, currently you can only |
673 | 677 |
# load unsigned bytecode in --enable-debug mode. |
674 | 678 |
# |
... | ... |
@@ -170,12 +170,12 @@ DatabaseMirror database.clamav.net |
170 | 170 |
#TestDatabases yes |
171 | 171 |
|
172 | 172 |
# This option enables support for Google Safe Browsing. When activated for |
173 |
-# the first time, freshclam will download a new database file (safebrowsing.cvd) |
|
174 |
-# which will be automatically loaded by clamd and clamscan during the next |
|
175 |
-# reload, provided that the heuristic phishing detection is turned on. This |
|
176 |
-# database includes information about websites that may be phishing sites or |
|
177 |
-# possible sources of malware. When using this option, it's mandatory to run |
|
178 |
-# freshclam at least every 30 minutes. |
|
173 |
+# the first time, freshclam will download a new database file |
|
174 |
+# (safebrowsing.cvd) which will be automatically loaded by clamd and |
|
175 |
+# clamscan during the next reload, provided that the heuristic phishing |
|
176 |
+# detection is turned on. This database includes information about websites |
|
177 |
+# that may be phishing sites or possible sources of malware. When using this |
|
178 |
+# option, it's mandatory to run freshclam at least every 30 minutes. |
|
179 | 179 |
# Freshclam uses the ClamAV's mirror infrastructure to distribute the |
180 | 180 |
# database and its updates but all the contents are provided under Google's |
181 | 181 |
# terms of use. See http://www.google.com/transparencyreport/safebrowsing |