ClamAction integrates with clamsmtpd
via the VirusAction
hook to quarantine suspicious emails, alert administrators, notify recipients, and detail detected threats.
- Quarantine emails.
- Send detailed admin alerts.
- Notify recipients with summaries.
- Configurable via environment variables.
- Go: Install from golang.org.
-
Clone the repository:
git clone https://github.com/alexzeitgeist/clamaction.git
-
Navigate:
cd clamaction
-
Build:
go build -o clamaction
Configure via environment variables:
EMAIL
: Path to the infected email file (supplied by clamsmtpd)RECIPIENTS
: Newline-separated list of intended recipients (supplied by clamsmtpd)SENDER
: Email address of the sender (supplied by clamsmtpd)VIRUS
: Virus ID or description (supplied by clamsmtpd)EMAIL_ADMIN
: Admin email for notificationsEMAIL_SERVICE
: Service email for sending notificationsQUARANTINE_FOLDER
: Quarantine storage directorySMTP_HOST
: SMTP server host (defaultlocalhost
)SMTP_PORT
: SMTP server port (default25
)DEBUG
:true
for verbose logging
Configure clamsmtpd.conf
to invoke ClamAction:
VirusAction /path/to/clamaction
Ensure clamaction
is executable and correctly located. With environment setup and clamsmtpd
configured, ClamAction processes emails flagged by ClamAV.