Is there a (reasonably sustainable) way to integrate an antivirus software other than ClamAV in Virtualmin?
For example I have antivirus that I trust, and it has a dedicated scan command, just like ClamAV, and the command returns 0 for clear and non-zero exit status for malware detected, just like ClamAV does.
The problem begins with ClamAV being tightly integrated with Virtualmin, as far as I see and ends with the way ClamAV is integrated in mail system - through Procmail.
Additionally, it is not utterly important to remove ClamAV form system, I’m good enough to leave it operating as intended I just do not want to relay on infamous ClamAV detection rate to protect my users from malware.
[EDIT]
It is obvious that per domain procmail files located in /etc/webmin/virtual-server/procmail/ are responsible for calling clamdscan, like: /etc/webmin/virtual-server/clam-wrapper.pl /usr/bin/clamdscan.
So, I guess, in order to achieve what I want, a rewrite of /etc/webmin/virtual-server/clam-wrapper.pl is needed and it is reasonable to
presume that everything changed to this file will be reverted by Virtualmin update process. Too bad my languages of choice were PHP and BASH and not Perl…
Thanks for answer. The part with /etc/procmailrc is specially helpful since I was counting on per domain procmail file - no need for that thankfully.
For sake of completeness I’ll post PHP (or better, BASH) version of generic email antivirus wrapper, when I test it enough - so far it’s working. It turns out that /etc/webmin/virtual-server/clam-wrapper.pl is fairly simple program which reads email from STDIN and exits with 0 or 1 depending on malware found or not.