Virtualmin only allows you to use clamdscan (because clamscan simply isn’t usable with the size of the virus database today). There is never a reason to use clamscan.
How did you configure it to use clamscan?
I didn’t configure Virtualmin to use clamscan at all. Maybe my Virtualmin server had been compromised by hackers??
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Singapore
I can’t imagine why hackers would want to change your antivirus configuration.
If you restored a Virtualmin configuration backup from a very old system it might have been configured to use clamscan. We hid the option a couple/few years ago, but an old configuration could still have it set that way.
Hi all,
Please refer to the following post.
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Singapore
Please refer to the following screenshot.
clamscan was automatically selected.
I have never never configured this option before in the past.
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Singapore
He shows a current version of VM yet he shows that option. Does the new software have the capability of knowing the previous setting and therefore displaying it or are we getting inconsistent data from the OP here? I don’t see that option in my 7.30.4 .
Stop crossposting all over the place. This is ridiculous. You have a configuration problem. You have not found a bug in Postfix or in ClamAV, so why bother them about your configuration problems?
The behavior you’re seeing is expected behavior. ClamAV is very large and they recommend you run a server and use clamdscan. If you start a new ClamAV for every email by using clamscan, it will explode memory and CPU usage. You should not do that!
If you must scan email for viruses, you must use clamdscan and run one instance of ClamAV. There is no other reasonable way to use it.
1 Like
I see we still have the option in Spam and Virus Scanning, even though it was removed from the setup wizard years ago. I don’t know how we missed that. It will be removed soon.
But, don’t ever use it! ClamAV has grown so large (it is over a GB now, I believe) that it can never be a reasonable option to spin one up for every single email. It hasn’t been a reasonable option for several years…once it grew over a few hundred MB it made no sense.
Maybe a new spam scanning alternative, rspamd I think is an alternative and more modern.
We are not talking about spam scanning.
I have switched from clamscan to clamd.
I THINK the problem has been solved.
Postfix now uses less than 50 MB of RAM as opposed to 6.2 GB from Jan 2025 to Mar 2025.
I will monitor the situation closely for another 2-3 months.
I have been using Virtualmin web hosting control panel for many years.
Thank you.
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Singapore
Postfix was never using 6GB of RAM. clamscan was using most of that, and it was indirectly spawned by Postfix, by way of procmail. But, Postfix was never a large consumer of memory on your system. You have to look at details to troubleshoot problems, and which process is consuming memory matters when you’re trying to troubleshoot memory-related problems.
1 Like
FYI, the next Virtualmin release will more strongly discourage users from using clamscan if somehow it has been selected.
3 Likes
slighty off topic 
@Jamie
Will the team be implementing a new Virus and spam scanning systems in upcoming versions of Virtualmin as I know that the mail stack was going to be looked at some point.
I would like the ability to scan files for virus not just for virus in emails.
1 Like
What do you mean? Do you want to scan a Linux system for viruses? If so, I don’t think it would be very useful. If the system has been hacked and a root exploit created, there isn’t much you can do to easily find it. Otherwise, I don’t see much sense in creating a separate virus scanner for the system, do you?
1 Like
The server might not be hacked, but a users website could be hacked.
I always found having AV scanning in a users account very useful when trying to de-hack a website. p.s. I know backups are better, but when there is no backup I get called 
A lot of panels have AV scanning available in their control panels (obviously controlled with permissions). This is why I mentioned in the context of the email systems as this is what ClamAV is being used in Virtualmin for but ClamAV is extensively an anti-virus software. There is even an old Webmin module to use ClamAV to scan files.
how many email viruses does it really detect? Do you keeps stats? I’d be surprised it there is many.
Client anti-virus detection would be much more effective and 99% would have them.
Clamav you can manually setup a cron to scan websites.
I cannot rate ClamAV either way but I think the functionality of an AV available to users is still valid, whether that is with ClamAV or some other system which is not so heavy on RAM.
education? (or a fast learning curve)
a bit like spare battery
I used to run an AV but the reality is that none of them run without false positives. Unless I have reason to look, I don’t. But, maybe a fair point on your websites. Maybe email, though any incoming should be detected anyhow unless you don’t want to do real time.