/
clamd.conf
34 lines (25 loc) · 1.13 KB
/
clamd.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
DatabaseDirectory /data/clamdb
# Only load official signatures published by the ClamAV project
OfficialDatabaseOnly yes
# Use system logger instead of a log file
LogSyslog yes
# TODO consider using a socket file instead
TCPSocket 3310
TCPAddr 0.0.0.0
# TODO change this depending on Lambda's configured max upload size.
# For now, just trust that Lambda will already have verified the file size
# before asking ClamAV to scan it.
StreamMaxLength 1024M
# We run clamd in a container, so it doesn't need to fork to the background
Foreground yes
# Lambda doesn't normally accept executable files anyways. Be extra cautious and disallow
# PUA, because it's probably actually unwanted.
DetectPUA yes
# TODO maybe only IncludePUA specific categories
# We probably won't send the same file many times, so no need to cache the MD5s.
# Also... using MD5 for cached successful files? That sounds very sketchy.
DisableCache yes
# This should be disabled if we plan to handle heuristics different from known
# malware. If we don't care, then this gives a performance boost by ending the
# scan early if a heuristic detects malware.
HeuristicScanPrecedence yes