Import my exiscan-acl clamd virus scanner integration notes.

I can't say enough good things about clamd.

mail/exim/Makefile

@@ -355,6 +355,9 @@ post-install:
 .if !defined(NOPORTDOCS)
 	${MKDIR} ${DOCSDIR}
 	${INSTALL_DATA} ${WRKDIR}/POST-INSTALL-NOTES ${DOCSDIR}
+.if !defined(WITHOUT_EXISCAN)
+	${INSTALL_DATA} ${FILESDIR}/POST-INSTALL-NOTES.clamd ${DOCSDIR}
+.endif
 .for file in ${PORTDOC_FILES}
 	${INSTALL_DATA} ${WRKSRC}/doc/${file} ${DOCSDIR}
 .endfor

mail/exim/files/POST-INSTALL-NOTES.clamd

@@ -0,0 +1,74 @@
+The following steps will enable clamd malware scanning using exiscan ACLs.
+It is important to follow them in sequence.
+
+*  Install security/clamav from the ports tree.
+
+*  Add user clamav to the mail group in /etc/group.
+
+*  Create /var/log/clamav and /var/run/clamav, and change the ownership
+   of both to clamav:clamav.
+
+*  In Exim's configure file, set av_scanner=clamd:/var/run/clamav/clamd
+
+*  Adjust the exiscan ACLs in Exim's configure file.  Make sure you use
+   the demime option with the malware check, e.g.:
+
+   deny message = This message contains malware ($malware_name)
+	demime  = *
+	malware = *
+
+*  Edit clamav.conf as follows:
+
+	LogFile /var/log/clamav/clamd.log
+	PidFile /var/run/clamav/clamd.pid
+	LocalSocket /var/run/clamav/clamd
+	User clamav
+	AllowSupplementaryGroups
+	ScanArchive
+
+   You may wish to make other changes as well.
+
+*  Install the shell script included at the end of these instructions as
+   /usr/local/etc/rc.d/clamd.sh, taking care to make it executable.
+
+*  Run freshclam.
+
+*  Add a cron job that runs freshclam --daemon-notify --quiet at least
+   once a day.
+
+*  Start clamd with /usr/local/etc/rc.d/clamd.sh start .
+
+*  Start Exim with /usr/local/etc/rc.d/exim.sh start .
+
+Sheldon Hearn <sheldonh@FreeBSD.org>
+
+#!/bin/sh
+#
+PREFIX=/usr/local
+CLAMAV_BIN=${PREFIX}/sbin
+
+case $1 in
+start)
+    [ -x ${CLAMAV_BIN}/clamd ] && {
+	${CLAMAV_BIN}/clamd
+	echo -n ' clamd'
+    }
+    ;;
+
+stop)
+	kill `cat /var/run/clamav/clamd.pid`
+	if [ $? = 0 ] ; then
+		echo -n ' clamd'
+	fi
+    ;;
+
+restart)
+	/usr/local/etc/rc.d/clamd.sh stop && \
+		/usr/local/etc/rc.d/clamd.sh start
+    ;;
+
+*)
+    echo "usage: `basename $0` {start|stop|restart}" >&2
+    exit 64
+    ;;
+esac

mail/exim/files/POST-INSTALL-NOTES.exiscan-acl

@@ -2,7 +2,10 @@ This installation of Exim includes Exiscan content scanning support,
 from http://duncanthrax.net/exiscan-acl/, which is documented in
 ${PREFIX}/share/doc/exim/exiscan-acl-spec.txt.  The ports tree
 includes various content scanners that might be useful, e.g.
-mail/p5-Mail-SpamAssassin and security/vscan.
+mail/p5-Mail-SpamAssassin and security/clamav.
+
+Notes for enabling malware scanning with the excellent clamd scanner
+are in ${PREFIX}/share/doc/exim/POST-INSTALL-NOTES.clamd.
 
 When Exiscan is actually enabled in the Exim configure file, great
 care should be taken to test upgrades, since Exiscan updates tend

mail/exim/pkg-plist

@@ -25,6 +25,7 @@ sbin/exiqsumm
 %%PORTDOCS%%%%DOCSDIR%%/pcrepattern.txt
 %%PORTDOCS%%%%DOCSDIR%%/pcretest.txt
 %%PORTDOCS%%%%DOCSDIR%%/spec.txt
+%%PORTDOCS%%%%EXISCAN_ACL%%%%DOCSDIR%%/POST-INSTALL-NOTES.clamd
 %%PORTDOCS%%%%EXISCAN_ACL%%%%DOCSDIR%%/exiscan-acl-examples.txt
 %%PORTDOCS%%%%EXISCAN_ACL%%%%DOCSDIR%%/exiscan-acl-spec.txt
 @dirrm etc/exim