On-access Scanning

There is a special thread in clamd that performs on-access scanning under Linux and shares internal virus database with the daemon. You must follow some important rules when using it:

• Always stop the daemon cleanly - using the SHUTDOWN command or the
  SIGTERM signal. In other case you can lose access to protected files until the system is restarted.
• Never protect the directory your mail-scanner software uses for attachment unpacking. Access to all infected files will be automatically blocked and the scanner (including clamd!) will not be able to detect any viruses. In the result all infected mails may be delivered.

For example, to protect the whole system add the following lines to clamd.conf:

	ScanOnAccess yes
	OnAccessIncludePath /
	OnAccessExcludePath /proc
	OnAccessExcludePath /temporary/dir/of/your/mail/scanning/software

For more configuration options, type 'man clamd.conf' or reference the example clamd.conf.