Question about clamav

Hello
These days I’m cleaning the device I use at home and I asked myself a question
At the time I had installed clamav as an additional component to the proxy, to increase the security of my network, but today that it is no longer integrated I asked myself the question what is this component for?
Does it still make sense to keep it enabled or does it make more sense to uninstall it?

The squid/clamav integration package was SquidClamAV which was removed in CU177 as the package hadn’t been updated since 2012 and it only worked on http traffic.

ClamAV is basically only useful on IPFire now if you are running the postfix addon as a mail server and want to scan the mail being handled.

My preference would be to have any mail server in the orange zone on its own hardware and run ClamAV on that system and not on IPFire.

1 Like

If you use the IPFire for storage (e.g. with samba) it can also usefull for manual or scripted scanning.
If you use it only as internet gateway it is useless.

3 Likes

I imagined, since at home I only use it as a gateway I think I’ll delete it, it doesn’t make much sense for it to continue to be installed
Thanks

IMO, an antivir pprogram like clamav only makes sense on the system, where the packets are decrypted. For HTTPS and other protocols, IPFire is such a system if it is endpoint for data transfer ( file server, mail server, … ) only.