How to uninstall clamav

I made the mistake of installing clamav during installation of hestiaCP. Because the server only has 1GB of ram, clamav is automatically turned off. Now I get an email from exim daily. I am hoping there is a way to uninstall or at least fully disable clamav without having to reinstall the server.

exim paniclog /var/log/exim4/paniclog on has non-zero size, mail system might be broken. Up to 10 lines are quoted below.

2020-09-20 02:05:19 1kJfMV-001pow-NV malware acl condition: clamd /var/run/clamav/clamd.ctl : unable to connect to UNIX socket (/var/run/clamav/clamd.ctl): No such file or directory
2020-09-20 02:06:20 1kJfNU-001pow-Bt malware acl condition: clamd /var/run/clamav/clamd.ctl : unable to connect to UNIX socket (/var/run/clamav/clamd.ctl): No such file or directory

Check if your clamav service is running, basicly you could try to uninstall clamav and adjust the exim conf - but if you dont know how to do it, reinstall the server and restore backups would be the faster and safer option.

I’m not completely sure, as I haven’t tried it, but isn’t adjusting the exim config just a case of commenting out the CLAMD line in /etc/exim/exim4.conf.template ?
#CLAMD = yes

I think all the clam-related bits are written in conditional blocks, which are deactivated when you do this.

Isn’t that just the template and not the actual config? Will give it a go and see if I stop getting the EXIM paniclog emails

Tried this and didn’t work.

That is the actual config, yes, and of course you’d need to restart exim afterwards to apply the changes.

OK, sorry it didn’t work, but it looked like that would do the job: you see these at the top
#CLAMD = yes
and then lower down there are conditional blocks like
.ifdef CLAMD
av_scanner = clamd: /var/run/clamav/clamd.ctl
Which are not loaded if CLAMD is not defined. Anyway, worth a try, and not too hard to roll back if it doesn’t work.

Might be better to be explicit:
CLAMD = “”
(Forum screws with the two double quotes)

yes, this. if you check the installer you’ll see that this is the only difference/modification done to exims conf in that regard.

as you said you need to restart exim ofc and want to stop clamav then.
you also might want to adjust the hestia.conf file where there is a lin telling which antivrus module is used…


CLAMD = yes
to CLAMD = no

.ifdef CLAMD
av_scanner = clamd: /var/run/clamav/clamd.ctl


.ifdef CLAMD
#av_scanner = clamd: /var/run/clamav/clamd.ctl

systemctl restart exim4.service

And it should work fine

Actually this works. Turns out I kept getting the EXIM paniclog email daily but there is no new entry in the log. I think I just need to delete the paniclog file.