Awesome
Disclaimer
This repository is community supported and not maintained by Mattermost. Mattermost disclaims liability for integrations, including Third Party Integrations and Mattermost Integrations. Integrations may be modified or discontinued at any time.
Mattermost Antivirus Plugin
Maintainer: @iomodo Co-Maintainer: @hanzei
This plugin allows the forwarding of uploaded files to an antivirus scanning application and prevents the upload from completing if there is a virus detected in the file. Use it to prevent users from inadvertently spreading malware or viruses via your Mattermost instance.
Currently the plugin supports ClamAV anti-virus software across browser, Desktop Apps and the Mobile Apps. ClamAV is an open source (GPL) anti-virus engine used in a variety of situations including email scanning, web scanning, and end point security. It provides a number of utilities including a tool for automatic database updates. A ClamAV server can be easily provisioned as a Docker container that runs alongside Mattermost.
Requirements:
- Mattermost Server Version: 5.2+
- ClamAV Server access
Installation
-
Go to the releases page of this Github repository and download the latest release for your Mattermost server.
-
In the Mattermost System Console under System Console > Plugins > Plugin Management upload the file to install the plugin. To learn more about how to upload a plugin, see the documentation.
-
Install ClamAV (clamd) for virus scanning. One easy option is to provision a ClamAV container with Docker by running the following command. Assuming you have already installed Docker, this will download and install the latest version of ClamAV and set up a server with an open port at 3310. ClamAV by default accepts 100MB files, you can change this in the
clamd.conf
. Visit the ClamAV Documentation for further configuration. Mattermost's MaxFileSize default value is subject to change. To ensure that the correct value is set, verify your value at the following link: Maximum File Size.If your Mattermost's MaxFileSize is ≤ 100MB
docker run -d --restart unless-stopped -p 3310:3310 clamav/clamav:latest
If it is > 100MB
docker run -d --restart unless-stopped --mount type=bind,source=/full/path/to/clamav/,target=/etc/clamav -p 3310:3310 clamav/clamav:latest
/full/path/to/clamav/clamd.conf
... # Files larger than this limit won't be scanned. Affects the input file itself # as well as files contained inside it (when the input file is an archive, a # document or some other kind of container). # Value of 0 disables the limit. # Note: disabling this limit or setting it too high may result in severe damage # to the system. # Technical design limitations prevent ClamAV from scanning files greater than # 2 GB at this time. # Default: 100M MaxFileSize 200M # Match your filezize limit in Mattermost ...
-
Once clamd server is running, configure the plugin in Mattermost to make requests to your clamd instance by going to System Console > Plugins > Antivirus. Configure Clamav Host and Port to point at your clamd instance, and optionally configure a Scan timeout in seconds to set how long it takes before the virus scan times out.
-
Activate the plugin at System Console > Plugins > Management and ensure it starts with no errors.
Testing
To test your configuration is correct, download an EICAR test file and upload it. The file should be rejected as below:
Upload a regular file to ensure it is processed successfully and posted to the channel.
If there is an error with your setup - check your ClamAV server setup and communication: