From 28f7d3571ca69fb408fe1f8f173b1d3ac0c8f9a6 Mon Sep 17 00:00:00 2001
From: "Ruben D." <ruben@winterrific.net>
Date: Tue, 14 Oct 2025 20:59:42 +0200
Subject: [PATCH] Add clamav milter packaged, configure it and use supervisord
 to start it up.

TODO: start milter only if community container stalwart is used.

Signed-off-by: Ruben D. <ruben@winterrific.net>
---
 Containers/clamav/Dockerfile       | 8 ++++++--
 Containers/clamav/start.sh         | 1 +
 Containers/clamav/supervisord.conf | 7 +++++++
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile
index 216ea1c9..9330c57f 100644
--- a/Containers/clamav/Dockerfile
+++ b/Containers/clamav/Dockerfile
@@ -3,7 +3,7 @@ FROM alpine:3.22.1
 
 RUN set -ex; \
     apk upgrade --no-cache -a; \
-    apk add --no-cache tzdata clamav supervisor bash; \
+    apk add --no-cache tzdata clamav clamav-milter supervisor bash; \
     mkdir -p /var/lib/clamav /run/clamav /var/log/supervisord /var/run/supervisord; \
     chmod 777 -R /run/clamav /var/log/clamav /var/log/supervisord /var/run/supervisord; \
     chown -R 100:100 /var/lib/clamav; \
@@ -12,7 +12,11 @@ RUN set -ex; \
     sed -i "s|#\?PCREMaxFileSize.*|PCREMaxFileSize aio-placeholder|g" /etc/clamav/clamd.conf; \
     sed -i "s|#\?StreamMaxLength.*|StreamMaxLength aio-placeholder|g" /etc/clamav/clamd.conf; \
     sed -i "s|#\?TCPSocket|TCPSocket|g" /etc/clamav/clamd.conf; \
-    sed -i "s|^LocalSocket .*|LocalSocket /tmp/clamd.sock|g" /etc/clamav/clamd.conf
+    sed -i "s|^LocalSocket .*|LocalSocket /tmp/clamd.sock|g" /etc/clamav/clamd.conf; \
+    sed -i "s|Example| |g" /etc/clamav/clamav-milter.conf; \
+    sed -i "s|#\?MilterSocket inet:7357|MilterSocket inet:7357|g" /etc/clamav/clamav-milter.conf; \
+    sed -i "s|#\?ClamdSocket unix:/run/clamav/clamd.sock|ClamdSocket unix:/tmp/clamd.sock|g" /etc/clamav/clamav-milter.conf; \
+    sed -i "s|#\?AddHeader Replace|AddHeader Add|g" /etc/clamav/clamav-milter.conf
 
 COPY --chmod=775 start.sh /start.sh
 COPY --chmod=775 healthcheck.sh /healthcheck.sh
diff --git a/Containers/clamav/start.sh b/Containers/clamav/start.sh
index bda4add5..2c56db49 100644
--- a/Containers/clamav/start.sh
+++ b/Containers/clamav/start.sh
@@ -1,6 +1,7 @@
 #!/bin/bash
 
 sed "s|aio-placeholder|$MAX_SIZE|" /etc/clamav/clamd.conf > /tmp/clamd.conf
+cp /etc/clamav/clamav-milter.conf /tmp/clamv-milter-conf
 
 # Print out clamav version for compliance reasons
 clamscan --version
diff --git a/Containers/clamav/supervisord.conf b/Containers/clamav/supervisord.conf
index 8f53856a..283833b8 100644
--- a/Containers/clamav/supervisord.conf
+++ b/Containers/clamav/supervisord.conf
@@ -21,3 +21,10 @@ stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
 command=clamd --foreground --config-file=/tmp/clamd.conf
+
+[program:milter]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=clamav-milter --foreground --config-file=/tmp/clamv-milter-conf
\ No newline at end of file