The following steps will enable clamd malware scanning using exiscan ACLs.
It is important to follow them in sequence.

*  Install security/clamav from the ports tree.

*  Confirm that user clamav was added to the mail group in /etc/group.

*  Confirm that /var/log/clamav and /var/run/clamav exist and are owned
   by clamav:clamav.

*  In Exim's configure file, set av_scanner=clamd:/var/run/clamav/clamd

*  Adjust the exiscan ACLs in Exim's configure file.  Make sure you use
   the demime option with the malware check, e.g.:

   deny message = This message contains malware ($malware_name)
	demime  = *
	malware = *

*  Edit clamav.conf as follows:

	LogFile /var/log/clamav/clamd.log
	PidFile /var/run/clamav/clamd.pid
	LocalSocket /var/run/clamav/clamd
	User clamav
	AllowSupplementaryGroups
	ScanArchive
	ScanMail

   You may wish to make other changes as well.

*  Make sure clamd_enable="YES" has been added to /etc/rc.conf; this is
   required by the clamav port's startup script,
   %%RC_DIR%%/clamd%%RC_SUFX%% .

*  Run freshclam.

*  Add a cron job that runs freshclam --daemon-notify --quiet at least
   once a day.

*  Start clamd with %%RC_DIR%%/clamd%%RC_SUFX%% start .

*  Start Exim with %%RC_DIR%%/exim%%RC_SUFX%% start .

Sheldon Hearn <sheldonh@FreeBSD.org>