clamd

Start clamd daemon

$ clamd

$ clamd --foreground

$ clamd -c [/etc/clamav/clamd.conf]

$ clamd --config-check

$ clamdscan --reload

clamd [options]

clamd is the ClamAV daemon, a multi-threaded virus scanning service. It loads the virus database into memory once and handles scan requests from clients, providing much faster scanning than the standalone clamscan tool.
The daemon listens on a Unix socket or TCP port and accepts commands to scan files, directories, or data streams. Multiple clients can connect simultaneously, making it suitable for email servers, file servers, and web applications.
clamd is commonly used with mail transfer agents (Postfix, Exim, Sendmail), web proxies, and file upload handlers to provide real-time malware scanning.

-c file, --config-file= file

Use specified configuration file.

Run in foreground, don't daemonize.

Enable debug mode.

Check configuration and exit.

Display help.

Display version.

Requires regular virus database updates via freshclam. Memory usage depends on database size (typically 1-2GB). Socket permissions must allow client access. Self-check may fail if TCP connections are rate-limited. Performance depends on available memory and CPU.

ClamAV was created by Tomasz Kojm in 2001 as an open-source antivirus engine, originally designed for email gateway scanning on Unix systems. It was acquired by Sourcefire in 2007 and later became part of Cisco when Sourcefire was acquired in 2013. ClamAV remains one of the most widely deployed open-source antivirus solutions, particularly in mail and web gateway environments.

clamscan(1), clamdscan(1), freshclam(1), clamd.conf(5)