Once you have clamfs configured and functioning reliably, you can consider making your email client and web browser use the virus-scan-on-demand directories for downloading files and caching.
In Linux, Mozilla Firefox puts everything in /home/user/.mozilla, and Mozilla Thunderbird puts everything in /home/user/.mozilla-thunderbird. The quickest and easier way is to rename these folders, make clamfs mount points of the original name, and be done with it. Specifically, to do this to Firefox:
This does not control the default behavior of file downloading. To force file scan-on-demand for downloading, do the following.
Then, in Firefox, go to “Edit — Preferences”, “Main”, and select “Save files to”. Click “Browse”, and type in ~/.mozilla/DL (note: without actual!). This forces Firefox to download files only into the scanned folder.
Of course, it also means that you need to retrieve downloaded files from ~/.mozilla/DL. It is a little cumbersome, but any file that is scanned positive cannot be copied out of ~/.mozilla/DL, or even be opened in that folder.
You can do the same (clamfs the whole Thunderbird folder) for Thunderbird. However, doing this to Thunderbird may not be very helpful or efficient. This is because Thunderbird stores a whole folder of messages in a single file. This means that clamfs will scan an entire folder of messages when you read just a single message.
You can configure Thunderbird to save attachments to a specific folder. “Edit — Preferences — Attachments”, then select “Save all attachments to this folder”. For ease of configuration, you can also make Thunderbird use ~/.mozilla/DL to save email attachments.
To perform per-message scanning, you should use postfix and amavis on the email server that you connect to receive email via POP3 or IMAP.