I've noticed that amavisd on my MX no longer blocks stuff flagged by clamav.
The only difference in the logs for a message which clamav's log shows as having FOUND something and one which is CLEAN is that in the latter case amavis logs 'Hits: -' and in the FOUND case it logs 'Hits: 0.1'. The logs show that it is sending everthing to clamav, just PASSing mail which should be DISCARDed and quarantined. I can't find any reason why. My /etc/amavis/conf.d/50-user just sets: @local_domains_acl to a list of my local domains, $forward_method and $notify_method to the delivery smtpd, $myhostname to the correct fqdn, and: @bypass_virus_checks_maps = (); # to check everthing $final_virus_destiny = D_DISCARD; $final_banned_destiny = D_DISCARD; The quarantine had a couple of recent badh- files, but no virus- or banned- files for the last several months. An example of the logging: >From mail.log: Dec 29 18:33:03 mx amavis[8696]: (08696-11) Passed CLEAN, [74.238.54.136] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, Message-ID: <[EMAIL PROTECTED]>, mail_id: Ainpxge0xIwH, Hits: 0.1, size: 3648, queued_as: 585E494093, 771 ms and the corresponding entry from clamav.log: Sat Dec 29 18:33:03 2007 -> /var/lib/amavis/tmp/amavis-20071229T183012-08696/parts/p001: HTML.Phishing.Pay-172 FOUND -JimC -- James Cloos <[EMAIL PROTECTED]> OpenPGP: 1024D/ED7DAEA6 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/