I am using Command Antivirus (csav) as my second virus scanner. There is a case with a banned filetype in one mail.
- the mail is "banned" - the first scanner says "clean" - the second says "infected" But: Amavisd doesn't send the user notification for a infected, but a banned mail. >From my log: ############################################################## Jul 8 15:11:58 xxxx amavis[30092]: (30092-11) run_av: /usr/bin/csav exit 52, Command Software AntiVirus for Linux version 4.93.7\nCopyright ... could be infected with an unknown virus\n\nResults of virus scanning:\n\nFiles: 146\nMBRs: 0\nBoot sectors: 0\nObjects scanned: 2655\nInfected : 0\nSuspicious: 2\nDisinfected: 0\nDeleted: 0\nRenamed: 0\n\nTime: 0:11 Jul 8 15:11:58 xxxx amavis[30092]: (30092-11) run_av (Command AntiVirus for Linux): INFECTED: Jul 8 15:11:58 xxxx amavis[30092]: (30092-11) virus_scan: (), detected by 1 scanners: Command AntiVirus for Linux Jul 8 15:11:58 xxxx amavis[30092]: (30092-11) Virus matches (?-xism:^), sender addr ignored ############################################################### CSAV returns Code 52 and INFECTED: The entry for csav in my amavisd.conf (version 2.4.4) is ######################################################### ### http://www.commandsoftware.com/ ['Command AntiVirus for Linux', 'csav', '-all -archive -packed {}', [50], [51,52,53], qr/Infection: (.+)/ ], ######################################################### (and the code for 2.6.4 differs by "(.+)/m" only). Maybe there is a unsufficient evaluation of the return value? Maybe qr/Infection:|Infected: ... would help? Joe -- ---------------------------------------------------------------- Joachim Schoenberg PHONE: +49 30 20377 374 Paul-Drude-Institut fuer FAX: +49 30 20377 201 Festkoerperelektronik Berlin ---------------------------------------------------------------- ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
