Hi Alex, On Sunday, 26. June 2016 19:48:24 Alex wrote: > > I have the following configuration in my amavisd.conf: > > ### http://www.f-secure.com/ version 9.14 > > > > ['F-Secure Linux Security', > > > > ['/usr/bin/fsav', 'fsav'], > > '--virus-action1=report --archive=yes --auto=yes '. > > '--list=no --nomimeerr {}', [0], [3,4,6,8], > > qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ], > > # NOTE: internal archive handling may be switched off by > > '--archive=no' > > # to prevent fsav from exiting with status 9 on broken archives > > > > Can someone confirm for me that the above is the proper method of > > invocation for the current version (11.0 build 79) of f-secure?
your invocation line looks ok to me, but the devil might be in the details. Here's my invocation line: -------------------------- @av_scanners = ( ['F-Secure Antivirus', '/opt/f-secure/fssp/bin/fsav', '--allfiles --mime --archive --usedaemon --nopass --nomimeerr --nomimepart --noinvalidmime --maxnested=20 {}', [0,4,8], [3,6], qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ], ); -------------------------- You can try the following: Invoke fsav from the cmdline as root user. If you can scan an eicar test file with it, try again after changing to the amavisd user. May be it's a permission problem that when the fsav binary is invoked as the amavisd user, it does not have access to the F-secure daemon socket. Besides that I can't offer much help :) Cheers, Thomas