*********** REPLY SEPARATOR ***********
On 4/15/2005 at 5:49 PM Nigel Horne wrote: >> *********** REPLY SEPARATOR *********** >> >> On 4/15/2005 at 3:58 PM Nigel Horne wrote: >> >> >On Friday 15 Apr 2005 15:56, Carl Thompson wrote: >> >> >> >> *********** REPLY SEPARATOR *********** >> >> >> >> On 4/14/2005 at 10:24 PM Nigel Horne wrote: >> >> >> >> >> Okay this is what i have for clamav-milter on remote server >> >> > >> >> >Remote to sendmail? Or remote to clamd? Or both? >> >> > >> >> >> CLAMAV_FLAGS="-qlm5 --external --server=xxx.xxx.xxx.xxx >> >> >> local:/var/run/clamav/clmilter.sock" >> >> >> >> >> >> and I have to run clamd on that server so that clamav uses it >> >> >> externally to scan for virus (if i understand this correctly) >> >> > >> >> >I presume by "that server" you mean the server running clamav-milter >> >> > >> >> >> >> >> >> and on my primary server i did the same thing and clamav creates >> >> >> local socket and scans thru clamd on remote server. >> >> > >> >> >I presume by "primary server" you mean the server running >> clamd, though >> >> >I don't understand what you mean by you "did the same thing"? >> Why would >> >> >you do the same on both machines? Surely one runs clamd and one >> >> >runs clamav-milter? >> >> > >> >> >> however if i use >> >> >> INPUT_MAIL_FILTER(`clamav', `S=inet:[EMAIL PROTECTED], F=, >> >T=S:4m;R:4m')dnl >> >> >> (machine name chaned to correct machine of course) >> >> > >> >> >By "machineb" do you mean the same as "primary server" above? Or the >> >> >same as "that server"? >> >> > >> >> >> I still get socket errors in maillog about attempting to scan and >> >> >> clamd is on the remote socket not clamav-milter on the >> remote socket. >> >> > >> >> >> I'm sure i'm doing something simple wrong but I sure can't figure >it >> >out. >> >> > >> >> >Sorry, but I can't figure out what you're trying to do and what >you've >> >> >tried to set up. >> >> > >> >> >The following scenarios are possible: >> >> >1) sendmail, clamav-milter and clamd all on one machine >> >> >2) sendmail and clamav-milter on one machine, clamd on another >machine >> >> >3) sendmail on one machine, clamav-milter and clamd on another >machine >> >> >4) sendmail, clamav-milter and clamd all on separate machines >> >> >5) sendmail and clamav-milter on one machine, clamd running >> on multiple >> >> >machines load balanced >> >> >6) sendmail and clamav-milter on separate machines, clamd running on >> >> >multiple machines load balanced, which may include the same machines. >> >> > >> >> >Please be very specific about what you're trying to achieve. I guess >> >> >it's either scenario 2 or scenario 3? >> >> I can get scenario 2 to work without a problem and this is how I did >it >> >for some time before .82 (when clamd scanning was integrated into >> >clamav-milter and you no longer needed to run clamd just for >> clamav-milter) >> >> >> >> The problem I have is scenario 3. >> >> >> >> machine a has sendmail on it >> >> machine b is a low use box so I would like to run clamav-milter and >> >clamd (if its necessary now) on it and have machine a connect to >> >clamav-milter on machine b. however I am unable to get clamav-milter to >> >listen on a TCP port on machine b >> > >> >Machine a configure looks correct: >> > INPUT_MAIL_FILTER(`clamav', `S=inet:[EMAIL PROTECTED], F=, >> T=S:4m;R:4m')dn >> > >> >On machineb try starting clamav-milter thus (based on the options you >> >gave, and ensure that clamd >> >is running on machineb first): >> > CLAMAV_FLAGS="-qlm5 --external inet:3311" >> > >> >> Carl >> > >> >-Nigel >> > >> >> As a final update to this little endeavor this is what I did >> >> on the mail server i used >> INPUT_MAIL_FILTER(`clamav', `S=inet:[EMAIL PROTECTED], F=, T=S:4m;R:4m')dn >> >> on the scanning server i did the following >> >> CLAMAV_FLAGS="-qlm5 inet:3311 --server xxx.xxx.xxx.xxx" >> >> I tried it with --external and that worked fine if I had clamd >> running (as it should be) so I figured i would try it internal >> and that worked fine. >> >> I did however have to specify --server because without it it >> bound to 3311 of 127.0.0.1 > >Again I need more information here. When you say xxx.xxx.xxx.xxx, >what IP address did you use? Furthermore what do you have in your >tcpwrappers files (/etc/hosts.allow and /etc/hosts.deny). > >--server is to do with the link clamav-milter<->clamd, where as the >inet:3311 is to do with the link sendmail<->clamav-milter, so adding >--server should have no effect on the incoming as you've stated. I >need more information to see what's going on with the bind you mention. > >> Carl > >-Nigel okay this is what I have server A (sendmail server) clmilter, S=inet:[EMAIL PROTECTED],F=, T=S:4m;R:4m server B (clamav-milter server) CLAMAV_FLAGS="inet:3311 -qlm5" server B (sendmail config no real email accounts but the system usual) clmilter, S=inet:[EMAIL PROTECTED],F=, T=S:4m;R:4m The results are that server b sendmail works fine thru the inet connection to server b clamav-milter and scans perfectly fine but server a sendmail doesn't connect or attempt to connect (no errors or anything in logs) to clamav-milter on server b I can telnet from server a to server b port 3311 and connect without a problem, it is not blocked by iptables or hosts.deny the domain looks up fine and has same results if i replace its name with an ip address netstat report from server b on clamav [EMAIL PROTECTED] root]# netstat -plan|grep clam tcp 0 0 0.0.0.0:3311 0.0.0.0:* LISTEN 9060/clamav-milter unix 2 [ ] DGRAM 20428504 9060/clamav-milter Carl _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
