Jerry K wrote: > a) since I am using sendmail, I am making the assumption that > compiling/using libmilter is the way to go?
I went that way. > b) if I am using ClamAV as a milter, do I need to run the clamd daemon > or will sendmail just call libclamav.a/so? sendmail will NOT call libclamav.a/so. You need a milter. You can use the clamav-milter program included or the distribution, or a third-party milter that calls clamd directly, such as MIMEDefang. I use both. If you use clamav-milter, you still have two options. You can have clamav-milter do the virus-checking itself, or defer to a running clamd daemon. There have been threading problems in the past with clamav-milter doing its own virus-checking, FYI. If you choose to defer to a running clamd daemon, start clamav-milter with the --external flag. > c) What is the default behavior when ClamAV receives an email with a > virus? Does it just delete the whole email? Does it quarantine the > file and forward the email to the user? Or is there any action, > other than virus identification when an email arrives with an > attached virus. ClamAV just detects viruses. What is done with the virus is up to the calling agent - the milter, in this case. This could include rejecting the email, accepting the email but silently discarding it, and / or sending notification emails to everyone and their mother. > I did find this line in the clamd.conf file, but I don't know what > command that I would run when a virus is found > > <i>Execute a command when virus is found. In the command string</i> "shutdown now", for example... > Also, from my google'ing, I came across this page > > http://linux-sxs.org/administration/clamav-milter.html > > that indicates that email's with viruses are rejected. Is this the > only possible action? Thats OK if it is, I have just yet to run > across the > run across the documentation that discusses this. Or, I have over > looked it. It's not the only possible action, but its what I do. > d) is ClamAV + Sendmail everything I need, once functional? I am > asking this because several of the links that I came across while > google'ing mentioned using ClamAV in coordination with another > product called Amavis. Depends. I also scan incoming email with SpamAssassin, by way of MIMEDefang's milter. > Also, roughly half of the user manual is filled with "Third Party > Products". Why some of these have obvious purposed (graphing or log > file processing), are there any of these necessary for me to get up > and going in my environment? No. > TIA for any pointers or URL's where I can RTFM. www.mimedefang.com www.spamassassin.org www.clamav.net -- Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902 Hispanic Business Inc./HireDiversity.com Software Engineer perl -e"map{y/a-z/l-za-k/;print}shift" "Jjhi pcdiwtg Ptga wprztg," _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
