I recently installed ClavAV on my FreeBSD 5.4 system. I am running Sendmail as my MTA.
Clam seems to be working fine except for one small thing. First, this is the entry I have in my /etc/rc.conf file for Clam. clamav_clamd_enable="YES" # Enable ClamAV clamav_freshclam_enable="YES" # Enable auto updater for AV clamav_milter_enable="YES" # Enable the mail AV scanner clamav_milter_socket="/var/run/clamav/clmilter.sock" # Clam Milter socket clamav_milter_flags="--postmaster-only --local --outgoing --max-children=50 --quarantine dir=/var/mail/quarantine --timeout=0" # Clam milter settings Each directive is on one separate line although it might not look like it here. This is a sample of the notices I receive when a virus is detected. The message k0JAB7nO094434 sent from <[EMAIL PROTECTED]> to <[EMAIL PROTECTED]> contained HTML.Phishing.Pay-6 and has not been delivered. The message in question has been quarantined as /var/tmp//clamav-48b75ba8e9a0d2da/msg.8LUShP First, you will notice that there are two "//" in the path. I do not understand why. Second, although the directory entry does exist, it is empty. The file mentioned is present in the /var/mail/quarantine/060119/k0JAB7nO094434.HTML.Phishing.Pay-6 directory. However, there does not appear to be anything attached to the file. It is very simple HTML code. My question is why is the /var/tmp/* directory being created if it is empty? Why the double '//' in the path? Also, shouldn't the file with the virus actually have something attached to it. Most of the time on WinXP machines anyway, there is a file attachment of some kind, although I guess that is not a requirement. I am just curious as to whether I have this who thing configured correctly. Ciao -- Gerard Seibert [EMAIL PROTECTED] _______________________________________________ http://lurker.clamav.net/list/clamav-users.html