Jon Smith wrote:
On 11/24/06, Dennis Peterson <[EMAIL PROTECTED]> wrote:
Jon Smith wrote:
> clamav-milter starts without any warnings/errors. The
/var/log/clamd.milter
> log file is completely empty. Permissions are correct, I can su to
clamilt
> user and write to the file. Messages are be relayed but not tagged or
> apparently even processed by clamav-milter.
>
> Nothing interesting in /var/log/messages or /var/log/maillog, just
sendmail
> relaying messages (nothing about clam at all).
>
Your lsof doesn't show any sendmail attachment to the socket. Your data
dumps don't show any sendmail.cf information. Did you configure your
sendmail.mc file (or what ever yours is called) to use the clamav
milter? If not then sendmail won't attempt to use it.
dp
Thanks for the quick response, I really appreciate it!
From my original message:
[root@<hostname> ~]# grep clam /etc/mail/sendmail.cf
XClamav, S=local:/var/run/clamav-milter/clamav.sock, F=, T=S:4m;R:4m
Also worth noting from my original message:
[root@<hostname> ~]# /usr/lib/sendmail -d0 < /dev/null | grep MILTER
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET
NETINET6
So, yes, sendmail is compiled (by the Fedora folks, not me, I'm trying
to do
this all the "Fedora Way"(tm) instead of compiling it all from source) with
libmilter support, and configured to talk to clamav-milter over a socket.
Also, the sockets must be in agreeance with clamav-milter config,
because if
they're mismatched clamav-milter will attempt to start, then complain about
a mismatched sendmail.cf socket path and exit.
And I noticed that sendmail also wasn't listening on the socket, definitely
seemed odd to me. Just not sure *why* it's not listening.
Sorry - I completely missed that. I use Solaris so am not sure of this
but: Does your netstat show you unix sockets? If so it should indicate
the clamav socket. (I have Fedora running in a VM on my Mac and just
tried it and it does show them).
Try setting the sendmail loglevel and milter loglevel to 21 (for this
trivial change the sendmail.cf file can be directly edited). Sendmail
has to be stopped and started. This loglevel is quite verbose and
should present a lot of milter info if it's working. You'll have to
telnet to your sendmail server to get it to open the socket and that
likely was not done in your earlier scan. I think clamav's milter can
also do logging - I don't use it so am just guessing.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
