At 09:42 AM Saturday, 4/4/2009, you wrote -=> >Ed Kasky schrieb: > > Any idea when a new release can be expected? My 0.95 milter install > > has found nothing since upgrading and was quarantining between 8 and > > 20 weekly (small company) since my first installation. > > > > Our stats from the last 5 weeks: > > > > http://www.wrenkasky.com/cgi-bin/virus/display.pl?number > > > > Ed > > >Hi , what are you trying to say, isnt your milter working ? >Or are you only suprised no to get any viri? >you may test your inst with >http://www.gfi.com/emailsecuritytest/ >until eicar is catched > >did you try disabling LogInfected Full ? > >you can try compile from cvs version, perhaps your Problem is allready fixed >http://www.clamav.net/snapshot/clamav-devel-latest.tar.gz > >i just finished implement new milter and it works with postfix 2.5.5 > >-- >Best Regards >MfG Robert Schetterer >Germany/Munich/Bavaria
Thanks for suggesting the test emails. I watched the maillog as they arrived and confirmed that they were detected and quarantined. I had assumed that there was a problem as my stats script was not picking anything up since upgrading. The issue I found is due to two changes in 0.95: 1. It is writing to maillog instead of syslog 2. The message itself has changed also: ~~~~~~~~~~ -pre 0.95 from /var/log/messages: Mar 15 14:49:45 yoda clamav-milter[30297]: Email quarantined as /tmp/quarantine/090315/n2FLmnwt016170.Phishing.Heuristics.Email.SSL-Spoof Mar 15 14:49:45 yoda clamav-milter[30297]: n2FLmnwt016170: /tmp/quarantine/msg.wGhydu: Phishing.Heuristics.Email.SSL-Spoof Intercepted virus from "CartaSi S.p.A"<cartasi_info...@cartasi.it> to ed ~~~~~~~~~~ -0.95 from /var/log/maillog: Apr 4 19:43:43 yoda sendmail[21957]: n352hWTb021957: from=<emailtest...@gfi.com>, size=6474, class=0, nrcpts=1, msgid=<gfiso001-gfiws22qgr00006...@gfiws2.gfi.com>, proto=ESMTP, daemon=MTA, relay=[216.134.217.100] Apr 4 19:43:43 yoda sendmail[21957]: n352hWTb021957: Milter add: header: Received-SPF: pass (yoda.wrenkasky.com: domain of emailtest...@gfi.com designates 216.134.217.100 as permitted sender) Apr 4 19:43:43 yoda sendmail[21957]: n352hWTb021957: Milter change (add): header: X-Virus-Scanned: clamav-milter 0.95 at yoda.wrenkasky.com Apr 4 19:43:43 yoda sendmail[21957]: n352hWTb021957: Milter change (add): header: X-Virus-Status: Infected (Exploit.GFI) Apr 4 19:43:43 yoda sendmail[21957]: n352hWTb021957: milter=clamav, quarantine=quarantined by clamav-milter ~~~~~~~~~~ So I can confirm that it works with sendmail 8.14.3 as well :-) Ed ........................................................................... Randomly Generated Quote (1148 of 1520): That man is truly good who knows his own dark places. -Beowulf _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
