Paul Dekkers wrote:
Hi,
Riemer Palstra wrote:
2) If I put malware = */defer_ok in my check data ACL, will that
accept the mail and relay it out to the world, or will it accept and
queue until clam is back up. The latter would be better, but I'm not
sure if it is possible.
The first. Consider putting a second scanner in the chain if you
*really* don't want a message to be sent out to the world without any
type of scanning.
Can't we detect if the scanner failed or not? (I have a suspicion.)
Yes. Log entries are usually generated.
It should be possible to intercept that, and/or generate a header before
entering,
add a header as part of the pass, remove one, both, or neither afterwards.
You can simulate failure by denying the stack or socket to it.
If not; wouldn't it make sense to have a variable that indicates this?
(Something like $malware_failed or so. Something that can be used as to
add a header as a warning, try another scanner instead, ...)
Perhaps X-Scan-Failed: going in, strip it if/as/when other indicators
show success.
With defer_ok we can't add a header at a later stage that tells if the
scan was successful... we can only be sure if there was indeed malware
detected, if malware_name is defined, right?
Paul
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
