On 22.10.2015 13:32, Gary Stainburn wrote: > On Thursday 22 October 2015 10:32:06 Jeremy Harris wrote: >> On 22/10/15 10:14, Gary Stainburn wrote: >>> I'm having real problems with virus emails getting through my mail >>> server. My initial config consists of: >>> >>> av_scanner = clamd:/var/run/clamd.exim/clamd.sock >> >> Clam updates running properly? >> Tested with a known one (eg EICAR) ? > > Clamd is up and running, hence the clamd.exim entries. My concern is that it > isn't being called for all suitable messages, i.e. not the ones I'm > submitting. You can confirm that by looking at the log. Just identify the message you are concerned about and look for an entry like
/var/spool/exim/scan/1ZpBsO-000EWL-Pv/1ZpBsO-000EWL-Pv.eml: OK in the clamav logs. But your configuration looks ok (though I don't understand the greylisting part in a data-acl, since greylisting triggers before data is executed. > I am testing with eicar and they are getting delivered. I am doing this > using: > > [gary@ollie2 ~]$ echo test|mutt [email protected] -a eicar.txt -s "EICAR > TEST" what about "clamdscan eicar.txt"? Does clamd work if exim is not involved? I suppose Jeremys concern is that clamav might run without a singature database (or a broken one) and that's my concern as well. > On top of this live virus emails are getting through. > >> >>> I copied the syntax directly from the EXIM docs and amended to have: >> >> What was wrong with the aveserver scanner interface? > > The avescanner needed the run file /var/run/aveserver. I could not find > anything like that file on my server. However, I did manage to convert an old > sophie script to work with Kaspersky. > > That is why I thought I'd try that. However, because of the error mesage from > EXIM, the script isn't getting working. > > >> -- >> Cheers, >> Jeremy > -- Karlsruher Institut für Technologie (KIT) Steinbuch Centre for Computing (SCC) Patrick von der Hagen Zirkel 2, Gebäude 20.21, Raum 004.2 76131 Karlsruhe Telefon: +49 721 608-46433 E-Mail: [email protected] Web: http://www.scc.kit.edu KIT - Universität des Landes Baden-Württemberg und nationales Forschungszentrum in der Helmholtz-Gemeinschaft
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
