Hello, We are using a remote mail server by a 3rd party who don't have the best A/V detection, so we want to scan incoming mails via the OTRS system. From a look at the docs, I believe we want to use the technique used by spam assassin at the bottom of this page: http://doc.otrs.org/3.0/en/html/email-receiving.html
The problem is, I cannot get clamdscan to return whatever OTRS expects for it to ignore the email. Here is my setup from Config.pm: $Self->{'PostMaster::PreFilterModule'}->{'1-ClamAV'} = { Module => 'Kernel::System::PostMaster::Filter::CMD', CMD => '/usr/bin/clamdscan --stdout -| grep "FOUND"', Set => { 'X-OTRS-Ignore' => 'yes', }, }; Assuming it is a stream, the output of the command is: $ cat eicar.com.txt | clamdscan --stdout - | grep FOUND stream: Eicar-Test-Signature FOUND Unfortunately, nothing happens and the mails make it into OTRS with a test-virus attached. I have tried changing the 'CMD' to a few different things (e.g. using clamscan instead), but no luck so far. I am sure OTRS is passing something to this command, as if I change it to "CMD => '/usr/bin/clamdscan", then no tickets are created and I see this in the logs: Sep 27 11:50:02 <server> OTRS-CGI-10[29783]: [Notice][Kernel::System::PostMaster::Filter::CMD::Run] Set param 'X-OTRS-Ignore' to 'yes' because of '/files/otrs/bin/cgi-bin: OK ' (Message-ID: <12345@host>) Has anyone done anything like this before? Any ideas what syntax I can use in the CMD? Any help is appreciated. Regards, Pierce. CONFIDENTIALITY NOTICE: The contents of this email are confidential and for the exclusive use of the intended recipient. If you receive this email in error, please delete it from your system immediately and notify us either by email, telephone or fax. You should not copy, forward, or otherwise disclose the content of the email.
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs