Hi,
I'm in the process of upgrading our mail server, and part of that process is
upgrading Exim from 4.30 to 4.54. I am currently trying to configure Exim to do
virus scanning using Sophos/sweep.
In the data ACL I have a malware condition which should be finding a virus (I'm
sending it the e
Sorry, I forgot to add that the av_scanner is:
av_scanner = cmdline:\
/usr/local/bin/sweep -ss -all -rec -archive %s:\
found:'(.+)'
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail :
Hi!
I am experiencing exactly the same problem as Nigel.
I set up virus scanning with the cmdline option the
same way Nigel did.
As I use uvscan (McAfee) I replaced the uvscan command
with a simple echo-script which puts out "Found virusXY".
With the placebo script the message gets rejected wi
Nigel Wade wrote:
Sorry, I forgot to add that the av_scanner is:
av_scanner = cmdline:\
/usr/local/bin/sweep -ss -all -rec -archive %s:\
found:'(.+)'
Ok. I've got to the root of the problem, and it's a pretty annoying one.
It's an incompatibility between Exim 4.5
Hi Nigel,
as you may already have seen I just experienced exactly the same
problem.
Naming the problem: It is the obsolete demime facility which you
need!
In the Makefile of exim, have a look at about 30% of the file:
-
# If you
Nigel Wade wrote:
> Ok. I've got to the root of the problem, and it's a pretty annoying one.
> It's an incompatibility between Exim 4.5 and Sophos sweep.
>
> Sophos won't find a virus in an attachment whilst it's part of the
> message - it needs to scan each component separately. Exiscan would
>
Jakob Hirsch wrote:
Nigel Wade wrote:
Ok. I've got to the root of the problem, and it's a pretty annoying one.
It's an incompatibility between Exim 4.5 and Sophos sweep.
Sophos won't find a virus in an attachment whilst it's part of the
message - it needs to scan each component separately. Ex
Nigel Wade wrote:
>>>Sophos won't find a virus in an attachment whilst it's part of the
>>>message - it needs to scan each component separately. Exiscan would
>>>split the message into its constituent parts, each in a separate file.
>> This is not an "incompability", Exim just does what you tell i
Nigel Wade wrote:
> Furthermore, according to the documentation, the MIME ACL will only
> unpack MIME components if the mail message contains a MIME-Version:
> header. I would rather not have to rely on the co-operation of the virus
> writers by requiring this header be in the message for the virus
Jakob Hirsch wrote:
Nigel Wade wrote:
Sophos won't find a virus in an attachment whilst it's part of the
message - it needs to scan each component separately. Exiscan would
split the message into its constituent parts, each in a separate file.
This is not an "incompability", Exim just does w
* Nigel Wade ([EMAIL PROTECTED]) [051128 14:56]:
> But they may still contain a virus. RFC1341 doesn't say what the contents
> of a valid virus message must contain ;-)
Then follow the robustness principle: Be liberal in what you accept :P
Cheers,
Andi
--
http://home.arcor.de/andreas-barth/
Nigel Wade wrote:
>Sophos won't find a virus in an attachment whilst it's part of the
>message - it needs to scan each component separately. Exiscan would
>split the message into its constituent parts, each in a separate file.
This is not an "incompability", Exim just does what you
Jakob Hirsch wrote:
Nigel Wade wrote:
Sophos won't find a virus in an attachment whilst it's part of the
message - it needs to scan each component separately. Exiscan would
split the message into its constituent parts, each in a separate file.
This is not an "incompability", Exim just does w
On Thu, 1 Dec 2005, Nigel Wade wrote:
> From: Nigel Wade <[EMAIL PROTECTED]>
> To: Exim users list
> Date: Thu, 01 Dec 2005 15:27:59 +
> Subject: Re: [exim] How to debug malware
...
> My mime ACL was incorrect, and it was not performing the decode
> = default. N
Dennis Davis wrote:
On Thu, 1 Dec 2005, Nigel Wade wrote:
From: Nigel Wade <[EMAIL PROTECTED]>
To: Exim users list
Date: Thu, 01 Dec 2005 15:27:59 +
Subject: Re: [exim] How to debug malware
...
My mime ACL was incorrect, and it was not performing the decode
= default. Now tha
The problem has been resolved, thanks to David Baines.
Apparently sweep now has a -mime option which will allow it to find viruses
hiding in MIME attachments. Unfortunately, this is not on by default, and Sophos
haven't documented the option in the man page (RTFM isn't the universal solution
i
16 matches
Mail list logo
