On Fri, Oct 05, 2007 at 11:30:30AM -0700, Tom Bombadil wrote: > Loren Wilton wrote: > > I don't know how you would do it in exim (or if you even could) but in > > theory you could have two SA setups. One would only have the clam > > plugin enabled and no other rules, and the other would have the full set > > of rules you want. Then you could av scan using the first setup, and if > > that passes, run the second setup with the 100K message limit.
> > moderately horrible, and exim may not have the nice failover support for > > a second SA; not being an exim guy I don't really know. But I suppose > > Thanks for the response Loren, but unfortunately, as far as I know we > can specify the "spamd" directive just once in exim. Just once, but you can list more than one SpamAssassin copy for resilience - see: http://exim.org/exim-html-current/doc/html/spec_html/ch41.html#SECTscanspamass Up to 32 SA addresses can be listed, and are queried randomly. The same page (scroll up a few lines from the above link) explains how you can run different Virus scanners, like this: av_scanner = $acl_m0 deny message = This message contains malware ($malware_name) set acl_m0 = sophie malware = * deny message = This message contains malware ($malware_name) set acl_m0 = aveserver malware = * I would be moderately surprised if you could not also do this: spamd_address = $acl_m0 deny message = This message was classified as a Virus set acl_m0 = 127.0.0.1 783 spam = nobody deny message = This message was classified as a Virus set acl_m0 = 127.0.0.1 784 condition = ${if < {$message_size}{100K}} spam = nobody Using SA to call ClamAV seems like a nasty hack - a slightly better hack, IMHO, might be to use the "cmdline" virus scanning option and write a script to try clamav on localhost and fall back to other hosts if not available locally. Or do what we do - have several mail servers and a cron job to watch the processes ;-). There's not a lot you can't achieve with exim - if really stuck then shell out with a ${run ...} string expansion. HTH, Matthew -- Matthew Newton <[EMAIL PROTECTED]> Network Support and UNIX Systems Administrator, Network Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <[EMAIL PROTECTED]>
