Hi, I use mailguard 1.0.1 with amavisd and clam but I have a
problem with
virus.
When start my mail server I have in log file:
Sep 20 15:12:42 localhost amavis[2455]: starting.
/usr/sbin/amavisd at
mail.mydomain.biz amavisd-new-
.2.1 (20041222) + Maia Mailguard 1.0.1, Unicode aware,
LANG=it_IT.UTF-8
Sep 20 15:12:43 localhost amavis[2456]: ANTI-VIRUS code
loaded
Sep 20 15:12:43 localhost amavis[2456]: Using internal av
scanner code for
(primary) ClamAV-clamd
Sep 20 15:12:43 localhost amavis[2456]: Found secondary av
scanner
ClamAV-clamscan at /usr/local/bin/clamscan
and....
[root mail postfix]# ps -ax|grep clam
Warning: bad syntax, perhaps a bogus '-'? See
/usr/share/doc/procps-3.2.6/FAQ
1589 ? Ss 0:00 /usr/local/bin/freshclam -d
1715 ? Ss 0:00 /usr/local/sbin/clamd
5150 pts/5 S+ 0:00 grep clam
..when arrived mail with virus (gfi test) I have:
Sep 20 13:46:32 localhost postfix/qmgr[4133]: 298F7ED0517:
from=<emailtestinggfi.com>, size=6650, nrcpt=1 (queue
active)
Sep 20 13:46:32 localhost postfix/smtpd[4940]: disconnect
from
gfiservers.gfi.com[69.20.55.130]
Sep 20 13:46:32 localhost postfix/smtpd[4949]: connect from
localhost.localdomain[127.0.0.1]
Sep 20 13:46:32 localhost postfix/smtpd[4949]: 9B8F3ED0518:
client=localhost.localdomain[127.0.0.1]
Sep 20 13:46:32 localhost postfix/cleanup[5000]:
9B8F3ED0518:
message-id=<S44374H4sPWuc2gKJHx00001942S44374>
Sep 20 13:46:32 localhost postfix/qmgr[4133]: 9B8F3ED0518:
from=<emailtestinggfi.com>, size=7045, nrcpt=1 (queue
active)
Sep 20 13:46:32 localhost postfix/smtpd[4949]: disconnect
from
localhost.localdomain[127.0.0.1]
Sep 20 13:46:32 localhost amavis[4996]: (04996-03) Passed
CLEAN,
[69.20.55.130] [69.20.55.130] <emailtestinggfi.com> ->
<test2mydomain.biz>, Message-ID:
<S44374H4sPWuc2gKJHx00001942S44374>,
Hits: -, 272 ms
Sep 20 13:46:32 localhost postfix/smtp[4945]: 298F7ED0517:
to=<test2mydomain.biz>, relay=127.0.0.1[127.0.0.1],
delay=0, status=sent
(250 2.6.0 Ok, id=04996-03, from MTA: 250 Ok: queued as
9B8F3ED0518)
Sep 20 13:46:32 localhost postfix/qmgr[4133]: 298F7ED0517:
removed
Sep 20 13:46:32 localhost postfix/local[4950]: 9B8F3ED0518:
to=<test2mydomain.biz>, relay=local, delay=0, status=sent
(delivered to
mailbox)
Sep 20 13:46:32 localhost postfix/qmgr[4133]: 9B8F3ED0518:
removed
my amavid.conf is:
$virus_admin = undef; # notifications recip.
$mailfrom_notify_admin = "virusalert\$mydomain"; # notifications
sender
$mailfrom_notify_recip = "virusalert\$mydomain"; # notifications
sender
$mailfrom_notify_spamadmin = "spam.police\$mydomain"; # notifications
sender
$mailfrom_to_quarantine = ''; # null return path; uses
original sender if
undef
$final_virus_destiny = D_DISCARD
### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n",
"/var/run/clamav/clamd.sock"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# NOTE: run clamd under the same user as amavisd; match the
socket
# name (LocalSocket) in clamav.conf to the socket name in
this entry
# When running chrooted one may prefer: ["CONTSCAN
{}\n","$MYHOME/clamd"],
);
# See https://secure.renaissoft.com/maia/wiki/VirusScannerCo
nfig
# for more virus scanner definitions.
av_scanners_backup = (
### http://www.clamav.net/ -
backs up clamd or Mail::ClamAV
['ClamAV-clamscan', 'clamscan',
"--stdout --disable-summary -r --tempdir=$TEMPBASE
{}", [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
thanks.
------
Salvatore.
---
[This E-mail scanned for viruses by Declude Virus]
_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users
|