|
You have perfectly understood! At the moment my
exim4-daemon-heavy configuration works in this way:
- I receive an e- mail message
- I control if actualy
there is the addressee
- if he exists I accept the message and I begin to
check it, otherwhise I turn it down.
- If the message has been accepted, I check if it
has got a virus:
av_scanner =
clamd:/var/run/clamav/clamd.ctl
- If it hasn't got a virus I go on and check
(anti-spam controls etc..), otherwise, if I find a virus I reject the message using a 500 response to the
server.
# Reject messages containing
malware.
deny message = This message contains a virus ($malware_name) and has been rejected demime = * malware = * log_message = MALWARE: $malware_name But the addressee doesn't know anything about the
rejection of this e-mail and continually calls me in order to know where is his
e-mail.
After telling him a lot of time that his e-mail has
been refused because the sender had sent him a virus not by his will, he has
thanked me for the service but begged me to tell him something when I
reject a message. The customer perfectly knows that I will send him a lot
of useless e-mails but he accepts it and, at the end, he pays.
But I really have no idea about how it works. I
don't know if it is advisable to configure exim or it would be better to
use clamav. Surfing the net I found this e-mail and it sounds like being
generated by clamav. Above you can read the text of this
e-mail
Subject: Virus Worm.SomeFool.Gen-2 found in
attached mail by ClamAV.
ClamAV anti-virus scanner has intercepted and deleted a message. The following is a summary of the infected message: Virus name: Worm.SomeFool.Gen-2 From: kerrie.a****re@***.ie To: myuser@mydomain.com Now I think that everything is more clear! Could
you help me?
I am looking forward to getting your answer,
thank you very much.
Marco |