You have perfectly understood! At the moment my exim4-daemon-heavy configuration works in this way:
- I receive an e- mail message
- I control if actualy there is the addressee
- if he exists I accept the message and I begin to check it, otherwhise I turn it down.
- If the message has been accepted, I check if it has got a virus:
av_scanner = clamd:/var/run/clamav/clamd.ctl
- If it hasn't got a virus I go on and check (anti-spam controls etc..), otherwise, if I find a virus I reject the message using a 500 response to the server.
# Reject messages containing malware.
deny message = This message contains a virus ($malware_name) and has been rejected
demime = *
malware = *
log_message = MALWARE: $malware_name
But the addressee doesn't know anything about the rejection of this e-mail and continually calls me in order to know where is his e-mail.
After telling him a lot of time that his e-mail has been refused because the sender had sent him a virus not by his will, he has thanked me for the service but begged me to tell him something when I reject a message. The customer perfectly knows that I will send him a lot of useless e-mails but he accepts it and, at the end, he pays.
But I really have no idea about how it works. I don't know if it is advisable to configure exim or it would be better to use clamav. Surfing the net I found this e-mail and it sounds like being generated by clamav. Above you can read the text of this e-mail
Subject: Virus Worm.SomeFool.Gen-2 found in attached mail by ClamAV.
ClamAV anti-virus scanner has intercepted and deleted a message.
The following is a summary of the infected message:
Virus name: Worm.SomeFool.Gen-2
Now I think that everything is more clear! Could you help me?
I am looking forward to getting your answer, thank you very much.