On Sat, Nov 04, 2006 at 01:16:45PM -0500, Jim Seymour wrote:
> Hi,
>
> If there is a better list for this question please let me know. I am
> trying to get exim4, spamassassin and clamav happily working together
> with a minimum amount of additional packages added on a Debian Etch
> system with all updates current. Basically I have installed exim4-heavy,
> sa-exim, spamassassin and the clamav packages. I am using the
> /var/run/clamav/clamd.ctl socket and have that configured in both the
> clam.conf and in the /etc/exim4/conf.d/main/02_exim4-config_options.
does this mean you have a line like this?
av_scanner = clamd:/var/run/clamav/clamd.ctl
> Clamav has been added to the Exim-debian group the
> AllowSupplementaryGroups option is in clam.conf. The scan directory
> /var/spool/exim4/scan has the following permissions drwxrwx--- and has
> owner.group of Debian-exim. This is in
> /etc/exim4/conf.d/acl/40_exim4-config_check_data file:
>
> deny message = This message contains a virus: ($malware_name) please
> scan your system.
> demime = *
> malware = *
I don't know much about this, so salt accordingly: isn't deny and
demime contradictory? How can you demime a message that you have
denied? just a thought, maybe its causing the rule to be ignored.
FTR, this is what I did for testing and have never bothered to change:
warn malware = *
message = WARNING! Virus! ($malware_name)
this allowed me to see what was happening by reading the headers of
the mails. Now i enjoy seeing the earnest emails warning me about my
compromised mailserver with a big fat "WARNING!" in them because its
their machine that is compromised... :)
hth
A
Attachment:
signature.asc
Description: Digital signature