Re: [Clamav-users] fetchmail & clamav-milter

Wed, 29 Sep 2004 10:01:54 -0700 

Is clamd running? It's difficult to read your mail because you've sent
from Hotmail which annoyingly puts HTML in e-mails, but it looks as
though clamd is running OK. Try to clamdscan (note the d) a file.
Are you running 0.75 or 0.80?

What makes you believe that incoming messages aren't being scanned?

I notice no clamav-milter.pid, if you do ps is clamav-milter still running?

-Nigel

On Wednesday 29 Sep 2004 13:28, Damon McMahon wrote:
> Nigel,
> 
> Sorry about that. The problem is that clamav-milter isn't scanning incoming 
> mail. I want to configure it to scan mail that is passed to sendmail from 
> fetchmail (running on the same host) to deliver to local mailboxes, but not 
> scan outgoing mail.
> 
> I agree, the documentation implies that leaving off the -o -f and -l 
> switches should achieve this, but for some reason it's just not scanning 
> anything [see the bottom of the mail log below].
> 
> I confirm that clamav-milter does indeed scan mail if the -o or -l switch is 
> used. How does clamav-milter determine what is incoming, what is outgoing 
> and what is lan mail (and pardon my ignorance)? Is it my sendmail 
> configuration, perhaps?
> 
> Cheers,
> Damon
> 
> ----Original Message Follows----
> From: Nigel Horne <[EMAIL PROTECTED]>
> Organization: NJH Music (bandsman.co.uk)
> To: [EMAIL PROTECTED]
> Date: Wed, 29 Sep 2004 08:24:47 +0100
> Subject: [Clamav-users] Re: Clamav-users digest, Vol 1 #1033 - 11 msgs
> Reply-To: [EMAIL PROTECTED]
> 
> I can't remember the original problem, you've removed the history from this
> post that would have reminded me!
> 
> -Nigel
> 
> On Wednesday 29 Sep 2004 02:58, Damon McMahon wrote:
> > Nigel,
> >
> > Thanks for your reply, and please accept my apologies for the woeful 
> lack of
> > detail in my first post.
> >
> > Here's how we kick off clamav:
> >
> > #!/bin/sh
> > /usr/local/bin/freshclam -d -p /var/clamav/freshclam.pid
> > /usr/local/sbin/clamd
> > /usr/local/sbin/clamav-milter --debug -c /etc/clamav.conf -AdNq
> > local:/var/clamav/clmilter.sock
> >
> > Note that I couldn't get clamav-milter to accept --dubug-level=n 
> despite
> > this being documented in the man page and building with
> >
> > % ./configure --enable-debug
> >
> > Here are the relevant run-time files:
> >
> > % ls -al /var/clamav
> > drwx------   6 clamav  clamav  204 29 Sep 10:58 .
> > drwxr-xr-x  22 root    wheel   748 29 Sep 09:06 ..
> > -rw-rw----   1 clamav  clamav    4 29 Sep 10:58 clamd.pid
> > srwxrwxrwx   1 clamav  clamav    0 29 Sep 10:58 clamd.sock
> > srwx------   1 clamav  clamav    0 29 Sep 10:58 clmilter.sock
> > -rw-rw----   1 clamav  clamav    4 29 Sep 10:58 freshclam.pid
> >
> > Here's my configuration customisations:
> >
> > % cat /etc/clamav.conf | grep -v # | grep -v '^$'
> > LogSyslog
> > LogFacility LOG_MAIL
> > LogVerbose
> > PidFile /var/clamav/clamd.pid
> > LocalSocket /var/clamav/clamd.sock
> > FixStaleSocket
> > StreamSaveToDisk
> > StreamMaxLength 10M
> > MaxThreads 10
> > MaxDirectoryRecursion 15
> > User clamav
> > ScanOLE2
> > ScanMail
> > ScanArchive
> > ArchiveMaxFileSize 10M
> > ArchiveMaxRecursion 5
> > ArchiveMaxFiles 1000
> > ArchiveMaxCompressionRatio 200
> > ClamukoScanOnOpen
> > ClamukoScanOnClose
> > ClamukoScanOnExec
> > ClamukoIncludePath /home
> > ClamukoMaxFileSize 1M
> > ClamukoScanArchive
> >
> > Here's the relevant snippet from my mail log showing the info you 
> requested:
> >
> > Sep 29 10:57:31 localhost clamd[9693]: Daemon started.
> > Sep 29 10:57:31 localhost clamd[9693]: clamd daemon 0.75.1 (OS: 
> darwin7.5.0,
> > ARCH: ppc, CPU: powerpc)
> > Sep 29 10:57:31 localhost clamd[9693]: Log file size limited to 1048576
> > bytes.
> > Sep 29 10:57:31 localhost clamd[9693]: Verbose logging activated.
> > Sep 29 10:57:31 localhost clamd[9693]: Running as user clamav (UID 30, 
> GID
> > 30)
> > Sep 29 10:57:31 localhost clamd[9693]: Reading databases from
> > /usr/local/share/clamav
> > Sep 29 10:57:32 localhost clamd[9693]: Protecting against 24128 
> viruses.
> > Sep 29 10:57:33 localhost clamd[9694]: Unix socket file
> > /var/clamav/clamd.sock
> > Sep 29 10:57:33 localhost clamd[9694]: Setting connection queue length 
> to 15
> > Sep 29 10:57:33 localhost clamd[9694]: Listening daemon: PID: 9694
> > Sep 29 10:57:33 localhost clamd[9694]: Archive: Archived file size 
> limit set
> > to 10485760 bytes.
> > Sep 29 10:57:33 localhost clamd[9694]: Archive: Recursion level limit 
> set to
> > 5.
> > Sep 29 10:57:33 localhost clamd[9694]: Archive: Files limit set to 
> 1000.
> > Sep 29 10:57:33 localhost clamd[9694]: Archive: Compression ratio limit 
> set
> > to 200.
> > Sep 29 10:57:33 localhost clamd[9694]: Archive support enabled.
> > Sep 29 10:57:33 localhost clamd[9694]: RAR support disabled.
> > Sep 29 10:57:33 localhost clamd[9694]: Mail files support enabled.
> > Sep 29 10:57:33 localhost clamd[9694]: OLE2 support enabled.
> > Sep 29 10:57:33 localhost clamd[9694]: Self checking every 3600 
> seconds.
> > Sep 29 10:58:53 localhost clamav-milter[9842]: Starting: clamd / ClamAV
> > version 0.75.1, clamav-milter version 0.75c
> > Sep 29 10:58:53 localhost clamav-milter[9842]: Started: clamd / ClamAV
> > version 0.75.1, clamav-milter version 0.75c
> > Sep 29 10:59:11 localhost sendmail[9864]: starting daemon (8.13.1):
> > [EMAIL PROTECTED]:20:00
> > Sep 29 10:59:11 localhost sendmail[9867]: starting daemon (8.13.1):
> > [EMAIL PROTECTED]:20:00
> > Sep 29 10:59:15 localhost fetchmail[9886]: starting fetchmail 6.2.5 
> daemon
> > Sep 29 11:01:10 localhost fetchmail[9886]: 1 message for 
> [EMAIL PROTECTED]
> > at pop.my.mail.provider.net (773 octets).
> > Sep 29 11:01:11 localhost fetchmail[9886]: reading message
> > [EMAIL PROTECTED]@pop.my.mail.provider.net:1 of 1 (773 octets)
> > Sep 29 11:01:11 localhost clamav-milter[9842]: clamfi_close
> > Sep 29 11:01:11 localhost sendmail[9898]: i8T1VBd6009898:
> > from=<[EMAIL PROTECTED]>, size=866, class=0, nrcpts=1,
> > msgid=<[EMAIL PROTECTED]>, 
> proto=ESMTP,
> > daemon=MTA, relay=localhost [127.0.0.1]
> >
> > If you need anything else let me know.
> >
> > Thanks again,
> > Damon
> >
> > ----Original Message Follows----
> > From: Nigel Horne <[EMAIL PROTECTED]>
> > Organization: NJH Music (bandsman.co.uk)
> > To: [EMAIL PROTECTED]
> > Subject: Re: [Clamav-users] fetchmail & clamav-milter
> > Date: Tue, 28 Sep 2004 08:12:09 +0100
> > Reply-To: [EMAIL PROTECTED]
> >
> > [snip]
> >
> > Yes, don't use -l, -o or -f. What options are you using? What version 
> of
> > clamav-milter?
> >

> 
> --
> Nigel Horne. Arranger, Composer, Typesetter.
> NJH Music, Barnsley, UK.  ICQ#20252325
> [EMAIL PROTECTED] http://www.bandsman.co.uk
> 

> Clamav-users mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/clamav-users
> 

-- 
Nigel Horne. Arranger, Composer, Typesetter.
NJH Music, Barnsley, UK.  ICQ#20252325
[EMAIL PROTECTED] http://www.bandsman.co.uk


-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Reply via email to