At 01:55 PM 11/27/2006, Christopher Cleveland wrote:
My quick review of the archive/google did not turn up any
implementation
notes for using clamav as a policy rather than content
filter. I already
have amavisd-new/clamd working, but would like to move the
virus scan
from post acceptance to pre acceptance. By making this
chance, the
sender's MTA will handle notification (if it would have
any value). Post
acceptance notification is just making a new nuisance and
negative
value.
I do understand that pre acceptance processing raises the
performance
bar. I believe I can budget the resources required, and I
am willing to
revert if needed.
Does anyone have clamav implemented as a policy service in
postfix?
You're using the wrong term here. A postfix policy service
only gets envelope information such as client, MAIL FROM,
RCPT TO, and other stuff, but does not get the data. So
it should be obvious you can't do virus scanning with a
policy service.
To scan data before accepting the message you need to use a
smtpd_proxy_filter or a milter (with postfix 2.3).
clamsmtp is a commonly used pre-queue smtpd_proxy_filter
that works well. Good instructions are on their web site.
http://memberwebs.com/nielsen/software/clamsmtp/
http://www.postfix.org/SMTPD_PROXY_README.html
--
Noel Jones
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
