Vincent Aniello wrote: > I know that the new clamav-milter is a work in progress. Is there any > chance of email notifications to an administrator when a virus is > detected being added back into clamav-milter in the future?
Hi Vincent, I'm not particularly hot about notifications in the milter. The reason is that the milter interface is more or less a yes/no/maybe filter with not direct control over any other aspect of the mail handling process. On the other hand such aspects can be controlled directly and more properly in the sendmail configuration itself. On the technical side, since libmilter offers no options for creating and delievieng mails, clamav-milter would need to invoke an external process to do that. (For the records, clamav-milter was in the past affected by a remote root vulnerability exactly in the code to invoke sendmail to deliever the notifications). Now if you do need notifications you can still have them, in some other not terribly complex ways. In random order: - Use VirusEvent in clamd - Set AddHeader and use a sitewide procmail recipe - Set LogInfected and write a small script to parse the logfiles - Use the quarantine option and parse the quantine queue - probably more... As you see nothing that can't be done with about 10 lines in a (shell|perl|python|...) script. -aCaB _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
