On 3/7/10 3:06 PM, Robert S wrote:
I have been getting these messages in my logs when a message is detected as
a virus:
Mar 8 08:44:56 mypc clamav-milter[6112]: Message o27LiRP8029635 from
<UNKNOWN> to <UNKNOWN> with subject 'Important notice: Google'
message-id 'UNKNOWN' date 'UNKNOWN' infected by
Sanesecurity.Junk.22168.UNOFFICIAL
Is it possible to get some more information appearing than <UNKNOWN> as
the sender and recipient?
Yes - in this instance: grep o27LiRP8029635 /var/log/maillog
This simple idea can be added to the clamd.conf configuration as a VirusEvent
script.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
