I have been getting these messages in my logs when a message is detected
as
a virus:
Mar 8 08:44:56 mypc clamav-milter[6112]: Message o27LiRP8029635 from
<UNKNOWN> to <UNKNOWN> with subject 'Important notice: Google'
message-id 'UNKNOWN' date 'UNKNOWN' infected by
Sanesecurity.Junk.22168.UNOFFICIAL
Yes - in this instance: grep o27LiRP8029635 /var/log/maillog
This simple idea can be added to the clamd.conf configuration as a
VirusEvent script.
Thanks. I was looking for something a bit simpler - something in the config
file that will fill in the details of the sender and recipient. This seems
to work on my other server which runs the same version of clamav-milter on
gentoo.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
