I have been getting these messages in my logs when a message is detected
as
a virus:
Mar 8 08:44:56 mypc clamav-milter[6112]: Message o27LiRP8029635 from
<UNKNOWN> to <UNKNOWN> with subject 'Important notice: Google'
message-id 'UNKNOWN' date 'UNKNOWN' infected by
Sanesecurity.Junk.22168.UNOFFICIAL
Is it possible to get some more information appearing than <UNKNOWN> as
the sender and recipient?
Hi Robert,
You get "UNKNOWN" because you, your distro, or your package provider has
tuned the confMILTER_MACROS_ENVFROM variable (aka Milter.macros.envfrom
in .cf) in a way that hides those info from the milters.
The sendmail default is: i, {auth_type}, {auth_authen}, {auth_ssf},
{auth_author},{mail_mailer}, {mail_host}, {mail_addr}.
I have added this to my sendmail.mc and I'm getting the correct messages in
my log now:
define(`confMILTER_MACROS_ENVFROM', ``i, {auth_type}, {auth_authen},
{auth_ssf}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}'')
Does this look OK? I'm not a great sendmail.mc expert.
Thanks for the help.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
