I have an opensolaris machine with Sendmail 8.14.3.
I have compiled clamav 0.96.1 (and just upgraded to 0.96.2)
./configure --prefix=/usr/local/clamav --enable-milter --with-user=smmsp
--with-group=smmsp
Smmsp is the sendmail submission user.
I turned on all the logging options I could find in clamd.conf and
clamav-milter.conf. This includes syslog. I have one machine on my
network that is the central syslog server for unix-type mail servers.
I added the following line to sendmail.mc as part of rebuilding sendmail.cf
INPUT_MAIL_FILTER(`clamav',
`S=local:/var/spool/clamav/clamav-milter.socket, T=S:4m;R:4m')
You will noticed I excluded the F=T option- if the milter doesn't work I
don't want mail to be rejected- at least while I am working out the bugs.
I download several version of the eicar test virus from
http://www.eicar.org/anti_virus_test_file.htm.
Eicar.zip will get quarantined by clamav-milter. (mailq -qQ shows this as
well as the logs.) Eicar.com and eicar.com.txt are clearly being blocked
somehow but they aren't quarantined, aren't logged and aren't rejected (as
far as I can tell.) Not that I really mind viruses getting rejected but
I would like a log of what is going on. It does make me a little nervous
when e-mail just disappears and I do need to he ability to check logs when
legitimate e-mail seems to be getting lost.
Your help is appreciated
Thanks
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
