On 10/5/2012 12:21 PM, Steven W. Orr wrote:
I have SA running and configured to call clamav.cf My mail server
checks the incoming messages by running SA as a milter, so the spam is
rejected before reception completes. My mail logfile for a specific
message might look like this:
Oct 5 11:30:01 saturn sendmail[20656]: q95FTj2G020656: Milter add:
header: X-Spam-Status: Yes, score=28.0 required=5.0
tests=BAYES_99,CLAMAV,\n\tDATE_IN_PAST_06_12,FSL_HELO_NON_FQDN_1,HTML_MESSAGE,RCVD_IN_PBL,RCVD_IN_XBL,\n\tRDNS_NONE,UNPARSEABLE_RELAY,URIBL_BLACK,URIBL_JP_SURBL,URIBL_PH_SURBL,\n\tURIBL_WS_SURBL
autolearn=spam version=3.3.2 country=IR
but I'd like to know which CLAMAV virus was the trigger. Is there a
way to get output somewhere that tells me which signature(s) fired?
TIA
The clamav plug-in is unsupported but I believe it only logs to a header
which you don't have because you rejected the email.
You could try changing the line
dbg("ClamAV: result - $header");
To instead read info("ClamAV: result - $header");
Not sure where or if that will end up logging the info you want somewhere so
you might be best off turning on the ClamAV debug channel
http://wiki.apache.org/spamassassin/DebugChannels i.e. -D ClamAV should work.
regards,
KAM
