Date: Tue, 16 Nov 2004 17:56:40 +0000 From: Daniel Bye <freebsd-questions@slightlystrange.org> To: freebsd-questions@FreeBSD.ORG Subject: Re: Exiscan+clamav Message-ID: <20041116175640.GA36502@catflap.slightlystrange.org> In-Reply-To: <20041116171715.EC66343D2D@mx1.FreeBSD.org> References: <20041116171715.EC66343D2D@mx1.FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--r5Pyd7+fXNt84Ff3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Nov 16, 2004 at 11:17:13AM -0600, Adam M Ryan wrote:
> Thanks for all the replies.
>=20
> Yes Clamd is running:
>=20
> ps uaxww | grep clamav
> clamav 53191 0.0 1.6 10576 8128 ?? Is 8:48AM 0:00.00
> /usr/local/sbin/clamd
>=20
>=20
>=20
> I have also went ahead and changed the settings in clamd to log everythin=
g.
> Still not seeing anything in the clamd log. Not sure what else I am
> missing? I used clamscan on some test files and they seemed to get
> deteceted without issue.
Hmm. Have you got the correct path to the clamd socket in your exim
config file? This seems the most likely fault now, if clamscan is
running from the command line.
You can check using sockstat:
# sockstat -ul | grep clam
clamav clamd 39547 4 stream /var/run/clamav/clamd
Exim's log files, under /var/log/exim, may be a good place to look for a=20
bit more detail about what's borking it.
> Maybe a posting of your clamd.conf and exim.conf?
Sure. Here is my clamd.conf (omitting all comment lines)
LogFile /var/log/clamav/clamd.log
LogTime
LogVerbose
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd
FixStaleSocket
User clamav
AllowSupplementaryGroups
ScanMail
ArchiveMaxRecursion 8
And the salient bits of my exim config file:
av_scanner =3D clamd:/var/run/clamav/clamd
acl_check_content:
deny message =3D This message contains malware ($malware_name)
demime =3D *
malware =3D *
The rest of the exim config is not relevant to this discussion.
HTH
Dan
--=20
Daniel Bye
PGP Key: ftp://ftp.slightlystrange.org/pgpkey/dan.asc
PGP Key fingerprint: 3B9D 8BBB EB03 BA83 5DB4 3B88 86FC F03A 90A1 BE8F
_
ASCII ribbon campaign ( )
- against HTML, vCards and X
- proprietary attachments in e-mail / \
--r5Pyd7+fXNt84Ff3
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQFBmj9XhvzwOpChvo8RAsNtAJoDUiNT/zsoTLNWfaeh1jk+LQB0pwCeKNKN
GdYjEFMQmnRceGFgarfzMsE=
=YQFp
-----END PGP SIGNATURE-----
--r5Pyd7+fXNt84Ff3--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041116175640.GA36502>