Re: [Exim] Exim + virus-scanning

Top Page
Delete this message
Reply to this message
Author: Mike Weller
Date:  
To: Dave Temple
CC: exim-users
Subject: Re: [Exim] Exim + virus-scanning
Dave Temple wrote:
> Yes, the exim setup in the amavis documentation does indeed give you a setup
> with this property. We use the perl version of amavis here, and I found the same
> thing when I set it up. You can use the "batch_max" option in your amavis
> transport to tell it it can deal with more than one recipient. Also, you can use
> the variable ${pipe_addresses} to get the list of these recipients to feed into
> amavis. We have as our amavis transport:-


Dave,

Thanks for the info. I'm glad to know that it can be done. The only
difference is that I'm still using the SH-version of amavis (which is
called scanmails), but that shouldn't matter. I changed the following
lines in my exim.conf:

(I commented out the old lines):

# batch_max = 32767
# command = "/usr/sbin/scanmails -f ${sender_address} -d ${local_part}"
batch_max = 100
batch = all
command = "/usr/sbin/scanmails -f ${sender_address} -d ${pipe_addresses}"

I modified scanmails so that it would dump the arguments for testing:
echo $* > /tmp/scan.$$

I restarted exim 3.16, and e-mailed test3 & test4 in the same mailing, I got
2 separate scanmails PIDs, with $pipe_addresses instead of $local_part:

scan.27139
::::::::::::::
-f weller@??? -d test3@???

scan.27225
::::::::::::::
-f weller@??? -d test4@???

So, I still have the problem with it scanning for each e-mail.
Should $pipe_addresses expand to "test4@??? test3@???"?

I have 2 transports - scanmails_pipe and scanmails_remote. I
modified both instances just to be on the safe side.

I can send my entire exim.conf if that helps. Thanks again,

-Mike


Dave Temple wrote:
> Quoting Mike Weller <weller@???>:
> > I currently run exim with amavis to scan for viruses. I also use
> > mailman, a mailing list program. Here's the problem... whenever
> > someone sends to a mailist list, it checks for viruses for each
> > individual mailing list recipient. Even if I don't use mailman and I
> > directly listed the recipients in a single e-mail, it will behave the
> > same way. I want it to just check ONCE and then bypass the antivirus
> > checking. I'm trying to figure out the easiest way to do this. Let
> > me explain my setup.
>


...
>
> amavis:
> driver = pipe
> batch = all
> batch_max = 100
> command = "/usr/sbin/amavis -f ${sender_address} -d ${pipe_addresses}"
> prefix =
> suffix =
> check_string =
> escape_string =
> return_output = false
> return_path_add = false
> user = amavis
> group = cc
> path = "/bin:/sbin:/usr/bin:/usr/sbin"
> current_directory = "/var/amavis"
>
> It does indeed seem to work well, and does appear to scan messages once for up
> to 100 recipients (if the message was a single message to start with). I just
> picked the 100 figure out of the air because nobody could tell me how many
> command line arguments my Linux system would be likely to accept (anyone know?).
>
> Some old mailing list software already splits messages into multiple sends
> though. We don't use mailman, but I suspect it isn't one of those as its pretty
> up to date.
>
> ---
>
> Dave Temple, Head of Network Services
> Loughborough University Computing Services
>
>



-- 
Michael J. Weller, M.Sc.               office: (972) 235-7881 x.242
weller@???                         cell: (214) 616-6340
Zyvex Corp., 1321 N Plano           facsimile: (972) 235-7882    
Richardson, TX 75081                      icq: 6180540