I have it working now. I do *NOT* know why. I have changed the relevant
defUnix.prf over and over (including how I have it now) to no previous
good result.
I am using kavdaemon 4.0.2.2
This is what I have discovered:-
in the /opt/AVP/etc/defUnix.prf file I have changed the 'Names='
parameter to:
[Object]
Names=*/
I call the daemon thus:-
/opt/AVP/kavdaemon -E -Y -f=/opt/AVP /var/spool/exim
using the RedHat init.d file, changing PIDFILE= & DPARMS= appropriately
PIDFILE=$INSTPATH/AvpPid
# DAEMONPID=`cat $PIDFILE`
#DPARMS="-I0 -Y"
DPARMS="-E -Y -f=/opt/AVP /var/spool/exim"
Also in the exim.conf file:-
exiscan_unpack_mime = false
is sufficient. You don't need to unpack the mail message for kav's
benefit.
Hope this helps. Still don't know why this didn't work earlier on in the
evening. I had very nearly given up (in disgust) and was ready to throw
the whole lot into the bin!
Regards
Dirk
On Wed, 09 Oct 2002 23:43:45 +0200
Tom Kistner <tom@???> wrote:
> Dirk Koopman wrote:
>
> > Query for the tests: <0>04 Apr
> > 05:00:00:/var/spool/exim/scan/17zMwO-0000c1-00
> >
> > Directory /var/spool/exim/scan/17zMwO-0000c1-00 wasn't included in
> > enabled paths.
>
> That is the problem. The slash at the end of the command line in my
> previous mail should take care of that. I am not familiar with the
> defUnix.prf thing, I remember just using the defaults. :)
>
> > -I3 or -E
> > deletes infected objects automatically.
> >
> > Which means that -E does the exact opposite to what you have
> > suggested.
>
> No. It disables cleaning attempts altogether. The daemon will then not
> ask for an action he should take, but rather delete the infected part
> (which is fine with us since we never want to get the mail back from
> him) and just send a report.
>
> At least that is what I could gather from the kavdaemon docs. The guy
> who engineered kavdaemons' socket protocol definitely had a few vodkas
> too many.
>
> /tom
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> #Exim details at http://www.exim.org/ ##
>
