Re: [Exim] exiscan + kaspersky

Top Page
Delete this message
Reply to this message
Author: Dirk Koopman
Date:  
To: Tom Kistner
CC: exim-users, support
Subject: Re: [Exim] exiscan + kaspersky
I have it working now. I do *NOT* know why. I have changed the relevant
defUnix.prf over and over (including how I have it now) to no previous
good result.

I am using kavdaemon 4.0.2.2

This is what I have discovered:-

in the /opt/AVP/etc/defUnix.prf file I have changed the 'Names='
parameter to:

[Object]
Names=*/

I call the daemon thus:-

/opt/AVP/kavdaemon -E -Y -f=/opt/AVP /var/spool/exim

using the RedHat init.d file, changing PIDFILE= & DPARMS= appropriately

PIDFILE=$INSTPATH/AvpPid
# DAEMONPID=`cat $PIDFILE`
#DPARMS="-I0 -Y"
DPARMS="-E -Y -f=/opt/AVP /var/spool/exim"

Also in the exim.conf file:-

exiscan_unpack_mime = false

is sufficient. You don't need to unpack the mail message for kav's
benefit.

Hope this helps. Still don't know why this didn't work earlier on in the
evening. I had very nearly given up (in disgust) and was ready to throw
the whole lot into the bin!

Regards

Dirk

On Wed, 09 Oct 2002 23:43:45 +0200
Tom Kistner <tom@???> wrote:

> Dirk Koopman wrote:
>
> > Query for the tests: <0>04 Apr
> > 05:00:00:/var/spool/exim/scan/17zMwO-0000c1-00
> >
> > Directory /var/spool/exim/scan/17zMwO-0000c1-00 wasn't included in
> > enabled paths.
>
> That is the problem. The slash at the end of the command line in my
> previous mail should take care of that. I am not familiar with the
> defUnix.prf thing, I remember just using the defaults. :)
>
> >        -I3 or -E
> >               deletes infected objects automatically.

> >
> > Which means that -E does the exact opposite to what you have
> > suggested.
>
> No. It disables cleaning attempts altogether. The daemon will then not
> ask for an action he should take, but rather delete the infected part
> (which is fine with us since we never want to get the mail back from
> him) and just send a report.
>
> At least that is what I could gather from the kavdaemon docs. The guy
> who engineered kavdaemons' socket protocol definitely had a few vodkas
> too many.
>
> /tom
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> #Exim details at http://www.exim.org/ ##
>