Re: [Exim] any frustations with exim+amavis

Top Page
Delete this message
Reply to this message
Author: Rainer Link
Date:  
To: Brunet Eric
CC: exim-users
Subject: Re: [Exim] any frustations with exim+amavis
> I assume that :
> amavis work fine ('make check' is ok)
> AvpDaemonClient works fine too (good return code (0) in dirs not
> infected) and code 4 for infected file


By default, the runtime directory of AMaViS is /var/amavis - please make
sure, AvpDaemon "observs" this directory, too.

> an exim log example of incoming infected mail(by EICAR.COM):
>
> 2002-10-10 18:53:24 17zgYu-0001kA-00 <= foo@??? H=ns2.office
> (smtp.xxxx.com) [192.168.x.yy] P=esmtp S=1067
> id=18547105025\.20021010190942@???
> 2002-10-10 18:53:25 17zgYv-0001kK-00 <= foo@??? U=amavis P=scanned-ok
> S=1254 id=18547105025.20021010190942@???
> 2002-10-10 18:53:25 17zgYu-0001kA-00 => ericb <ericb@???>
> D=amavis_director T=amavis
> 2002-10-10 18:53:25 17zgYu-0001kA-00 Completed
> 2002-10-10 18:53:25 17zgYv-0001kK-00 => ericb <ericb@???>
> D=localuser T=local_delivery
> 2002-10-10 18:53:25 17zgYv-0001kK-00 Completed


Set log_level to 5 in /usr/sbin/amavis, so amavis does a very verbose
logging. Depining how amavis is configured, amavis logs either via
syslog or to /var/amavis/amavis.log

best regards,
Rainer Link


HTH