Hello,
I'am testing Exim-4.20+Exiscan-acl-4.20-09+Sophos under Solaris 9/Sparc.
It works perfectly. :)
I have one question. When Exim found virus, sends back complete message
to sender (with virus). This is bad idea. Outlook Express send message
with virus to all from address book. It makes loop. What can I do, that
sender got only information about virus ?
My exim.conf:
acl_smtp_data = acl_check_content
[...]
av_scanner = cmdline:/usr/local/bin/sweep -all -rec -archive %s:found:'(.+)'
[...]
acl_check_content:
# First unpack MIME containers and reject serious errors.
deny message = This message contains a MIME error ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
# Reject typically wormish file extensions. There is almost no
# sense in sending such files by email.
deny message = This message contains an unwanted file extension
($found_extension)
demime = ade:adp:bas:chm:cmd:cpl:crt:hlp:hta:inf:ins:isp:js: \
jse:lnk:mde:msc:msi:msp:mst:pcd:pif:reg:scr:sct:shs: \
url:vb:vbe:vbs:wmv:wsc:wsf:wsh
# Reject virus infested messages.
deny message = This message contains malware ($malware_name)
demime = *
malware = *
# finally accept all the rest
accept
Thanks for help
Slawek