>>>>> "Justin" == Justin F Knotzke <jknotzke@???> writes:
Justin> Hi,
Justin> On my Linux box logrotate ran and clamd didn't
Justin> restart. As a result my logs were full of:
Justin> 2003-10-02 16:19:12 1A59up-0004un-MG malware acl
Justin> condition: clamd: connection to 127.0.0.1, port 3310
Justin> failed (Bad file descriptor)
Justin> Would someone be as so kind as to tell me how I can
Justin> setup my exim4.conf to not reject mail after DATA because
Justin> it cannot contact clamd?
Try calling clamd using a script instead, for example :-
#!/usr/bin/perl -w
#
# Test script to run Trend/Clamav virus scanners from exiscan
use strict;
use File::Basename;
use File::Slurp;
use File::Spec::Functions;
my $to_log = ''; # logging written at end
my $scanned; # output from scanners
my $virus_found; # which virii found
my $save_virus; # save virus to Virus cache dir.
my $virus_cache_dir = "/var/cache/virusmails";
# Make sure files canæt be read by default
umask (027);
# Log intro
$to_log = "\n" . "*" x 80 . "\n" . gmtime() . "\n";
# Trend can handle the unpacking so give it the eml file instead of
# the directory. Note: interesting enough, giving Trend the directory
# seems to mean that the return code is 0, possibly because exiscan
# creates an empty _scanner_output file which is the last scanned.
my $file_to_scan = $ARGV[0];
die ("No file given\n") if ! $file_to_scan;
my $dir_name = basename ($file_to_scan);
my $eml = $dir_name . ".eml";
my $eml_file = catfile ($file_to_scan, $eml);
$file_to_scan = $eml_file if -f $eml_file;
# Do a Trend scan - just copy the output to exiscan, this will have to
# handled differently when clamav is added
$scanned = `/etc/iscan/vscan -a $file_to_scan 2>&1`;
$to_log .= $scanned . "Exit code : " . ($? >> 8) . "\n";
($virus_found) = $scanned =~ m"Found virus ([^ ]*)";
if ($virus_found) {
print "Found virus $virus_found\n";
$save_virus = -1;
}
# And clamav - use mbox for now although even snapshots after 0.60
# have problems
$scanned = `clamdscan $file_to_scan 2>&1`;
$to_log .= $scanned . "Exit code : " . ($? >> 8) . "\n";
($virus_found) = $scanned =~ m": ([^ ]*) FOUND";
if ($virus_found) {
print "Found virus $virus_found\n";
$save_virus = -1;
}
# A virus found so store the eml file if any to the virus cache dir.
if ($save_virus) {
if (-f $eml_file) {
eval { write_file (catfile ($virus_cache_dir, $eml), read_file ($eml_file)) };
}
if (! -f $eml_file || $@) {
$to_log .= "Unable to copy mail file - " .
(! -f $eml_file ?
"no .eml file found\n" :
$@
);
}
else {
$to_log .= "Copied mail file to " . catfile ($virus_cache_dir, $eml) . "\n";
}
}
# And log info. to the log file
append_file ("/var/log/exim4/virusscan", $to_log);
Sincerely,
Adrian Phillips
--
Who really wrote the works of William Shakespeare ?
http://www.pbs.org/wgbh/pages/frontline/shakespeare/
