Re: [Exim] exiscan regexp

Pàgina inicial
Delete this message
Reply to this message
Autor: Paulo Almeida
Data:  
A: Anand Buddhdev
CC: exim-users
Assumpte: Re: [Exim] exiscan regexp
> On Tue, Mar 02, 2004 at 02:18:50PM -0000, Paulo Almeida wrote:
>
>> Hi,
>>
>> I'm trying use Bitdefender for linux with exiscan-acl on Exim4.30
>> installtion. The problem is that i can't get the regular expression to
>> extract the name of the virus found. I'm not a regular expression
>> specialist so somebody can help me?
>>
>> Run bdc on eicar test file we get the follow:
>>
>> # bdc --all --arc eicar.com
>>
>> /path/to/file/eicar.com infected: EICAR-Test-File (not a virus)
>
> Try something like:
>
> infected:: (.*)
>
> --
> Anand Buddhdev
> Celtel International
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
>
>
>

I've tried your sugestion but it didn't work

ERROR: ...
malware acl condition: missing virus name regex specification for cmdline
scanner type.

The best that i can do is using:

%s:Infected:Infected\:: (.*)

and the mail is rejected:

550 This message contains a virus or other harmful content (unknown)

but still missing the virus name.

If i use "infected" instead of "Infected" the mail is
delivered.

Paulo

--
Escola Superior de Enfermagem S. João
Deptª Informática
Rua Dr. António Bernardino de Almeida
4200-072 Porto
Tel: +351225073500 - Fax: +351225096337
web: www.sj.esenf.pt