Re: [Exim] exiscan and AntiVir Command Line Scanner H+BEDV

Góra strony
Delete this message
Reply to this message
Autor: Tommi Maekitalo
Data:  
Dla: exim-users
Temat: Re: [Exim] exiscan and AntiVir Command Line Scanner H+BEDV
Hi,

I forgot to attach the log-entry:
2004-05-24 12:28:25 1BSCgy-0002ku-Q4 H=mail.somewhere.xx [1.2.3.4]
F=<user@???> rejected after DATA: This
message contains malware (unknown)

Tommi

Am Montag, 24. Mai 2004 12:19 schrieb Tommi Maekitalo:
> Hi,
>
> I try to set up a commandline scanner with exiscan. My setup detects
> viruses, but don't identify them. I think, there is something wrong with my
> regex. Here is my setup:
>
> av_scanner = cmdline:\
>         /usr/bin/antivir --allfiles -noboot -nombr -rs -s -z %s : \
>         ALERT:: : \[.*\]

>
> The output of the scanner is here:
>
> AntiVir / Linux Version 2.1.0-26
> Copyright (c) 1994-2004 by H+BEDV Datentechnik GmbH.
> All rights reserved.
>
> Loading /usr/lib/AntiVir/antivir.vdf ...
>
> VDF version: 6.25.0.73 created 19 May 2004
>
> AntiVir license: xxxxxxxx
>
> checking drive/path (list): .
> ALERT: [Worm/Sober.G worm] ./stuff_1412.zip <<< Contains signature of the
> worm Worm/Sober.G
>
>
> ----- scan results -----
>  directories:        1
>        files:        1
>       alerts:        1
>   suspicious:        0
>     repaired:        0
>      deleted:        0
>      renamed:        0
>    scan time: 00:00:01
> ------------------------
> Thank you for using AntiVir.

>
> #>
>
>
> It looks like the text "ALERT:" is found, but not this [.*]-stuff.
>
> Tommi
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##