Re: [exim] Exim+ClamAV header

Top Page
Delete this message
Reply to this message
Author: Ian FREISLICH
Date:  
To: Frank Elsner
CC: exim-users
Subject: Re: [exim] Exim+ClamAV header
Frank Elsner wrote:
> On Wed, 26 Oct 2005 17:20:49 +0700 Eshengazin S. Kuat wrote:
> > Victor V. Melnichenko __________:
> >
> > > How can i configure my exim.conf if i want that ClamAV add some header 
> > > to message. For example(clamav-milter+sendmail):
> > > X-Virus-Scanned: ClamAV 0.80/1142/Tue Oct 18 10:21:37 2005
> > >     clamav-milter version 0.80j
> > >     on domain.com
> > > X-Virus-Scanned: ClamAV version 0.87, clamav-milter version 0.87 on 
> > > domain.com
> > > X-Virus-Status: Clean
> > > X-Virus-Status: Clean

> > >
> > > How can i do this with exim+clamav?!
> > >
> > > Thanks
> > >
> > Not sure if this most right way , but on my box I do it in this way:
> >
> > # This router matches local user mailboxes.
> > localuser:
> > driver = accept
> > check_local_user
> > headers_add = ${run {/bin/sh /etc/exim/clamstring.sh}}
> > transport = local_delivery
> >
> > clamstring.sh contains next lines:
> > #!/bin/sh
> > echo X-Virus-Scanned: `clamd -V` on `hostname`
>
> The end of my check_smtp_data ACL:
>
>   warn    message = :after_received:X-Virus-Check: \
>           ${run{/usr/ClamAV/bin/clamd --version}\
>           {${extract{1}{/}{$value}}/${extract{2}{/}{$value}}}\
>           {unchecked}} on $primary_hostname; $tod_full


I guess there are many ways to skin a cat. I prefer:

  warn     message      = X-Virus-Scanned: Clear (${readsocket{/var/run/clamav/c
lamd.sock}{VERSION}{2s}{}{Could not determin AV Version}})


Because it doesn't have the performance hit of having to exec an
external program. Just connect to the clamd socket and as for its
version. Do this after you've scanned then message so you don't
land up lying to the client.

Ian

--
Ian Freislich