Nigel Wade wrote:
> Sorry, I forgot to add that the av_scanner is:
>
>
> av_scanner = cmdline:\
> /usr/local/bin/sweep -ss -all -rec -archive %s:\
> found:'(.+)'
>
>
Ok. I've got to the root of the problem, and it's a pretty annoying one.
It's an incompatibility between Exim 4.5 and Sophos sweep.
Sophos won't find a virus in an attachment whilst it's part of the message - it
needs to scan each component separately. Exiscan would split the message into
its constituent parts, each in a separate file. The directory containing these
files was passed to sweep which would scan all the files in that directory. This
worked.
Now Exim doesn't do this. It writes the entire message out as a single file, and
sweep won't detect viruses in the complete message.
Is there any way to get Exim to behave as exiscan did, and decompose the message
into it's constituent parts, and then pass the name of the directory containing
those parts to the virus scanner? If it can't it seems that Exim an Sophos have
parted company, and can no longer work together.
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw@???
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
