Hello all!
I'm trying to configure the regular expressions to make Exim work with
ESET Security suite.
It was all fine, but I detected that I have to avoid some patterns.
The scanner output for a virus is:
file-20030201-161700-14842 -> MIME*: virus="VBS/Haptime.E worm"*
The first configuration I made was:
av_scanner = cmdline:\
/usr/bin/esets_cli --subdir %s:\
* :: virus= : virus="(.+)"*
It was ok, and Exim was stopping the viruses, but then, I detected that
I have to avoid some output patterns from the antivirus:
file-20030202-203146-10246 -> MIME -> part000.txt*: virus="is OK"*
that means there's _no virus_ on the file.
Here begins my problem with regular expressions. I tested the following
regex with pcretest, that worked:
# pcretest
PCRE version 6.7 04-Jul-2006
re> "virus=\"(?!is OK)"
data> virus="VBS/Haptime.E worm
0: virus="
data> virus="is OK
No match
Then, I think I failed to put it on exim4.conf to work, because
av_scanner = cmdline:\
/usr/bin/esets_cli --subdir %s:\
:: virus="(?!is OK) : virus="(.+)"
doesn't work. It can't even detect any virus.
Can you give me a hand to correct the expression ?
Thanks in advance,
--
Manuel Molina Cuberos
Administrador de Sistemas
Área Técnica
T-Online Telecommunications Spain, S.A.U
Grupo Deutsche Telekom
Edificio Gorbea 4
Avda. Bruselas, 20 3ª planta
28108 Alcobendas -- Madrid
Telf: +34 911 41 7931
Fax +34 911 41 7700
Este mensaje puede contener información confidencial dirigida únicamente
a su destinatario. Si usted no es el destinatario de este mensaje, según
consta en el mismo, por favor destruya el mensaje y advierta al
remitente del error respondiendo a este mensaje por correo electrónico.
No está autorizada la copia o entrega de este mensaje a quienes no son
destinatarios del mismo.
