Re: [exim] Reporting password-protected attachments (Sophie)

Page principale
Supprimer ce message
Répondre à ce message
Auteur: W B Hacker
Date:  
À: exim users
Sujet: Re: [exim] Reporting password-protected attachments (Sophie)
Keith Edmunds wrote:
> Should I be asking this question somewhere else?
>
> Thanks,
> Keith
>
>> Exim version 4.63 (Debian Etch)
>>
>> We're using Sophie for virus-checking incoming mail. Occasionally a
>> password-protected ZIP attachment arrives, which is detected by Sophos
>> (/var/log/mail.log reports "Error: File was encrypted"). However, all we
>> get in the Exim log is "malware acl condition: sophie reported error".
>>
>> Is it possible for Exim to be able to report that the file was encrypted?
>>
>> Thanks,
>> Keith
>


Perhaps.

- Exim *can* use the syslog logging facility instead of its own.

- Sopie *can* be made to log to other-than maillog.

- syslog *can* place output into more than one logfile.

- logfiles - or copies of same - could be interleaved even w/o syslog
(think 'common group membership and group-write privs).


I leave it to you if it is worth trying to consolidate all that such
that the relevant reports - if not 'adjacent' in the output, are at
least 'nearby'.

IMNSHO, it is a rare-enough case that I'd either not care, or not care
hard enough, long enough to need anything more than a grep run now and then.

After all - what is it that either Sophie or Exim would be asked to
actually *DO* about it (other than add an X-header and
[pass|reject|sequester])?

JM2CW,

Bill