Author: Graeme Fowler Date: To: exim-users Subject: Re: [exim] clamd av_scanner does not use configured port
Replies on the list please, so everyone gets helped (and it gets
archived for the future)...
On Fri, 2009-05-29 at 08:50 -0500, Boyd Stephen Smith Jr. wrote: > That is unfortunate. Is there any way to restrict ClamAV to only one port for
> that? Or possibly an iptables conntrack helper to load?
Now that would be a question for the ClamAV support structure, rather
than here. But I'll give you some clues:
Clue 1: man clamd.conf
Clue 2: StreamMinPort
Clue 3: StreamMaxPort
;-)
> However, the exim server is named rei and can only connect to ichi on port 22
> and port 3310.
So it would appear that you need to open up this restriction a little in
order that ClamAV can work in the way it is designed. You probably need
an ACCEPT rule on a specified port range (see clues above) to permit
ichi to connect to rei on those ports.