On 12/05/2009 01:27 AM, Phil Pennock wrote:
> ------- You are receiving this mail because: -------
> You are on the CC list for the bug.
>
> http://bugs.exim.org/show_bug.cgi?id=926
>
> Phil Pennock<exim-dev@???> changed:
>
> What |Removed |Added
> ----------------------------------------------------------------------------
> CC| |exim-dev@???
>
>
>
>
> --- Comment #1 from Phil Pennock<exim-dev@???> 2009-12-05 01:27:41 ---
> Thanks for the heads-up.
>
> Incidentally, it looks as though Exim has an undocumented feature (!!) in the
> ClamAV scanning.
>
> As well as using the SCAN command for unix-domain sockets, if you configure a
> second option of "local" for network sockets, it tells Exim to assume common
> storage (which, given Exim's spool ownership, had better mean "same machine")
> and so again issues the SCAN command, instead of STREAM.
>
> This would be a configuration of:
>
> av_scanner = clamd:192.0.2.42 1234:local
>
> Untested, but that's what the code appears to do.
>
> This is more efficient (avoids sending the files around) so is a win, if this
> configuration can work for you.
>
> -Phil
>
>
cf.
http://lists.exim.org/lurker/message/20070107.160455.b6eea57a.en.html
I found that it did not work (as of 4.69), but did with a minor patch.
I've not tested 4.71, but the equivalent lines are around malware.c:1193
Cheers,
Jeremy
