Author: Phil Pennock Date: To: Frank Elsner CC: exim-users Subject: Re: [exim] ClamAV changes needing testing
On 2010-06-10 at 11:30 +0200, Frank Elsner wrote: > On Sat, 5 Jun 2010 04:21:25 -0700 Phil Pennock wrote:
> > Folks,
>
> Hello Phil and all others,
>
> > There's an upcoming change to ClamAV, to remove the scanning API which
> > released versions of Exim use. I don't know the current schedule for
> > that, but when we last checked, on bug 926, it was set for the middle of
> > 2010. *cough*
> >
> > I've committed to CVS my patches to switch Exim to the new scanning API
> > and clean up some of that code. This code could *really* do with some
> > enthusiastic stress-testing by volunteers. To make it easier to test,
> > if you're an admin user then you get to use the new command-line option,
> > -bmalware, which takes a filename and subjects that file to Exim's
> > malware scanning, whatever that might be.
>
> I did no stress-testing but must say: It works with ClamAV 0.96.1.
>
> But I failed to use the "-bmalware" option:
Per docs, you need to supply a full path to the file, because Exim will
have chdir()'d away.
> > exim -v -bmalware ./1275920494.H285242P16468.c64.shuttle.de,S=1266:2,S
> LOG: MAIN PANIC
> Could not open datafile for message dummy-545383960
> LOG: MAIN PANIC
> malware acl condition: error while creating mbox spool file
These would be good examples of why -bmalware is only for testing your
Exim setup, not for using Exim as a general purpose malware scanner. :)
