Re: [exim] Exim on one box, clam on another - not detecting …

Top Page
Delete this message
Reply to this message
Author: Gary Stainburn
Date:  
To: exim-users
Subject: Re: [exim] Exim on one box, clam on another - not detecting virus
On Monday 27 July 2015 13:11:46 Luca Bertoncello wrote:
> I had this problem in the past...
> ClamAV works like FTP, so that it use TWO Ports! 3310 is "fix" and
> then it open another port "dynamically" to receive the E-Mail.
> If there is a Firewall between the to Servers, you have to open the
> second, dynamic, port...
> As I had the problem (the problem was not a Firewall, but a
> LoadBalancer) I solved with a Wrapper running on the Exim-Server and
> always send data to the same ClamAV-Server that got the initial
> packets...
>
> Maybe it helps you to find your solutions...
>
> Regards
> Luca Bertoncello

Hi Luca,

I did wonder that, as the config I'm testing does have a firewall in place
(I'm wanting my anti-virus server as secure as possible hence not being in
the DMZ).
I currently have my firewall allowing and logging all traffic between the
servers. It is showing the initial connection from exim to port 3310 and
what are the ftp sessions on other random ports, such as 1402, 1121, 1331.

I see no traffic being rejected.