I was looking at a message that had somehow gotten through my spam
filters to see if I could figure out why, when I discovered a line in
the header that said the message had not been virus scanned by exim.
THAT was a surprise. I have clamd running and the exim.conf points to it
(spamd_address = 127.0.0.1 783), so why on earth is it not scanning? I
looked, and clamd is running correctly. I even grabbed the EICAR.COM
test string and fed it to clamdscan. clamd caught it just fine. But when
I included the string in an email to myself, the message was delivered.
My next step was to test the file with the -bmalware option. THAT caused
an error (from the panic.log):
2021-01-18 23:52:21.261 dummy-808545818 Could not open datafile for
message dummy-808545818
2021-01-18 23:52:21.261 dummy-808545818 malware acl condition: error
while creating mbox spool file
My first thought is WHAT MBOX FILE? I don't use mbox, I use maildir!
Then I wondered if the permissions on the /var/spool/exim4/scan
directory were wrong. But they look right for Ubuntu 20.04LTS:
drwxr-x--- 2 Debian-exim clamav 4096 Jan 19 00:02 scan
On a whim, I changed the permissions to 777, and I STILL got the errors
about not being able to open the datafile and not being able to create
the mbox file.
I tried looking on google, and while I found a lot of messages
referring to this same kind of error, nothing looked solved. Maybe my
google-fu isn't strong enough right now, but I'm stumped. Please help!?
Thanks!
