Hi
On 19 Jan 2021, at 08:03, Dan Egli via Exim-users <exim-users@???> wrote:
> My bad. I pasted the wrong line. Sorry,
>
> av_scanner = clamd:/var/run/clamav/clamd.ctl
>
> And it's enabled. I'm using the exim4u config patches, and in exim4u_global_spam_virus:
>
> # ClamAV Global Setting
> # When enabled, Exim4U uses ClamAV to scan incoming mail for viruses during
> # the SMTP connection. ClamAV is enabled (on) or disabled (off):
> #ClamAV: off
> ClamAV: on
>
> Then in the main exim4.conf:
>
> CLAMENABLED = ${lookup{ClamAV}lsearch{/etc/exim4/exim4u_global_spam_virus}}
>
> and
>
> acl_check_content:
>
> # Accept any messages that are larger than 256k because they are not likely to contain
> # viruses... that large size of virus will take too long to replicate ;)
> accept condition = ${if >{$message_size}{256k}{yes}{no}}
>
> # Now process the rest
> warn condition = ${if eq{CLAMENABLED}{on}{yes}{no}}
> add_header = X-Scanned-By: ${extract{1}{/}{${readsocket{inet:localhost:3310}{VERSION}{1s}{} {unscanned}}}} \
> $acl_m_interface_opt $acl_m_helo_data ($acl_m_interface); $tod_full\n
There is nothing in the above telling Exim to scan the email. That would be a line of the form:
malware = *
somwhere in your DATA ACL.
Given that this is not a stock Exim, with a lot of config tweaks by an external 3rd party, you may need to ask your question of that 3rd party.
Graeme
