Re: [exim] Virus/Malware errors

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Dan Egli
Data:  
Para: exim-users
Asunto: Re: [exim] Virus/Malware errors
I don't claim to have any idea what happened, but all of a sudden it
started working. I am glad to see it working but hate it when things
change mysteriously. Anyway, as long as it's working I won't complain
very loud about not understanding WHY.


On 1/19/2021 1:46 AM, Graeme Fowler via Exim-users wrote:
> Hi
>
> On 19 Jan 2021, at 08:03, Dan Egli via Exim-users <exim-users@???> wrote:
>> My bad. I pasted the wrong line. Sorry,
>>
>> av_scanner = clamd:/var/run/clamav/clamd.ctl
>>
>> And it's enabled. I'm using the exim4u config patches, and in exim4u_global_spam_virus:
>>
>> # ClamAV Global Setting
>> # When enabled, Exim4U uses ClamAV to scan incoming mail for viruses during
>> # the SMTP connection. ClamAV is enabled (on) or disabled (off):
>> #ClamAV: off
>> ClamAV: on
>>
>> Then in the main exim4.conf:
>>
>> CLAMENABLED = ${lookup{ClamAV}lsearch{/etc/exim4/exim4u_global_spam_virus}}
>>
>> and
>>
>> acl_check_content:
>>
>> # Accept any messages that are larger than 256k because they are not likely to contain
>> # viruses... that large size of virus will take too long to replicate ;)
>>    accept condition              = ${if >{$message_size}{256k}{yes}{no}}

>>
>> # Now process the rest
>>    warn  condition               = ${if eq{CLAMENABLED}{on}{yes}{no}}
>>          add_header              = X-Scanned-By: ${extract{1}{/}{${readsocket{inet:localhost:3310}{VERSION}{1s}{} {unscanned}}}} \
>>                                    $acl_m_interface_opt $acl_m_helo_data ($acl_m_interface); $tod_full\n
> There is nothing in the above telling Exim to scan the email. That would be a line of the form:

>
> malware = *
>
> somwhere in your DATA ACL.
>
> Given that this is not a stock Exim, with a lot of config tweaks by an external 3rd party, you may need to ask your question of that 3rd party.
>
> Graeme