Exiscan+clamav

Daniel Bye freebsd-questions at slightlystrange.org
Tue Nov 16 09:56:42 PST 2004 

On Tue, Nov 16, 2004 at 11:17:13AM -0600, Adam M Ryan wrote:
> Thanks for all the replies.
> 
> Yes Clamd is running:
> 
> ps uaxww | grep clamav
> clamav   53191  0.0  1.6 10576 8128  ??  Is    8:48AM   0:00.00
> /usr/local/sbin/clamd
> 
> 
> 
> I have also went ahead and changed the settings in clamd to log everything.
> Still not seeing anything in the clamd log.  Not sure what else I am
> missing?  I used clamscan on some test files and they seemed to get
> deteceted without issue.

Hmm.  Have you got the correct path to the clamd socket in your exim
config file?  This seems the most likely fault now, if clamscan is
running from the command line.

You can check using sockstat:

# sockstat -ul | grep clam
clamav   clamd      39547 4  stream /var/run/clamav/clamd

Exim's log files, under /var/log/exim, may be a good place to look for a 
bit more detail about what's borking it.

> Maybe a posting of your clamd.conf and exim.conf?

Sure.  Here is my clamd.conf (omitting all comment lines)

LogFile /var/log/clamav/clamd.log
LogTime
LogVerbose
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd
FixStaleSocket
User clamav
AllowSupplementaryGroups
ScanMail
ArchiveMaxRecursion 8

And the salient bits of my exim config file:

av_scanner = clamd:/var/run/clamav/clamd

acl_check_content:
  deny  message = This message contains malware ($malware_name)
        demime  = *
        malware = *

The rest of the exim config is not relevant to this discussion.

HTH

Dan

-- 
Daniel Bye

PGP Key: ftp://ftp.slightlystrange.org/pgpkey/dan.asc
PGP Key fingerprint: 3B9D 8BBB EB03 BA83 5DB4 3B88 86FC F03A 90A1 BE8F
                                                                     _
                                              ASCII ribbon campaign ( )
                                         - against HTML, vCards and  X
                                - proprietary attachments in e-mail / \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20041116/02a6703c/attachment.bin

More information about the freebsd-questions mailing list