[Avcheck] README.AVP
Len Conrad
LConrad@Go2France.com
Sun, 11 Nov 2001 14:00:58 -0600
>It shouldn't be difficult either - you need only the executable,
>the virus/pattern bases, and two ini files from kav.
well, it's not obvious from the fog of files from kasp server + kasp
workstation + avcheck that it distills to really very few files.
>I assumed you're subscribed to avcheck mailinglist. Look into
>archives at www.corpit.ru/pipermail/avcheck/, and for october's
>threads in particular. Well, not that *great* information, but
>the setup procedure isn't very difficult either.
ok
> > [Actions]
> > InfectedAction=0
> > # This one is important.
> > .... but it doesn't exist.
>
>Again, search for InfectedAction.
found in, but NOT in the [ActionXxxx] stanzas
>As you can guess, them are examples. And in reality them are screwed
>up -- due to failure to make. Please do
done,works
> BTW, may be you can provide
>French translation too? ;)
when my English one works. We did our amavis into French, and will for
avcheck.
>I suggest you to place all libs into /lib -- without /usr,
>/usr/local and the like. Look into ldd output and then
>copy all listed libs into
> /var/spool/avp/lib/
>directory -- just like README.AVP says. About libintl -- it is
>in /usr/local/lib, I guess it is not a standard lib in FreeBSD
>and it is not searched by default.
all the lib sh!t is ok now.
here´s maillog showing a failure with virus attachement:
Nov 11 10:52:14 mgw2 postfix/smtpd[9852]: connect from unknown[66.64.14.18]
Nov 11 10:52:15 mgw2 postfix/smtpd[9852]: 3416955406:
client=unknown[66.64.14.18]
Nov 11 10:52:15 mgw2 postfix/cleanup[9853]: 3416955406:
message-id=<5.1.0.14.0.20011111124908.0203ac10@wheresmymailserver.com>
Nov 11 10:52:16 mgw2 postfix/nqmgr[9850]: 3416955406:
from=<lconrad@go2france.com>, size=23995, nrcpt=1 (queue active)
Nov 11 10:52:17 mgw2 postfix/smtpd[9852]: disconnect from unknown[66.64.14.18]
Nov 11 10:52:17 mgw2 postfix/pipe[9855]: 3416955406: to=<ryan@72mm.com>,
relay=avcheck, delay=1, status=deferred (temporary failure.
Command output: avcheck: uexpected AVP return code 70 (0x6946) )
Nov 11 11:25:19 mgw2 postfix/nqmgr[9850]: 3416955406:
from=<lconrad@go2france.com>, size=23995, nrcpt=1 (queue active)
Nov 11 11:25:19 mgw2 postfix/pipe[9887]: 3416955406: to=<ryan@72mm.com>,
relay=avcheck, delay=1984, status=deferred (temporary failure. Command
output: avcheck: uexpected AVP return code 70 (0x6946) )
and a msg without atachment thta goes ok:
Nov 11 11:33:30 mgw2 postfix/smtpd[9897]: connect from unknown[66.64.14.18]
Nov 11 11:33:30 mgw2 postfix/smtpd[9897]: 9A0B855407:
client=unknown[66.64.14.18]
Nov 11 11:33:34 mgw2 postfix/cleanup[9898]: 9A0B855407:
message-id=<5.1.0.14.0.20011111133234.02046c08@wheresmymailserver.com>
Nov 11 11:33:34 mgw2 postfix/nqmgr[9850]: 9A0B855407:
from=<lconrad@go2france.com>, size=523, nrcpt=1 (queue active)
Nov 11 11:33:34 mgw2 postfix/smtpd[9904]: connect from
localhost.72mm.com[127.0.0.1]
Nov 11 11:33:34 mgw2 postfix/smtpd[9904]: A5A3555408:
client=localhost.72mm.com[127.0.0.1]
Nov 11 11:33:34 mgw2 postfix/cleanup[9898]: A5A3555408:
message-id=<5.1.0.14.0.20011111133234.02046c08@wheresmymailserver.com>
Nov 11 11:33:34 mgw2 postfix/smtpd[9897]: disconnect from unknown[66.64.14.18]
Nov 11 11:33:34 mgw2 postfix/smtpd[9904]: disconnect from
localhost.72mm.com[127.0.0.1]
Nov 11 11:33:34 mgw2 postfix/pipe[9900]: 9A0B855407: to=<ryan@72mm.com>,
relay=avcheck, delay=4, status=sent (mgw2.72mm.com)
Nov 11 11:33:34 mgw2 postfix/nqmgr[9850]: A5A3555408:
from=<lconrad@go2france.com>, size=696, nrcpt=1 (queue active)
Nov 11 11:33:34 mgw2 postfix/smtp[9905]: A5A3555408: to=<ryan@72mm.com>,
relay=199.108.225.104[199.108.225.104], delay=0, status=sent (250 Message
queued)
I guess it's in .prf some param.
Len