[Avcheck] Antivirus with Postfix and DrWeb
Ralf Hildebrandt
Ralf.Hildebrandt@charite.de
Mon, 21 Jan 2002 17:24:20 +0100
On Mon, Jan 21, 2002 at 05:17:38PM +0100, Nicolai Str?m Gylling wrote:
> I'm trying to configure Postfix with the DrWeb antivirus scanner,
> using AVCheck to pipe the mails to the scanner.
Ah, correct list :)
> My current setup doesn't complain in any way(it delivers mail and
> everything *seems* to work, Avcheck adds a X-AV header), but I can't
> get it to detect the Eicar testmail(gzipped or not). I'm running both
> in chrooted enviroment, as suggested in the docs.
Get a real virus from http://www.stahl.bau.tu-bs.de/~hildeb/virus/ at
your own risk.
> localhost:1025 inet n - n - - smtpd -o content_filter=
> smtp inet n - n - - smtpd -o content_filter=avcheck
> avcheck unix - n n - 5 pipe
> flags=q user=avclient argv=/usr/local/avcheck/avcheck
> -d /var/spool/drwebtest -h Webpartner -s DrWeb:/usr/local/drweb/run/sock
> -f ${sender} -S :1025 -- ${recipient}
Looks ok.
> Could anyone guide me to where the problem might be, or how I could
> enable more logging, since I find it pretty hard to get any further,
> when I get no errors or the likes in return to my attempts.
Please try a real virus or a gzipped, zipped eicar file instead.
DrWeb may not recognize text/plain as virulent at all!
--
Ralf Hildebrandt (Im Auftrag des Referat V A) Ralf.Hildebrandt@charite.de
Charite Campus Virchow-Klinikum Tel. +49 (0)30-450 570-155
Referat V A - Kommunikationsnetze - Fax. +49 (0)30-450 570-916
"My computer's sick. I think my modem is a carrier."