[Avcheck] Antivirus with Postfix and DrWeb
Nicolai Strom Gylling
nsg@webpartner.dk
Tue, 22 Jan 2002 12:53:18 +0100
>Reading all this thread, I see no reason for avcheck+drweb to show this =
bad behaviour. All looks good. And this all works with great success =
at several servers.
>First of all, did you tried instructions outlined in README.DrWeb, part =
about manually running avcheck before plugging it into mail subsystem? =
Running it manually eliminates one software level. This way, it is far =
easier to debug things. Well, there is no debugging options in avcheck =
(I never considered this is a requiriment). But if you'll run it =
manually, you will be able to strace it too, and see avcheck <=3D> =
drwebd dialog.
>Please, post your complete drweb.ini file here, and a message you used =
for testing. Note that our server (powered by drweb!) may reject eicar =
(even if sent inside plaintext body), so you may want to either change =
it *in a known way* or post an url instead, or post in within =
password-protected .zip file (with password in the message!). Also, it =
will be interesting to see avcheck<=3D>drweb dialog in strace. For =
this, add `strace -o trace' before a command described in README.DrWeb =
file (that uchroot .. avcheck ... thingie).
>I'm very interested to know what's the problem. Setup you described =
should work, or some error condition should be logged. And I don't want =
you made some obvious mistake... ;)
Thanks for the insight in DrWeb and AVCheck.
I found the first problem. DrWeb didn't log into syslog, and it didn't =
have write-permission to the other directory i tried to log into. That =
explains quite a bit, so an indication from DrWeb during startup, would =
be helpful in this case :)
Now at least i get some logging, and can see why nothing happened, =
DrWeb.log:
Tue Jan 22 11:23:09 2002 /var/spool/drwebtest/18908.tmp - read error!
I will return if i need further assistance(unless one of you, know the =
common mistake for the above error, and just have to help me now :) )
Thanks for the help.