[Avcheck] Avcheck + avp + postfix = problem

Meduna, Grzegorz gm@petrosin.pl
Wed, 24 Apr 2002 08:42:05 +0200


This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C1EB5B.261C6170
Content-Type: text/plain;
	charset="iso-8859-2"

Hello all!

I've recently installed (or at least tried to install) avcheck in order to
replace kavkeeper for Postfix. I managed to successfuly start chrooted
kavdaemon and avcheck seems to work correctly:
on the test:
[root@www avp]# /var/spool/avp/uchroot -u avclient / \
>  /var/spool/avp/avcheck -n -f root -d /var/spool/avp/./tst \
>   -s avp:/var/spool/avp/ctl/AvpCtl root < eicar.msg
avcheck responds with mail message to configured mail account but while
avcheck is run as filter during message processing by Postfix, I get the
following:
---
Apr 24 08:08:09 www postfix/smtpd[5505]: connect from some.host[some.ip]
Apr 24 08:08:09 www postfix/smtpd[5505]: DA2183C2C8:
client=some.host[some.ip]
Apr 24 08:08:11 www postfix/cleanup[5506]: DA2183C2C8:
message-id=<7065CD21579ED511B8BD00D0B7A9BFBF0FE2BB@some.host>
Apr 24 08:08:11 www postfix/qmgr[5503]: DA2183C2C8: from=<user@sender.host>,
size=1632, nrcpt=1 (queue active)
Apr 24 08:08:11 www postfix/smtpd[5505]: disconnect from some.host[some.ip]
---
and... that's all. Nothing else happens. When postfix is configured with
kavkeeper the next line should be:
--
Apr 24 08:08:11 www postfix/pipe[5507]: DA2183C2C8:
to=<user@recipient.host>, relay=filter, delay=2, status=sent (dummy)
--
But with avcheck system acts like a black hole - neither sender nor
recipient receives nothing.
Do you have any idea what can be wrong with it? Or what else I can do to
check what happens (or what doesn't).

Thanks in advance,
Regards

--
Grzegorz Meduna

------_=_NextPart_001_01C1EB5B.261C6170
Content-Type: text/html;
	charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-2">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2653.12">
<TITLE>Avcheck + avp + postfix =3D problem</TITLE>
</HEAD>
<BODY>

<P><FONT SIZE=3D2>Hello all!</FONT>
</P>

<P><FONT SIZE=3D2>I've recently installed (or at least tried to =
install) avcheck in order to replace kavkeeper for Postfix. I managed =
to successfuly start chrooted kavdaemon and avcheck seems to work =
correctly:</FONT></P>

<P><FONT SIZE=3D2>on the test:</FONT>
<BR><FONT SIZE=3D2>[root@www avp]# /var/spool/avp/uchroot -u avclient / =
\</FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp; /var/spool/avp/avcheck -n -f root -d =
/var/spool/avp/./tst \</FONT>
<BR><FONT SIZE=3D2>&gt;&nbsp;&nbsp; -s avp:/var/spool/avp/ctl/AvpCtl =
root &lt; eicar.msg</FONT>
<BR><FONT SIZE=3D2>avcheck responds with mail message to configured =
mail account but while avcheck is run as filter during message =
processing by Postfix, I get the following:</FONT></P>

<P><FONT SIZE=3D2>---</FONT>
<BR><FONT SIZE=3D2>Apr 24 08:08:09 www postfix/smtpd[5505]: connect =
from some.host[some.ip]</FONT>
<BR><FONT SIZE=3D2>Apr 24 08:08:09 www postfix/smtpd[5505]: DA2183C2C8: =
client=3Dsome.host[some.ip]</FONT>
<BR><FONT SIZE=3D2>Apr 24 08:08:11 www postfix/cleanup[5506]: =
DA2183C2C8: =
message-id=3D&lt;7065CD21579ED511B8BD00D0B7A9BFBF0FE2BB@some.host&gt;</F=
ONT>
<BR><FONT SIZE=3D2>Apr 24 08:08:11 www postfix/qmgr[5503]: DA2183C2C8: =
from=3D&lt;user@sender.host&gt;, size=3D1632, nrcpt=3D1 (queue =
active)</FONT>
<BR><FONT SIZE=3D2>Apr 24 08:08:11 www postfix/smtpd[5505]: disconnect =
from some.host[some.ip]</FONT>
<BR><FONT SIZE=3D2>---</FONT>
<BR><FONT SIZE=3D2>and... that's all. Nothing else happens. When =
postfix is configured with kavkeeper the next line should be:</FONT>
<BR><FONT SIZE=3D2>--</FONT>
<BR><FONT SIZE=3D2>Apr 24 08:08:11 www postfix/pipe[5507]: DA2183C2C8: =
to=3D&lt;user@recipient.host&gt;, relay=3Dfilter, delay=3D2, =
status=3Dsent (dummy)</FONT></P>

<P><FONT SIZE=3D2>--</FONT>
<BR><FONT SIZE=3D2>But with avcheck system acts like a black hole - =
neither sender nor recipient receives nothing.</FONT>
<BR><FONT SIZE=3D2>Do you have any idea what can be wrong with it? Or =
what else I can do to check what happens (or what doesn't).</FONT>
</P>

<P><FONT SIZE=3D2>Thanks in advance,</FONT>
<BR><FONT SIZE=3D2>Regards</FONT>
</P>

<P><FONT SIZE=3D2>--</FONT>
<BR><FONT SIZE=3D2>Grzegorz Meduna</FONT>
</P>

</BODY>
</HTML>
------_=_NextPart_001_01C1EB5B.261C6170--