[Avcheck] Avcheck + avp + postfix = problem
Michael Tokarev
mjt@tls.msk.ru
Wed, 24 Apr 2002 13:30:01 +0400
> "Meduna, Grzegorz" wrote:
>
> Hello all!
[]
> on the test:
> [root@www avp]# /var/spool/avp/uchroot -u avclient / \
> > /var/spool/avp/avcheck -n -f root -d /var/spool/avp/./tst \
> > -s avp:/var/spool/avp/ctl/AvpCtl root < eicar.msg
Note the -n option.
[]
> But with avcheck system acts like a black hole - neither sender nor recipient receives nothing.
Is this happens with any mails or with infected mails only?
Just a guess: maybe you used -h option (to add Received: header)
for avcheck? There is an error in avcheck: when -h option given
first in command line, it is handled like request for help info,
and in this case mail will be lost. Just don't place -h as
*first* option.
Also, look above and note -n option you use for testing. -n
for avcheck means to act as content_inspector, not as content_filter.
With this option, good mails will NOT be sent by avcheck at all,
to be used with MTA that will process that email further by it's
own.
Regards,
Michael.