[Avcheck] Please help.
Michael Tokarev
mjt at tls.msk.ru
Sun Jan 9 19:29:22 MSK 2005
Melekhov Alexandre A. wrote:
> Hi!
>
> Need to make friends Postfix & Clamav by Avcheck.
[]
> avcheck unix - n n - 5 pipe
> flags=q user=avclient argv=/var/spool/av/avcheck
> -d /var/spool/av/tst -s AVP:/var/clamd/clamd.sock
^^^
[]
> Jan 9 14:07:42 mail10 postfix/pipe[8743]: 76F5313895: to=<amel at df.ru>, relay=avcheck, delay=12, status=deferred (temporary failure. Command output: avcheck: unexpected AVP return code 69 (0x4e55) (kavdaemon av bases not found) )
It's... strange to see this, but: you understand AVP != Clamav, right? ;)
The two use completely different protocols, it's like trying to use, say,
FTP client to send mail to SMTP server, sort of...
For Clamav, there's a solution exists -- clamsmtp, see
http://memberwebs.com/nielsen/software/clamsmtp/ . There's a howto to
use postfix and clamsmtp together:
http://memberwebs.com/nielsen/software/clamsmtp/postfix.html
Piotr Klaban wrote a patch for avcheck to support Clamav protocol --
see http://www.corpit.ru/pipermail/avcheck/2004q1/000950.html
It looks like the patch should work just fine, if you really
want to go this route.
But with todays worms, it's better IMHO to try to reject ill
content right at the SMTP port, replying with 550 go away to
the end of DATA command (I for one dislike to throw mail away
as it makes the whole mail system way too unreliable for the
users, be it viruses or spam or something else; and bouncing
worms back to the fake sender is not right either). Clamsmtp
can be used to work as realtime filtering proxy for postfix
(aka before-queue content filter).
/mjt
More information about the Avcheck
mailing list