________________________________ seems like that would even bypass procmail for infected messages, which I "quarantine" to /dev/null anyway. Although, one loses the automatic upgrades from ViaVerio. I'll look into it. ________________________________ Well it seemed to go fine, with two small stumbling blocks. ClamAV 0.87.1's installer found an old file /var/db/ports/clamav/options, from version 0.73 from its contents, and despite me using "make -DWITH_MILTER", it found a "WITHOUT_MILTER=true" line in that file and didn't (fully?) install the milter (no rc.d script, for example). After make delete, make reinstall displayed the options checklist mentioned in the document and the milter was installed. --quarantine-dir=/dev/null does not work due to the "lax security" the milter finds on that directory. However, adding to /etc/mail/aliases: dev-null: /dev/null ...and using the option "--quarantine=dev-null@servername", the milter does forward the virus to the dev-null alias. Of course, one must disable the ClamAV scan in procmailrc, or a message will get scanned twice. Since procmail isn't used I don't see a way to set ClamAV to ignore messages over a given size, which might be useful on a busy mail server with big attachments. - Steve Yates - ITS, Inc. - Hit me, beat me, make me write COBOL! ~ Taglines by Taglinator - www.srtware.com ~
<<winmail.dat>>