[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fw: [vps-mail] Re: Clamav
- Subject: Re: Fw: [vps-mail] Re: Clamav
- From: "Dale Britt" <dbritt@xxxxxxxxxxxxxxx>
- Date: Wed, 17 Mar 2004 14:00:41 -0800
Hi Scott
This didn't work, any suggestions?
Thanks
Dale
----- Original Message -----
From: "Dale Britt" <dbritt@xxxxxxxxxxxxxxx>
To: <vps-mail@xxxxxxxxxxxx>
Sent: Tuesday, March 09, 2004 11:35 AM
Subject: Re: Fw: [vps-mail] Re: Clamav
> Here is the full procmailrc file:
>
> ## BEGIN ClamAV Scanning Block: edits inside this block may be
> ## reverted at upgrade. Edit at your own risk!
>
> TMPLOGFILE=$LOGFILE
> TMPLOGABSTRACT=$LOGABSTRACT
> TMPVERBOSE=$VERBOSE
> SENDMAIL=/usr/sbin/sendmail
> LOGFILE=/var/log/procmail.clamav
> LOGABSTRACT=all
> VERBOSE=on
> NL="
> "
>
> :0
> CLAMAV=|/usr/local/bin/clamscan --disable-summary --stdout --mbox -
>
> :0
> * CLAMAV ?? .*: \/.* FOUND
> {
> LOG="Possible virus ${MATCH}${NL}"
>
> :0 fhw
> | formail -a"X-ClamAV: ${MATCH}"
> }
>
> :0E fhw
> | formail -a"X-ClamAV: clean"
>
> :0
> * ^X-ClamAV: \/.*
> * ! MATCH ?? ^^clean^^
> {
> DROPPRIVS=yes
>
> ## this is slightly modified with a 'c' flag
> :0c:
> $HOME/quarantine
>
> ## send notification to recipient
> SUBJECT=`formail -zxSubject:`
> :0 h
> | (formail -i"From: Virus Scanner <support@xxxxxxxxxxxxxxx>" \
> -I"Subject: VIRUS FOUND (was: $SUBJECT)"; \
> cat /usr/local/etc/virus_message.txt;) | $SENDMAIL -t
> ## end notification section
> }
>
> LOGFILE=$TMPLOGFILE
> LOGABSTRACT=$TMPLOGABSTRACT
> VERBOSE=$TMPVERBOSE
>
> ## END ClamAV Scanning Block
> ----- Original Message -----
> From: "Scott Wiersdorf" <scottw@xxxxxxxxxxxx>
> To: <vps-mail@xxxxxxxxxxxx>
> Sent: Tuesday, March 09, 2004 10:43 AM
> Subject: Re: Fw: [vps-mail] Re: Clamav
>
>
> > On Tue, Mar 09, 2004 at 10:25:04AM -0800, Dale Britt wrote:
> > > Hi Scott
> > >
> > > It looks like the log file thinks that there is never a virus coming
> > > through.
> > >
> > > Here is the log on it
> > >
> > > procmail: [87623] Tue Mar 9 17:40:01 2004
> > > procmail: Assigning "NL=
> > > "
> > > procmail: Assigning "CLAMAV="
> > > procmail: Executing
> > > "/usr/local/bin/clamscan,--disable-summary,--stdout,--mbox,-"
> > > procmail: [87623] Tue Mar 9 17:40:02 2004
> > > procmail: No match on ".*: \/.* FOUND"
> > > procmail: Executing "formail,-aX-ClamAV: clean"
> > > procmail: Assigning "MATCH="
> > > procmail: Matched "clean"
> > > procmail: Match on "^X-ClamAV: \/.*"
> > > procmail: No match on ! "^^clean^^"
> > > procmail: Skipped "-I"Subject: VIRUS FOUND (was: $SUBJECT)"; \"
> > > procmail: Skipped "/usr/local/etc/virus_message.txt;) | $SENDMAIL -t"
> >
> > That appears to be correct! Now your task is to figure out why
> > procmail is not assigning the CLAMAV variable (currently, it's just
> > assigning it empty: procmail: Assigning "CLAMAV=").
> >
> > Do you have this recipe before your notification recipe?
> >
> > :0
> > CLAMAV=|/usr/local/bin/clamscan --disable-summary --stdout --mbox -
> >
> > Scott
> > --
> > Scott Wiersdorf
> > scottw@xxxxxxxxxxxx
> > ======================================================================
> > This is <vps-mail@xxxxxxxxxxxx> <http://www.perlcode.org/lists/>
> > Before posting a question, please search the archives (see above URL).
> ======================================================================
> This is <vps-mail@xxxxxxxxxxxx> <http://www.perlcode.org/lists/>
> Before posting a question, please search the archives (see above URL).
======================================================================
This is <vps-mail@xxxxxxxxxxxx> <http://www.perlcode.org/lists/>
Before posting a question, please search the archives (see above URL).
Main Index |
Thread Index