[Mimedefang] Vexira not being launched by MIMEDefang
Cormack, Ken
kcormack at acs.roadway.com
Tue Sep 2 14:41:01 EDT 2003
List,
We have recently installed Central Command's VEXIRA antivirus engine for
Linux, on our SMTP gateway system. That system is a Redhat box, with
sendmail 8.9.12 compiled from the official source tar-ball. MIMEDefang is
at version 2.36.
In our installation, we are NOT running the vexira product in "on-access
mode", but are rather, letting MIMEDefang launch vexira "on-demand".
Previously, we were using the CPAN File::Scan module, with good success, and
numerous virii were trapped and logged by MIMEDefang. I have rebuilt
MIMEDefang, and in the output of "mimedefang.pl -features", it clearly lists
VEXIRA as being installed (at /usr/bin/vexira).
In my /usr/local/bin/mimedefang.pl file, I have been alternately commenting
out vexira and File::Scan, to ensure that otherwise everything is working.
Here are the blocks of code that I've been toggling:
Currently, I have File::Scan active...
############
# RENABLE/DISABLED FILE::SCAN - KPC
(eval 'use File::Scan; $Features{"File::Scan"} = 1;')
or $Features{"File::Scan"} = 0;
#$Features{"File::Scan"} = 0;
...and VEXIRA disabled...
############
# RE-ENABLE/DISABLE VEXIRA - KPC
$Features{'Virus:VEXIRA'} = ('/bin/false' ne '/bin/false' ? '/bin/false' :
0);
#$Features{'Virus:VEXIRA'} = ('/usr/bin/vexira' ne '/bin/false' ?
'/usr/bin/vexira' : 0);
In the above configuration, "mimedefang.pl -features" reports File::Scan
installed, and vexira not installed. File::Scan is working fine, and is
blocking virus-laden messages.
If I toggle the comments (remembering that I DID rebuild mimedefang once
Vexira was installed, so any other dependencies for vexira should have been
set by MIMEDefang's build process), everything then looks like this...
############
# RENABLE/DISABLED FILE::SCAN - KPC
#(eval 'use File::Scan; $Features{"File::Scan"} = 1;')
# or $Features{"File::Scan"} = 0;
$Features{"File::Scan"} = 0;
...and...
############
# RE-ENABLE/DISABLE VEXIRA - KPC
#$Features{'Virus:VEXIRA'} = ('/bin/false' ne '/bin/false' ? '/bin/false'
: 0);
$Features{'Virus:VEXIRA'} = ('/usr/bin/vexira' ne '/bin/false' ?
'/usr/bin/vexira' : 0);
... and "mimedefang.pl -features" reports File::Scan NO installed, and
VEXIRA installed, but MIMEDefang seems to make no attempt to call vexira, to
process a message. Even the EICAR test file gets through.
Note that when I manually scan an EICAR-containing file using Vexira from
the commandline, it DOES report that it sees the EICAR test data in the test
file. So I know the vexira product is correctlt installed and functioning.
Does anyone have any thoughts?
Ken
More information about the MIMEDefang
mailing list