[Mimedefang] Vexira not being launched by MIMEDefang

Cormack, Ken kcormack at acs.roadway.com
Tue Sep 2 14:41:01 EDT 2003 

List,

We have recently installed  Central Command's VEXIRA antivirus engine for
Linux, on our SMTP gateway system.  That system is a Redhat box, with
sendmail 8.9.12 compiled from the official source tar-ball.  MIMEDefang is
at version 2.36.

In our installation, we are NOT running the vexira product in "on-access
mode", but are rather, letting MIMEDefang launch vexira "on-demand".

Previously, we were using the CPAN File::Scan module, with good success, and
numerous virii were trapped and logged by MIMEDefang.  I have rebuilt
MIMEDefang, and in the output of "mimedefang.pl -features", it clearly lists
VEXIRA as being installed (at /usr/bin/vexira).

In my /usr/local/bin/mimedefang.pl file, I have been alternately commenting
out vexira and File::Scan, to ensure that otherwise everything is working.
Here are the blocks of code that I've been toggling:

Currently, I have File::Scan active...

############
# RENABLE/DISABLED FILE::SCAN - KPC
(eval 'use File::Scan; $Features{"File::Scan"} = 1;')
    or $Features{"File::Scan"} = 0;
#$Features{"File::Scan"} = 0;

...and VEXIRA disabled...

############
# RE-ENABLE/DISABLE VEXIRA - KPC
$Features{'Virus:VEXIRA'}   = ('/bin/false' ne '/bin/false' ? '/bin/false' :
0);
#$Features{'Virus:VEXIRA'}   = ('/usr/bin/vexira' ne '/bin/false' ?
'/usr/bin/vexira' : 0);

In the above configuration, "mimedefang.pl -features" reports File::Scan
installed, and vexira not installed.  File::Scan is working fine, and is
blocking virus-laden messages.

If I toggle the comments (remembering that I DID rebuild mimedefang once
Vexira was installed, so any other dependencies for vexira should have been
set by MIMEDefang's build process), everything then looks like this...

############
# RENABLE/DISABLED FILE::SCAN - KPC
#(eval 'use File::Scan; $Features{"File::Scan"} = 1;')
#    or $Features{"File::Scan"} = 0;
$Features{"File::Scan"} = 0;

...and...

############
# RE-ENABLE/DISABLE VEXIRA - KPC
#$Features{'Virus:VEXIRA'}   = ('/bin/false' ne '/bin/false' ? '/bin/false'
: 0);
$Features{'Virus:VEXIRA'}   = ('/usr/bin/vexira' ne '/bin/false' ?
'/usr/bin/vexira' : 0);

... and "mimedefang.pl -features" reports File::Scan NO installed, and
VEXIRA installed, but MIMEDefang seems to make no attempt to call vexira, to
process a message.  Even the EICAR test file gets through.

Note that when I manually scan an EICAR-containing file using Vexira from
the commandline, it DOES report that it sees the EICAR test data in the test
file.  So I know the vexira product is correctlt installed and functioning.

Does anyone have any thoughts?

Ken

More information about the MIMEDefang mailing list