[Mimedefang] Problem running clamd but not clamscan

Scott Harris mimedefang at pikecreek.com
Wed Jan 28 12:17:28 EST 2004


> > > --
> > 
> > I'm tempted to take the same route, except for the fact 
> that I noticed 
> > the filter time has gone up dramatically:
> 
> Scott -
> 	The problem I had seemed to be that MD wasn't actually 
> talking to clamd. (Do you catch the EICAR text file with 
> clamd enabled?) It would make sense that MD processed 
> significantly faster if it's not incurring the virusscan 
> overhead at all. Maybe we could have someone with a working 
> MD<->clamd setup try your speed test and report the 
> difference in MD time between clamav and clamd...
> 
> 
> 		Ole
> --

Thanks for the replies everyone.

I was thinking they weren't talking also, that is why I did a 
bunch of tests before I decided to post.  I'm fairly confident 
that it was working, as most of the scans from the test viruses 
got caught.  Below is the log for the test virus with a .zip file 
attachment.  So I'm pretty sure that clamd was catching at least 
the test viruses.  And I don't know if it is luck, or clamd just 
hasn't been working, but the only other virus that shows up on the 
logs (from months ago) was W32/Swen at MM.



Jan 27 09:06:26 linux1 sm-mta[6009]: i0RH6PVm006009:
from=<tester at testvirus.org>, size=1615, class=0, nrcpts=1,
msgid=<493602. at testvirus.org>, proto=ESMTP, daemon=MTA,
relay=12.5.18.175.excedent.us
 [12.5.18.175] (may be forged)
Jan 27 09:06:26 linux1 mimedefang.pl[5980]:
MDLOG,i0RH6PVm006009,virus,Eicar-Test-Signature,12.5.18.175,<tester at testviru
s.org>,<virus at synthys.com>,Virus Scanner Test
Jan 27 09:06:26 linux1 mimedefang.pl[5980]:
MDLOG,i0RH6PVm006009,mail_in,,12.5.18.175,<tester at testvirus.org>,<virus at synt
hys.com>,Virus Scanner Test
Jan 27 09:06:26 linux1 mimedefang.pl[5980]: filter: i0RH6PVm006009:
append_text_boilerplate=1 discard=1 quarantine=1
Jan 27 09:06:26 linux1 mimedefang[6010]: i0RH6PVm006009: Discarding because
filter instructed us to
Jan 27 09:06:26 linux1 sm-mta[6009]: i0RH6PVm006009: Milter: data, discard
Jan 27 09:06:26 linux1 sm-mta[6009]: i0RH6PVm006009: discarded



More information about the MIMEDefang mailing list