[Mimedefang] Problem running clamd but not clamscan
Scott Harris
mimedefang at pikecreek.com
Wed Jan 28 12:17:28 EST 2004
> > > --
> >
> > I'm tempted to take the same route, except for the fact
> that I noticed
> > the filter time has gone up dramatically:
>
> Scott -
> The problem I had seemed to be that MD wasn't actually
> talking to clamd. (Do you catch the EICAR text file with
> clamd enabled?) It would make sense that MD processed
> significantly faster if it's not incurring the virusscan
> overhead at all. Maybe we could have someone with a working
> MD<->clamd setup try your speed test and report the
> difference in MD time between clamav and clamd...
>
>
> Ole
> --
Thanks for the replies everyone.
I was thinking they weren't talking also, that is why I did a
bunch of tests before I decided to post. I'm fairly confident
that it was working, as most of the scans from the test viruses
got caught. Below is the log for the test virus with a .zip file
attachment. So I'm pretty sure that clamd was catching at least
the test viruses. And I don't know if it is luck, or clamd just
hasn't been working, but the only other virus that shows up on the
logs (from months ago) was W32/Swen at MM.
Jan 27 09:06:26 linux1 sm-mta[6009]: i0RH6PVm006009:
from=<tester at testvirus.org>, size=1615, class=0, nrcpts=1,
msgid=<493602. at testvirus.org>, proto=ESMTP, daemon=MTA,
relay=12.5.18.175.excedent.us
[12.5.18.175] (may be forged)
Jan 27 09:06:26 linux1 mimedefang.pl[5980]:
MDLOG,i0RH6PVm006009,virus,Eicar-Test-Signature,12.5.18.175,<tester at testviru
s.org>,<virus at synthys.com>,Virus Scanner Test
Jan 27 09:06:26 linux1 mimedefang.pl[5980]:
MDLOG,i0RH6PVm006009,mail_in,,12.5.18.175,<tester at testvirus.org>,<virus at synt
hys.com>,Virus Scanner Test
Jan 27 09:06:26 linux1 mimedefang.pl[5980]: filter: i0RH6PVm006009:
append_text_boilerplate=1 discard=1 quarantine=1
Jan 27 09:06:26 linux1 mimedefang[6010]: i0RH6PVm006009: Discarding because
filter instructed us to
Jan 27 09:06:26 linux1 sm-mta[6009]: i0RH6PVm006009: Milter: data, discard
Jan 27 09:06:26 linux1 sm-mta[6009]: i0RH6PVm006009: discarded
More information about the MIMEDefang
mailing list