exim+clamd not deny virus email how

Hi, Group,

I have to set up a very weird mail server - we need receive all emails containing spam and viruses, with only proper header inserted. We don't bounce-reject-discard-quarantine any email containing malwares or spam. We don't even need notifications. This is intentional for some research purpose.

Exim 4.43 runs as the MTA on the server (fedora core 2). Spambuttbuttin 3.0.4 is used for spam-scanning and ClamAV 0.87.1 is used to identify viruses. I also tried amavis-new as a bridge between exim and both scanners. All these tools (including necessary perl modules) are from Dag rpm repository.

After a lot of tweaking with Amavis-new, I almost got what we want. The only problem is, if I turned off the quarantine, the virus email will be re-wrapped as an attachment to another notification email. It seems the defang settings could not be turned off.

So now I am trying another method, that is, I only use exim ACLs to link clamd and spamd. This has some advantages over the amavis-new method: 1.) low resource required as the scanning happens at smtp time, so that only one exim instance is needed; 2.) An email can still get spam-score marked even it contains virus. By default, amavis-new will skip spam scanning if a virus is detected. 3.) With amavis-new method, I found it is very easy to the error of "retry time not reached for any host" This is exactly the same as described here, Although it will work again after using eximtidydb, but it will easily re-appear. Our server is a heavy-loaded one.

Problem still remains with exim acl method, though. The problem is that I can not manage clamd to insert a header for a virus email.

I googled and found useful discussions here, Following their solutions I can only added some header reporting the clamav information. I edited my exim configuration file,etc-exim-exim.conf like this:

{${extract{1}{-}{$value}}-${extract{2}{-}{$value}}} {Unknown Virus Scanner}} on $primaryhostname

mogrify draw text stopped working after upgrade
If anyone can recommend a more appropriate newsgroup for this question? We recently upgraded from php 4.1.2 to php 4.3.9 and ImageMagick 5.5.7 to version 6.2.5. I have a script...

# Reject virus infested messages. # deny message = This message contains malware ($malwarename) # malware = *

# Insert header reporting the virus. malware = *

detects the virus. If I change the warn policy back to deny, it immediately takes effect - the relay of the email is not allowed.

My questions is, how can I get the header inserted?

command line vs gui 6947
Good !! I was thinking that only a professional CAD user would be most qualitied to judge...

Alternatively, does anyone know how I can stop amavis-new wrapping the virus-infested email into an attachment to a warning email?

Many thanks for your help-hint!

List | Previous | Next

command line vs gui 6947

Linux groups from Newsgroups

The #1 Usenet Provider on the Internet

Unkillable process

PLEX86 x86- Virtual Machine (VM) Program


	Plex86 \| CVS \| Mailing List \| Download \| Linux \| Newsgroups

		exim+clamd not deny virus email how Hi, Group, I have to set up a very weird mail server - we need receive all emails containing spam and viruses, with only proper header inserted. We don't bounce-reject-discard-quarantine any email containing malwares or spam. We don't even need notifications. This is intentional for some research purpose. Exim 4.43 runs as the MTA on the server (fedora core 2). Spambuttbuttin 3.0.4 is used for spam-scanning and ClamAV 0.87.1 is used to identify viruses. I also tried amavis-new as a bridge between exim and both scanners. All these tools (including necessary perl modules) are from Dag rpm repository. After a lot of tweaking with Amavis-new, I almost got what we want. The only problem is, if I turned off the quarantine, the virus email will be re-wrapped as an attachment to another notification email. It seems the defang settings could not be turned off. So now I am trying another method, that is, I only use exim ACLs to link clamd and spamd. This has some advantages over the amavis-new method: 1.) low resource required as the scanning happens at smtp time, so that only one exim instance is needed; 2.) An email can still get spam-score marked even it contains virus. By default, amavis-new will skip spam scanning if a virus is detected. 3.) With amavis-new method, I found it is very easy to the error of "retry time not reached for any host" This is exactly the same as described here, Although it will work again after using eximtidydb, but it will easily re-appear. Our server is a heavy-loaded one. Problem still remains with exim acl method, though. The problem is that I can not manage clamd to insert a header for a virus email. I googled and found useful discussions here, Following their solutions I can only added some header reporting the clamav information. I edited my exim configuration file,etc-exim-exim.conf like this: {${extract{1}{-}{$value}}-${extract{2}{-}{$value}}} {Unknown Virus Scanner}} on $primaryhostname mogrify draw text stopped working after upgrade If anyone can recommend a more appropriate newsgroup for this question? We recently upgraded from php 4.1.2 to php 4.3.9 and ImageMagick 5.5.7 to version 6.2.5. I have a script... # Reject virus infested messages. # deny message = This message contains malware ($malwarename) # malware = * # Insert header reporting the virus. malware = * detects the virus. If I change the warn policy back to deny, it immediately takes effect - the relay of the email is not allowed. My questions is, how can I get the header inserted? command line vs gui 6947 Good !! I was thinking that only a professional CAD user would be most qualitied to judge... Alternatively, does anyone know how I can stop amavis-new wrapping the virus-infested email into an attachment to a warning email? Many thanks for your help-hint! KB List \| Previous \| Next



		command line vs gui 6947 Linux groups from Newsgroups The #1 Usenet Provider on the Internet Unkillable process