junk4 at klunky
Mar 22, 2011, 6:26 AM
Post #5 of 5
(711 views)
Permalink
|
|
Re: clamav-milter Debian Squeeze - socket configuration question
[In reply to]
|
|
On 03/22/2011 01:46 PM, Török Edwin wrote:
> On 2011-03-22 14:35, J4K wrote:
>> On 03/22/2011 01:06 PM, Török Edwin wrote:
>>> On 2011-03-22 13:43, J4K wrote:
>>>> Dear ClamAV chaps and chapettes,
>>>>
>>>>
>>>> I tried to get clamav-milter running, but can not get it to create a
>>>> socket. I thought that clamav-milter should crteate this itself upon
>>>> start-up.
>>>>
>>>> System: Debian Squeeze
>>>>
>>>> The clamav config is shown below. The socket is defined. (I don't
>>>> think this should be configued in the clamav-milter.conf as the socket
>>>> in there seems to provide communication between the milter and clamd.)
>>> There is ClamdSocket and MilterSocket in clamav-milter.conf, the former
>>> is for clamav-milter <-> clamd communication, the latter is what you
>>> want: clamav-milter <-> MTA(postfix) communication.
>>>
>>>> # cat /etc/default/clamav-milter |grep -v ^#
>>>> OPTIONS="--max-children=2 -ol"
>>>> SOCKET_RWGROUP=postfix
>>>> SOCKET=unix:/var/spool/postfix/clamav/clamav-milter.ctl
>>>>
>>>> The directory exists, and clamav can write into it.
>>>> # ls -ld /var/spool/postfix/clamav
>>>> drwxrws--- 2 clamav postfix 4096 Mar 22 12:34 /var/spool/postfix/clamav
>>>>
>>>> Notice that clamav-milter, after a restart, does not have any options
>>>> passed to it.
>>>> #ps aux | grep clamav-mil
>>>> clamav 19558 0.0 0.0 59728 936 ? Ssl 12:35 0:00
>>>> /usr/sbin/clamav-milter
>>>>
>>>>
>>>> Does anyone know what might have been mis-configured?
>>> clamav-milter doesn't take command-line flags (since about 2 years),
>>> everything is configured in clamav-milter.conf, see:
>>> http://wiki.clamav.net/bin/view/Main/UpgradeNotes095#Using_the_new_clamav_milter
>>>
>>> Best regards,
>>> --Edwin
>>> _______________________________________________
>>> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
>>> http://www.clamav.net/support/ml
>> Thank-you Edwin.
>>
>> Some other config related questions:-
>>
>> 1. In the clamav-milter.conf there is this setting:
>> LogInfected
>>
>> What are the valid settings for this. I tried with
>> LogInfected Basic
>> LogInfected Off
>> LogInfected On
>> but these did not work.
> What error did you get? Or the milter started, but didn't log anything?
> Did you define LogFile/LogSyslog?
>
>> 2. Is it possible to set a LocalNet that would always be allowed to send
>> Email.
>> e.g
>>
>> LocalNet local
>> ( I read this in the wiki, but did not see it defined in the .conf file.)
> Look at the example conf. file with all options here:
> http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob;f=etc/clamav-milter.conf
>
> --Edwin
> _______________________________________________
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://www.clamav.net/support/ml
Hi Edwin,
Thank-you once more.
Clamav-milter is in postfix and successfully rejects the test virus
strings that I sent to it.
Logically, clamav-milter is the heaviest process when it comes to
scanning, so I have added as the final one in the current milter change
in Postfix. Seems to make sense to me.
smtpd_milters = unix:/dkim-filter/dkim-filter.sock,
unix:/spamass/spamass.sock, unix:/clamav/clamav-milter.ctl
Cheers, S.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
|
