Hi.

Following is what i have for Exim4.34 with exiscan patch (replacing Mailscanner which unnecessarily increased server load and built up mailQ):

##### clamav ACL, reject virus infected mails with proper error
deny message = This message contains malformed MIME ($demime_reason).
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus or other harmful content \ ($malware_name)
demime = *
malware = *
deny message = This message has been rejected because it has\n\
a potentially executable attachment $1\n\
This form of attachment has been used by\n\
recent viruses or other malware.\n\
If you meant to send this file then please\n\
package it up as a zip file and resend it.
demime = ade:adp:bas:bat:chm:cmd:com:cpl:crt:eml:exe:hlp:hta:inf:ins:isp:jse:lnk:mdb:mde:msc:msi:msp:pcd:reg:scr:sct:shs:url:vbs:vbe:wsf:wsh:wsc
##### end clamav ACL

This takes care of *No Virus Infected Messages* being able to be delivered to server.

Yes attachment scanning would at least ensure that GM user on server is not responsible for any virus infected messages.

Anup