Is my clamav working?

Jørn-Morten Innselset jorn-morten.innselset at BANETELE.COM
Mon Mar 22 01:16:55 GMT 2004 

I'm a bit unsure that clamav is working in my Mailscanner setup - it _seems_
to work, according to the output to maillog (I've set up f-prot and clamav
as scanners):

Mar 22 02:10:09 mx MailScanner[41528]: Virus and Content Scanning: Starting
Mar 22 02:10:11 mx MailScanner[41528]:
/var/CommuniGate/spool/MailScanner/incoming/41528/./52599/mp3music.pif:
Worm.SomeFool.I FOUND
Mar 22 02:10:11 mx MailScanner[41528]: Virus Scanning: ClamAV found 1
infections
Mar 22 02:10:11 mx MailScanner[41528]:
/var/CommuniGate/spool/MailScanner/incoming/41528/52599/mp3music.pif
Infection: W32/Netsky.J at mm
Mar 22 02:10:11 mx MailScanner[41528]: Virus Scanning: F-Prot found virus
W32/Netsky.J at mm
Mar 22 02:10:11 mx MailScanner[41528]: Virus Scanning: F-Prot found 1
infections
Mar 22 02:10:11 mx MailScanner[41528]: Infected message 52599 came from
24.136.151.35
Mar 22 02:10:11 mx MailScanner[41528]: Virus Scanning: Found 1 viruses
Mar 22 02:10:11 mx MailScanner[41528]: Filename Checks: Possible MS-Dos
program shortcut attack (52599 mp3music.pif)
Mar 22 02:10:11 mx MailScanner[41528]: Other Checks: Found 1 problems
Mar 22 02:10:11 mx MailScanner[41528]: Virus Scanning completed at 15408
bytes per second
Mar 22 02:10:11 mx MailScanner[41528]: Notices: Warned about 1 messages
Mar 22 02:10:11 mx MailScanner[41528]: Virus Processing completed at 30816
bytes per second
Mar 22 02:10:11 mx MailScanner[41528]: Disinfection completed at 30816 bytes
per second

But there is no sign of clamav in the report:

The following e-mail messages were found to have viruses in them:

    Sender: xxx at xxx.xxx
IP Address: 24.136.151.35
 Recipient: yyy at yyy.yyy
   Subject: Re: Your music
 MessageID: 52599
    Report: F-Prot:
/var/CommuniGate/spool/MailScanner/incoming/41528/52599/mp3music.pif
Infection: W32/Netsky.J at mm
            MailScanner: Shortcuts to MS-Dos programs are very dangerous in
email (mp3music.pif)

Why isn't clamav mentioned here? Are there any settings I've overlooked?

Running MailScanner-devel-4.29.3, clamav-devel-20040313 on FreeBSD 4.9 with
CommuniGate Pro.

--
jmi

More information about the MailScanner mailing list