ClamAV module logging changed in 4.62

Greg Matthews gmatt at
Tue Aug 7 10:14:17 IST 2007

Julian Field wrote:
> Hash: SHA1
> Rick Cooper wrote:
>> Bear in mind that when clamd was added the name of the scanner is taked from
>> the structure and not hard coded so if he has the display of virus scanners
>> off there would be no name

ok. but I dont understand, what is "the structure" if you mean my 
MailScanner.conf, then clamavmodule is explicitly specified. I'm not 
sure what you mean by having "the display of virus scanners off" either. 
My SophosSAVI still shows log lines like the following:

Aug  6 08:29:20 mailr-w MailScanner[17999]: SophosSAVI::INFECTED:: 
Troj/Dloadr-BCP Troj/Dloadr-BCP:: ./l767T9Op023287/

but the corresponding clamavmodule line for the same message is:

Aug  6 08:29:21 mailr-w MailScanner[17999]: INFECTED:: 
Trojan.Downloader-12155:: ./l767T9Op023287/

> Good point. That's probably it, I didn't think any of the clamavmodule 
> logging should have changed.

excuse my ignorance, please explain the solution...


>> Rick

Greg Matthews           01491 692445
Head of UNIX/Linux, iTSS Wallingford

This message (and any attachments) is for the recipient only. NERC
is subject to the Freedom of Information Act 2000 and the contents
of this email and any reply you make may be disclosed by NERC unless
it is exempt from release under the Act. Any material supplied to
NERC may be stored in an electronic records management system.

More information about the MailScanner mailing list