small bug in 4.66.5 - log entries missing

Greg Matthews gmatt at
Fri Feb 29 11:38:41 GMT 2008

Scott, Julian...

Scott Silva wrote:
> on 2-28-2008 11:28 AM Julian Field spake the following:
>> Sure. Please gzip it first. Is all the other logging working okay? 
>> Does it happen only with exactly this set?
>> Virus Scanners = clamavmodule
>> Exactly what log entries don't arrive in your syslog (when compared to 
>> using a different virus scanner)?
>> Jules
> Sorry Julian,
> I think Greg wanted a copy of mine to see if he had differences, at 
> least that is what I inferred.

Got your and the only difference between yours and mine 
is the patch I posted to correct the log entries (ie using 
"ClamAVModule" instead of $Name).

I've compared your MailScanner -V output and there are a few minor 
differences, most significant is probably Mail::ClamAV - you are using 
0.20 and I'm using 0.21. This may be a dead end tho as my test and dev 
host also runs with 0.21 and doesnt have this problem.

Julian, this is only happening on my production servers so I cant easily 
take out the other AV engines. The missing content was described at the 
start of this thread. Here is an example from sending the Eicar test 
virus through:

Feb 29 11:32:26 mailr-w MailScanner[609]: SophosSAVI::INFECTED:: 
EICAR-AV-Test:: ./m1TBUQc2032625/
Feb 29 11:32:30 mailr-w MailScanner[609]: ::INFECTED:: 
Eicar-Test-Signature:: ./m1TBUQc2032625/
Feb 29 11:32:52 mailr-w MailScanner[609]: 
m1TBUQc2032625/ EICAR-Test-File (not a virus)

Sophos and Bitdefender log as expected but the clamavmodule logging is 
missing the "ClamAVModule" part. It should read "ClamAVModule::INFECTED..."

Attached is the MailScanner -V output.

Peculiar behaviour - let me know if you want access to one of the 
affected hosts.

Greg Matthews           01491 692445
Head of UNIX/Linux, iTSS Wallingford

This message (and any attachments) is for the recipient only. NERC
is subject to the Freedom of Information Act 2000 and the contents
of this email and any reply you make may be disclosed by NERC unless
it is exempt from release under the Act. Any material supplied to
NERC may be stored in an electronic records management system.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: ms-vers.txt.gz
Type: application/x-gzip
Size: 928 bytes
Desc: not available
Url :

More information about the MailScanner mailing list