Monitoring ClamAV and MailScanner
Martin Hepworth
maxsec at gmail.com
Sun Oct 2 14:51:59 IST 2011
MailScanner doesn't call spamd - it calls spamassassin using the Perl API's.
Any spamd activity appearing in the logs is nothing to do with MailScanner.
If you're calling spamd from sendmail you're more than likely calling
Spamassassin twice and making mail-flow alot slower than required.
MaiLScanner is reasonably chatty in the maillog so you can see what's
happening - have a look.
I'd also check you're getting MailScanner headers in processed email..you
might not have you're MTA configured correctly if you're not seeing these
headers.
--
Martin Hepworth
Oxford, UK
On 2 October 2011 01:39, Dave Helton <dave at kd0yu.com> wrote:
> HI Mike, everyone..
>
> Yes, you should disable spamassassin in your init.d startup, unless you're
> using for something else.
> MS calls the SA routines directly and does not need the SA daemon.
>
> To verify your clamav is working and logging properly... send yourself one
> of the Eicar sigs until
> you get the desired effect.
>
> --Dave
>
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:
> mailscanner-bounces at lists.mailscanner.info] On Behalf Of Mike
> Sent: Saturday, October 01, 2011 5:42 PM
> To: MailScanner discussion
> Subject: Re: Monitoring ClamAV and MailScanner
>
> On Sun, 2 Oct 2011, Peter Bonivart wrote:
>
> > On Sat, Oct 1, 2011 at 11:16 PM, Mike <mike at leawood.com> wrote:
> >> Yes, similar to that of SpamAssassin. I can see the "spamd"
> >> processing each e-mail in /var/log/maillog but I'm not seeing in for
> clamd/clamav.
> >
> > First of all, you shouldn't use spamd with MailScanner. Logging is set
> > in the configuration of MailScanner and ClamAV respectively, also
> > check syslog.conf.
>
> I should turn SpamAssassin off then? MailScanner automatically uses
> SpamAssassin even when it's not running? (i.e. similar to that of
> sendmail?).
>
>
> // from /etc/clamd.conf
>
> LogFile /var/log/clamav/clamd.log
> #LogVerbose yes
>
> I'm not seeing any scan results in clamd.log, should I turn on LogVerbose
> for more information to be updated in clamd.log?
>
>
> # Execute a command when virus is found. In the command string %v will # be
> replaced with the virus name.
> # Default: no
> #VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
>
> Should this option also be on?
>
> Thank you.
>
>
> Mike
>
> --
> This message has been scanned for viruses and dangerous content by
> MailScanner at KD0YU.COM, and is believed to be clean.
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner at KD0YU.COM, and is
> believed to be clean.
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20111002/cc1eadf5/attachment.html
More information about the MailScanner
mailing list