#cd /usr/local/ports/security/clamav
#make install clean
pico /etc/exim.conf
## Find primary_hostname and add the following line above
av_scanner = clamd:/var/run/clamav/clamd
## Find check_message:
## Make sure it looks like this:
check_message:
deny message = This message contains malformed MIME ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = *
deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
demime = bat:com
ifrf:scr:vbs
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
accept
## Save and exit
#/usr/local/etc/rc.d/exim restart
mars# ps -aux | grep clam
clamav 43593 0.0 0.2 4700 3220 ?? Is 9:53PM 0:00.00 /usr/local/bin/freshclam -d -c
clamav 43610 0.0 0.9 20896 19028 ?? Ss 9:53PM 0:00.16 /usr/local/sbin/clamd
root 45477 0.0 0.0 1416 844 p0 RL+ 10:08PM 0:00.00 grep clam
Cannot rejected Virus mail this test http://www.gfi.com/emailsecuritytest/
#tail -f /var/log/exim/mainlog
2006-05-22 22:07:30 1FiBzx-000BnZ-Ac => support <[email protected]> F=<[email protected]> R=spamcheck_director T=spamcheck S=3729
2006-05-22 22:07:30 1FiBzx-000BnZ-Ac Completed
2006-05-22 22:07:34 1FiBzz-000Bnp-JY => [email protected] <[email protected]> F=<[email protected]> R=lookuphost T=remote_smtp S=1778 H=mx3.mail.yahoo.com [64.156.215.18] C="250 ok dirdel"
2006-05-22 22:07:34 1FiBzz-000Bnp-JY Completed
2006-05-22 22:07:34 1FiBzy-000BnZ-Pb => support <[email protected]> F=<[email protected]> R=spamcheck_director T=spamcheck S=1611
2006-05-22 22:07:34 1FiBzy-000BnZ-Pb Completed
#cat /var/log/clamav/clamd.log
/var/spool/exim/scan/1FiBuP-000BcP-2r/1FiBuP-000BcP-2r.eml: OK
/var/spool/exim/scan/1FiBuP-000BcP-2r/1FiBuP-000BcP-2r-00000.com: OK
/var/spool/exim/scan/1FiBuS-000BcP-Fl/1FiBuS-000BcP-Fl.eml: OK
/var/spool/exim/scan/1FiBuS-000BcP-Fl/1FiBuS-000BcP-Fl-00000.com: OK
/var/spool/exim/scan/1FiBvM-000BeH-Fs/1FiBvM-000BeH-Fs.eml: OK
/var/spool/exim/scan/1FiBvM-000BeH-Fs/1FiBvM-000BeH-Fs-00000.com: OK
/var/spool/exim/scan/1FiBvQ-000BeH-MI/1FiBvQ-000BeH-MI.eml: OK
/var/spool/exim/scan/1FiBvQ-000BeH-MI/1FiBvQ-000BeH-MI-00000.com: OK
/var/spool/exim/scan/1FiBx6-000Bgv-CB/1FiBx6-000Bgv-CB.eml: OK
/var/spool/exim/scan/1FiBx6-000Bgv-CB/1FiBx6-000Bgv-CB-00000.com: OK
/var/spool/exim/scan/1FiBx7-000Bgv-Ps/1FiBx7-000Bgv-Ps.eml: OK
/var/spool/exim/scan/1FiBx7-000Bgv-Ps/1FiBx7-000Bgv-Ps-00000.com: OK
#make install clean
pico /etc/exim.conf
## Find primary_hostname and add the following line above
av_scanner = clamd:/var/run/clamav/clamd
## Find check_message:
## Make sure it looks like this:
check_message:
deny message = This message contains malformed MIME ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = *
deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
demime = bat:com
ifrf:scr:vbswarn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
accept
## Save and exit
#/usr/local/etc/rc.d/exim restart
mars# ps -aux | grep clam
clamav 43593 0.0 0.2 4700 3220 ?? Is 9:53PM 0:00.00 /usr/local/bin/freshclam -d -c
clamav 43610 0.0 0.9 20896 19028 ?? Ss 9:53PM 0:00.16 /usr/local/sbin/clamd
root 45477 0.0 0.0 1416 844 p0 RL+ 10:08PM 0:00.00 grep clam
Cannot rejected Virus mail this test http://www.gfi.com/emailsecuritytest/
#tail -f /var/log/exim/mainlog
2006-05-22 22:07:30 1FiBzx-000BnZ-Ac => support <[email protected]> F=<[email protected]> R=spamcheck_director T=spamcheck S=3729
2006-05-22 22:07:30 1FiBzx-000BnZ-Ac Completed
2006-05-22 22:07:34 1FiBzz-000Bnp-JY => [email protected] <[email protected]> F=<[email protected]> R=lookuphost T=remote_smtp S=1778 H=mx3.mail.yahoo.com [64.156.215.18] C="250 ok dirdel"
2006-05-22 22:07:34 1FiBzz-000Bnp-JY Completed
2006-05-22 22:07:34 1FiBzy-000BnZ-Pb => support <[email protected]> F=<[email protected]> R=spamcheck_director T=spamcheck S=1611
2006-05-22 22:07:34 1FiBzy-000BnZ-Pb Completed
#cat /var/log/clamav/clamd.log
/var/spool/exim/scan/1FiBuP-000BcP-2r/1FiBuP-000BcP-2r.eml: OK
/var/spool/exim/scan/1FiBuP-000BcP-2r/1FiBuP-000BcP-2r-00000.com: OK
/var/spool/exim/scan/1FiBuS-000BcP-Fl/1FiBuS-000BcP-Fl.eml: OK
/var/spool/exim/scan/1FiBuS-000BcP-Fl/1FiBuS-000BcP-Fl-00000.com: OK
/var/spool/exim/scan/1FiBvM-000BeH-Fs/1FiBvM-000BeH-Fs.eml: OK
/var/spool/exim/scan/1FiBvM-000BeH-Fs/1FiBvM-000BeH-Fs-00000.com: OK
/var/spool/exim/scan/1FiBvQ-000BeH-MI/1FiBvQ-000BeH-MI.eml: OK
/var/spool/exim/scan/1FiBvQ-000BeH-MI/1FiBvQ-000BeH-MI-00000.com: OK
/var/spool/exim/scan/1FiBx6-000Bgv-CB/1FiBx6-000Bgv-CB.eml: OK
/var/spool/exim/scan/1FiBx6-000Bgv-CB/1FiBx6-000Bgv-CB-00000.com: OK
/var/spool/exim/scan/1FiBx7-000Bgv-Ps/1FiBx7-000Bgv-Ps.eml: OK
/var/spool/exim/scan/1FiBx7-000Bgv-Ps/1FiBx7-000Bgv-Ps-00000.com: OK
Last edited: