Sendmail + clamav-milter...
Kevin J. Cummings
cummings at kjchome.homeip.net
Fri Dec 29 21:57:47 UTC 2006
Drew Bertola wrote:
> Hi,
Hi Drew,
I didn't see anyone reply to your problem. Did you ever get it sorted out?
> I'm setting up sendmail on FC6 and am having trouble determining whether
> or not clamav-milter is properly configured and running. I guess
> there's been some changes since the last time I set this up (FC3).
>
> I'm not sure if I need to install and run clamav-server w/
> clamav-server-sysv, but it wasn't pulled in as a dependency when I used
> yum to install clamav-milter.
Here is what I have installed:
clamav-lib-0.88.7-1.fc5.i386
clamav-milter-0.88.7-1.fc5.i386
clamav-data-0.88.7-1.fc5.i386
clamav-update-0.88.7-1.fc5.i386
clamav-0.88.7-1.fc5.i386
I can scan any files by command line that I want to. (I check my
family's files nightly via a cron job).
> I've added the following line to my sendmail.mc and rebuilt sendmail.cf
> (followed by a sendmail restart):
>
> INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav-milter/clamav.sock,
> F=, T=S:4m;R:4m')dnl
Matches what I have on FC5
> and the resulting sendmail.cf has:
>
> O InputMailFilters=clamav, milter-regex, greylist
> Xclamav, S=local:/var/run/clamav-milter/clamav.sock, F=, T=S:4m;R:4m
This also matches my FC5 (OK, I use spf-milter instead of milter-regex)
> When I send a mail out via "echo test | mail -v -s test
> drew at somewhere.com" I do receive the mail, but there's no header telling
> me it's gone through the milter. Anyone have an idea what's wrong?
You remembered to restart or reload sendmail, right?
Check your maillog for clamav messages. I see some like this:
> Dec 29 16:39:17 kjc386 sendmail[3713]: kBTLdGcG003713: Milter add: header: X-Virus-Scanned: ClamAV 0.88.7/2394/Fri Dec 29 08:30:43 2006 on kjc386.framingham.ma.us
> Dec 29 16:39:17 kjc386 sendmail[3713]: kBTLdGcG003713: Milter add: header: X-Virus-Status: Clean
I don't always see something in the email headers though. It might have
something to do with local email to local email. When I do see them,
they are the headers:
X-Virus-Scanned:
X-Virus-Status:
> Also, has anyone played with milter-regex or the greylist milter? How
> effective are they?
Greylist is *VERY* effective. I use a 5 minute delay, and keep
addresses whitelisted for 60 days. It cut out 90% of my SPAM when I
installed it. Email isn't "instantaneous" anymore, but, that's the
price you pay for allowing SPAM to get out of control.
SpamAssassin is also recommended, though it may take some
time/configuring to get right for you (allowing the Bayesian Filters to
learn in addition to the other pre-configured rules). I run mine
through procmail....
--
Kevin J. Cummings
kjchome at rcn.com
cummings at kjchome.homeip.net
cummings at kjc386.framingham.ma.us
Registered Linux User #1232 (http://counter.li.org)
More information about the fedora-list
mailing list