bdc and qmail-scanner
Lord of Gore
lordofgore at logsoftgrup.ro
Fri Apr 6 16:51:44 UTC 2007
I have an old machine with qmail on it. Clamdscan took a very long time
to scan files and I wanted to change the av scanner. I went for
bitdefender console. Indeed at a 14MB archive the time was tripled when
using clam.
Now... When qmail receives a mail it sends it to qmail scanner that
parses it and breaks it into a few files in a temporary directory.
When I send an email containing a virus archived with rar it passes the
scanner. Clam worked just fine. Now, for the kicky part:
I tinkered with the qmail-scanner script and changed it to show in
detail what it was doing and came up with the av scanner being called
like this:
<pathto>bdc --all --arc --mail <pathto>tmpdir. (all means all files, arc
means to parse archives and mail to treat files as mail)
Its output shows that there isn't any virus. I got around to make a copy
of the files that emerged after such an operation and issued the *same*
command and bang: the scanner saw the virus.
Now of course a few of you will say there must be a difference. Well
there isn't. I manually modified that script considering that I'm either
stupid, sick or blind and can't see something. It just doesn't perform
the same way. Well now I want to resolve the problem but seem to be
missing a button...
Any thoughts?
10ks
More information about the redhat-list
mailing list