Paul Welsh
2014-09-21 21:07:59 UTC
Hi Michael
Thanks for the info about AVG you provided back in May.
I didn't get any luck with this. When I run avg with f-prot6 or clamd it
appears to work. I get this in maillog:
Clamd::INFECTED::Eicar-Test-Signature
Avg: Virus identified EICAR_Test; deleted in msg-9254-1.txt
and I get this in the attachment-warning.txt in the received message:
Clamd: msg-9254-1.txt was infected: Eicar-Test-Signature
Avg: Found virus deleted in file msg-9254-1.txt
So looks promising.
However, if I use AVG on its own I see this in the log:
Avg: Virus identified EICAR_Test; deleted in msg-12519-1.txt
Virus Scanning: Avg found 1 infections
Virus Scanning: Found 1 viruses
Delivery of nonspam
The message is delivered intact.
To test I'm including the eicar text in the body of a message. Using
MailScanner 4.84.5.
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140921/196c15a3/attachment.html
Thanks for the info about AVG you provided back in May.
I didn't get any luck with this. When I run avg with f-prot6 or clamd it
appears to work. I get this in maillog:
Clamd::INFECTED::Eicar-Test-Signature
Avg: Virus identified EICAR_Test; deleted in msg-9254-1.txt
and I get this in the attachment-warning.txt in the received message:
Clamd: msg-9254-1.txt was infected: Eicar-Test-Signature
Avg: Found virus deleted in file msg-9254-1.txt
So looks promising.
However, if I use AVG on its own I see this in the log:
Avg: Virus identified EICAR_Test; deleted in msg-12519-1.txt
Virus Scanning: Avg found 1 infections
Virus Scanning: Found 1 viruses
Delivery of nonspam
The message is delivered intact.
To test I'm including the eicar text in the body of a message. Using
MailScanner 4.84.5.
---------- Forwarded message ----------
From: Michael Huntley <michael at huntley.net>
To: MailScanner discussion <mailscanner at lists.mailscanner.info>
Date: Thu, 22 May 2014 23:00:28 -0700
Subject: Re: Antivirus performance, AVG
I got AVG to work.
avg /usr/lib/MailScanner/avg-wrapper /opt/avg/av
Save a copy just-in-case someone blows the dust off this project and
releases an update......
#Add the t option to delete infected object. MailScanner doesn't remove
it otherwise...
#probably a code issue. Don't care, throw the beastie away.
ScanOptions="-at"
PackageDir=$1
shift
Prog=avgscan
if [ "x$1" = "x-IsItInstalled" ]; then
[ -x ${PackageDir}/bin/$Prog ] && exit 0
exit 1
fi
# Force output into English
LANG=EN
export LANG
# update AVGs library reference
#Needed For Proper Use Of New AVG
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/avg/av/lib
export AVGINSTDIR=/opt/avg/av
export HOME=/opt/avg/av
exit 1
...
Save a backup of the wrapper in case (highly UNLIKELY at this time)
MailScanner has an update. HA!
Cheers!
mph
-------------- next part --------------From: Michael Huntley <michael at huntley.net>
To: MailScanner discussion <mailscanner at lists.mailscanner.info>
Date: Thu, 22 May 2014 23:00:28 -0700
Subject: Re: Antivirus performance, AVG
I got AVG to work.
avg /usr/lib/MailScanner/avg-wrapper /opt/avg/av
Save a copy just-in-case someone blows the dust off this project and
releases an update......
#Add the t option to delete infected object. MailScanner doesn't remove
it otherwise...
#probably a code issue. Don't care, throw the beastie away.
ScanOptions="-at"
PackageDir=$1
shift
Prog=avgscan
if [ "x$1" = "x-IsItInstalled" ]; then
[ -x ${PackageDir}/bin/$Prog ] && exit 0
exit 1
fi
# Force output into English
LANG=EN
export LANG
# update AVGs library reference
#Needed For Proper Use Of New AVG
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/avg/av/lib
export AVGINSTDIR=/opt/avg/av
export HOME=/opt/avg/av
exit 1
...
Save a backup of the wrapper in case (highly UNLIKELY at this time)
MailScanner has an update. HA!
Cheers!
mph
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20140921/196c15a3/attachment.html