[clue-tech] ClamAV
Mike Staver
staver at fimble.com
Mon Nov 28 16:58:44 MST 2005
>>What was the error message after you started clamav-milter?
>>
>>I'm currently running clamav-milter, spamass-milter and spamassassin on
>>Centos 4.
>>
>
> One more question - did you run make after you edited the sendmail.mc
> file to generate the new sendmail.cf file?
Sorry for the late reply, I took an extended holiday :) Yeah, I ran
make after editing sendmail.mc, and then I restarted sendmail, etc. The
error message I was getting was this:
# /etc/init.d/clamav-milter restart
Stopping Clamav Milter Daemon: [FAILED]
Starting Clamav Milter Daemon: clamav-milter: socket-addr
(local:/var/clamav/clmilter.socket) doesn't agree with sendmail.cf
[FAILED]
So, once I got Sendmail to place nice (my problem turned out to be that
I actually needed to edit /etc/sysconfig/clamav-milter to agree with
sendmail.mc, and intitially I didn't even realize that sysconfig file
existed), then clmilter still wouldn't start... Then I did some digging
and found that clamd said it was starting, when in fact it was not.
Turns out the clamav user didn't have access to /var/log/ and that's
where the log file was going to reside for clamd. I just changed the
config to stick the log file in /var/clamav, and all is well in ClamAV
land on my machine now.
I must admit though, I'm still trying to figure out what happens to a
message when it gets blocked by ClamAV. Obviously, if it's a worm
generated message containing a virus payload, I want the message
deleted. However, if it's an encrypted zip file or something, I would
atleast like notification that one was sent and from whom. I still
can't figure out how set something like this up using it.
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list