Running:
Version: Linux_64 7.7i-1 Oct 5 2023 12:03:19 (Special pre-release version installed)
I have had ClamAV installed with extra definations for a long time. I can not use AVAST due to the port 80 restrictions locally here in my home network.
I noticed recently(not sure how long) only a few messages were being scanned by ClamAV. Previously when I had checked all messages were run through ClamAV. Dug
around in the docs and commands and found 'g_virus_cmd_email' and set that to true and all messages seem to be scanned again.
I noticed two issues.
1) messages were being bounced. previously they were dropped. I found 'g_virus_cmd_drop' and played with setting that to TRUE or 1 with no change in behavior.
I find bouncing to not be the desired result, but dropping the message is required for long term use of this system.
2) Special admin messages coming from 'root@ns3.lcrcomputer.net' are being tagged. Because they are log messages from my smart host, they may contain stuff that
ClamAV would object to(expected behavior). I found g_virus_simple_skip' but that has not had any effect. I put the from address in here to no change in behavior.
3) I also noted that the current Surgemail implementation uses 'clamdscan'. I have the ClamAV daemon loaded with a usable unix socket and previously that was how
messages were passed to ClamAV. Plus as the postmaster, I had buttons to twist to fine tune behavior and even exempt special admin messages that can trip
ClamAV.
Any advice here? Am I missing/overlooking some internal Surgemail commands?
Lyle Giese