Hi,

I have installed ispconfig 2.2.9 on centos 4.4 which work fine so far except the notification for virus mails which should be sent to Antivirus-Admin.

What I could see is, that mail is scaned with clamassassin and that virus mails are sent to /dev/null but never any notification is sent to the email I specified as Antivirus-Admin.

I found that trashscan is configured with the email I specified but it looks like trashscan is superceded with clamassassin.

Since virus emails could be sent from a valid sender, it would be great to inform either the sender or maybe better the recipient that a mail has failed due to a virus.

Would it be possible to send only the header of the virus email via procmail before the mail is kicked to the trash ?

thx
cu
Tom

What I could see is, that mail is scaned with clamassassin and that virus mails are sent to /dev/null but never any notification is sent to the email I specified as Antivirus-Admin.

What's in the mail log when a virus mail arrives on your system?

To be honest, I'm not sure if we removed the virus notification emails... :confused:

What's in the mail log when a virus mail arrives on your system?

I have tested with the eicar testmail from heise.
The postfix maillog shows first a delivery to admispconfig, ( i guess to count the size) and then it is delivered to the info@ mailaccount, without errors.
Looks like a normal delivery of a mail but neither there is sent a mail to Antivirus-Admin nor to the info@ account, as well there is no answer sent back to the sender (which is ok due to sender spoofing)
Having a look at the .antivirus.rc
:0fw
| /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin

:0:
* ^X-Virus-Status: Yes
/dev/null

it seems that virus detection is working and the mail is sent to the trash (/dev/null)

execpt there is something magic in clamassassin I have not found yet I could not figure out how mail should be sent to the Antivirus-Admin.

Maybe a procmail roule like
:0hc
* ^X-Virus-Status: Yes
!antivirus@localhost
could this, but I am not a procmail geek so far :-)

thx
cu
Tom

This link might be interesting: http://www.howtoforge.com/procmail_tips_recipes

@Falko
Thx for this link.

I found an easy solution within .html-trap.rc which I modified a little and
.antivirus.rc now looks like this:

:0fw
| /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin

:0hci
* ^X-Virus-Status: Yes
| ( \
echo "To: $LOGNAME@localhost.localdomain";\
echo 'From: admispconfig@localhost.localdomain';\
echo 'Subject: Virus Warning';\
echo "X-Loop: Email Security Warning $HOST $SECRET";\
echo ;\
echo 'Headers from message:';\
echo ;\
sed -e 's/^/> /' ;\
) | $SENDMAIL -oi $LOGNAME

:0:
* ^X-Virus-Status: Yes
/dev/null

maby this could be done more elegant but it works for me
cu
Tom