----- Original Message -----
From: "Mark Martinec" <[EMAIL PROTECTED]>
Bill,
> Has anyone created an amavisd.conf entry for Avast AV scanning support?
> If so, would you be willing to share the entry?
Responding to my own post, for anyone interested, the command line entry
for the Avast virus scanner that will work in the amavisd.conf file is:
Avast entries in my current code are:
# ### http://www.avast.com/
# ['avast! Antivirus daemon',
# \&ask_daemon, # greets with 220, terminates with QUIT
# ["SCAN {}\r\nQUIT\r\n", '/var/run/avast4/mailscanner.sock'],
# qr/[\t]\[+\]/, qr/[\t]\[L\][\t]/, qr/[\t]\[L\][\t](.+)[^\r\n]/ ],
# ### http://www.avast.com/
# ['avast! Antivirus - Client/Server Version', 'avastlite',
# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1],
# qr/[\t]\[L\][\t](.+)/ ],
### http://www.avast.com/
['avast! Antivirus', 'avastcmd',
'-ai -n -tA {}', [0], [1], qr/infected by: (.*)/ ],
kindly provided by Frantisek Mensik, ALWIL Software
Thanks Mark, exactly what I was looking for. One more question, my log
output now looks like:
=====
Feb 13 10:45:40 mgw1.pointshare.com /usr/local/sbin/amavisd[8400]:
(08400-01-2) ask_av (Avast! Antivirus daemon):
/var/amavis/tmp/amavis-20060213T104403-08400/parts INFECTED: Win32:Beagle-HZ
[Wrm
=====
What modification can I make to:
qr/[\t]\[+\]/, qr/[\t]\[L\][\t]/, qr/[\t]\[L\][\t](.+)[^\r\n]/ ],
in order to cut " [Wrm" from the end of the log output line?
Thanks,
Bill
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
