Hi I had an unfortunate situation recently that got me thinking that the way amavis uses the two lists @av_scanners and @av_scanners_backup is perhaps not the best way to go. The way I see it, many AV scanners have specific fallback scanners. For example, I might run sophie, but if it fails I'd want to fallback to sweep; I might run clamd but I'd want to fall back to clamscan.
The situation I found myself in is as follows. I had two scanners: sophie and a pseudo-virus scanner much like the sample check-jpeg scanner in the default config file. (This scanner determines if an office file contains a macro and causes it to be quarantined.) What happened was the Sophie engine expired and started returning errors, but because the pseudo scanner successfully scanned files, amavis was happy that the files were being scanned. The sweep entry in @av_scanners_backup was never called, and so next to no scanning was being done. It would make more sense to me if each scanner in @av_scanners could have a reference to one secondary scanner(s) which only got called if the primary scanner failed. Perhaps this could be implemented if each entry in the @av_scanners list had an optional extra field that specified the name of another scanner (either in av_scanners or av_scanners_backup). If such a referenced scanner was named in the primary scanners list, it would be flagged as a backup scanner and not normally called. Cheers Jeremy ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
