I'm using Scientific Linux 6.1, Postfix 2.8.4 and Amavisd-new 2.6.4 with
ClamAV 0.97.
Everything works with one exception: I can't see the name of the virus in
the maillog. This is an example when I'm sending empty mail with eicar
virus as an attachment:
Aug 22 14:46:46 zet amavis[26543]: (26543-01) ask_av (Clam
Antivirus-clamd) result:
/var/spool/amavisd/tmp/amavis-20110822T144646-26543/parts/p004:
Eicar-Test-Signature
FOUND\n/var/spool/amavisd/tmp/amavis-20110822T144646-26543/parts/p002:
Eicar-Test-Signature FOUND\n
Aug 22 14:46:46 zet amavis[26543]: (26543-01) run_av (Clam
Antivirus-clamd):
/var/spool/amavisd/tmp/amavis-20110822T144646-26543/parts INFECTED:
Aug 22 14:46:46 zet amavis[26543]: (26543-01) lookup_re(""), no matches
Aug 22 14:46:46 zet amavis[26543]: (26543-01) lookup
[virus_name_to_spam_score] => undef, "" does not match
Aug 22 14:46:46 zet amavis[26543]: (26543-01) virus_scan: (), detected by
1 scanners: Clam Antivirus-clamd
.
.
.
Aug 22 14:46:46 zet amavis[26543]: (26543-01) dsn: . 250 Virus
<[email protected]> -> <[email protected]>: on_succ=0,
on_dly=1, on_fail=1,
never=0, warn_sender=, DSN_passed_on=, mta_resp: "250 2.7.0 Ok, discarded,
id=26543-01 - INFECTED: "
.
.
.
Aug 22 14:46:46 zet postfix/smtp[26567]: 0315953:
to=<[email protected]>,
relay=127.0.0.1[127.0.0.1]:10024, delay=0.14, delays=0.03/0.01/0.01/0.09,
dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=26543-01 - INFECTED: )
I was trying to look into the code of /usr/sbin/amavisd, but with no
result, because I don't understand the code well (I'm not the Perl guru)
and I was also unable to find anyone with the same issues.
What could be wrong?
Regards, Tomas
