On Tuesday 22 March 2016 10:00:23 Dino Edwards wrote: > I'm trying to figure out how to integrate Sophos with amavis in addition to > clamav in Ubuntu.
I'm also using this scenario but with Centos. So it should be somewhat the same. > I'm a little confused on how to go about integrating it. > As I understand, I need to download and install the following: > > Sophos Antivirus for Linux 9.1 > > Then I need to enter an entry like below in my amavis config? > > ### http://www.sophos.com/ > ['Sophos Anti Virus (savscan)', # formerly known as 'sweep' > ['/opt/sophos-av/bin/savscan', 'savscan'], # 'sweep' > '-nb -f -all -rec -ss -sc -archive -cab -mime -oe -tnef '. > '--no-reset-atime {}', > [0,2], qr/Virus .*? found/m, > qr/^>>> Virus(?: fragment)? '?(.*?)'? found/m, > ], With this configuration you will be calling the antivirus at each mail. It will load all the virus definitions, scan the file and then exit. It will be slow. I use the daemon version where a daemon starts, loads the virus database and then listen for incoming scan request. You can do that with either: - Sophos-SSSP daemon - it's a daemon that comes with the sophos install files - Sophie - an opensource daemon I tested the first one and had a few problems and then reverted back to sophie: Here is my conf: ['Sophie', \&ask_daemon, ["{}/\n", '/tmp/sophie.sock'], # was: sophie:/var/run/sophie #\&ask_daemon, ["{}/\n", '/var/spool/qmailscan/run/sophie'], # was: sophie:/var/run/sophie qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/, qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], #no /m on old cfg > Do I also need to install SAV Dynamic interface 2.2 from Sophos? Don't know for sure. > Does anyone have a definitive guide on how to get this going? I've create our own internal RPMs for centos for sophos and savi. So for us is just a matter of installing the rpms, register the sophos and changing the amavisd.conf. >From sophos the only file that we require is sav-linux-9-i386.tgz (don't know why it is named i386). Hope it helps. Best regards, Nuno Fernandes
