On Friday 15 Apr 2005 23:46, Carl Thompson wrote: > > *********** REPLY SEPARATOR *********** > > On 4/15/2005 at 5:49 PM Nigel Horne wrote: > > >> *********** REPLY SEPARATOR *********** > >> > >> On 4/15/2005 at 3:58 PM Nigel Horne wrote: > >> > >> >On Friday 15 Apr 2005 15:56, Carl Thompson wrote: > >> >> > >> >> *********** REPLY SEPARATOR *********** > >> >> > >> >> On 4/14/2005 at 10:24 PM Nigel Horne wrote: > >> >> > >> >> >> Okay this is what i have for clamav-milter on remote server > >> >> > > >> >> >Remote to sendmail? Or remote to clamd? Or both? > >> >> > > >> >> >> CLAMAV_FLAGS="-qlm5 --external --server=xxx.xxx.xxx.xxx > >> >> >> local:/var/run/clamav/clmilter.sock" > >> >> >> > >> >> >> and I have to run clamd on that server so that clamav uses it > >> >> >> externally to scan for virus (if i understand this correctly) > >> >> > > >> >> >I presume by "that server" you mean the server running clamav-milter > >> >> > > >> >> >> > >> >> >> and on my primary server i did the same thing and clamav creates > >> >> >> local socket and scans thru clamd on remote server. > >> >> > > >> >> >I presume by "primary server" you mean the server running > >> clamd, though > >> >> >I don't understand what you mean by you "did the same thing"? > >> Why would > >> >> >you do the same on both machines? Surely one runs clamd and one > >> >> >runs clamav-milter? > >> >> > > >> >> >> however if i use > >> >> >> INPUT_MAIL_FILTER(`clamav', `S=inet:[EMAIL PROTECTED], F=, > >> >T=S:4m;R:4m')dnl > >> >> >> (machine name chaned to correct machine of course) > >> >> > > >> >> >By "machineb" do you mean the same as "primary server" above? Or the > >> >> >same as "that server"? > >> >> > > >> >> >> I still get socket errors in maillog about attempting to scan and > >> >> >> clamd is on the remote socket not clamav-milter on the > >> remote socket. > >> >> > > >> >> >> I'm sure i'm doing something simple wrong but I sure can't figure > >it > >> >out. > >> >> > > >> >> >Sorry, but I can't figure out what you're trying to do and what > >you've > >> >> >tried to set up. > >> >> > > >> >> >The following scenarios are possible: > >> >> >1) sendmail, clamav-milter and clamd all on one machine > >> >> >2) sendmail and clamav-milter on one machine, clamd on another > >machine > >> >> >3) sendmail on one machine, clamav-milter and clamd on another > >machine > >> >> >4) sendmail, clamav-milter and clamd all on separate machines > >> >> >5) sendmail and clamav-milter on one machine, clamd running > >> on multiple > >> >> >machines load balanced > >> >> >6) sendmail and clamav-milter on separate machines, clamd running on > >> >> >multiple machines load balanced, which may include the same machines. > >> >> > > >> >> >Please be very specific about what you're trying to achieve. I guess > >> >> >it's either scenario 2 or scenario 3? > >> >> I can get scenario 2 to work without a problem and this is how I did > >it > >> >for some time before .82 (when clamd scanning was integrated into > >> >clamav-milter and you no longer needed to run clamd just for > >> clamav-milter) > >> >> > >> >> The problem I have is scenario 3. > >> >> > >> >> machine a has sendmail on it > >> >> machine b is a low use box so I would like to run clamav-milter and > >> >clamd (if its necessary now) on it and have machine a connect to > >> >clamav-milter on machine b. however I am unable to get clamav-milter to > >> >listen on a TCP port on machine b > >> > > >> >Machine a configure looks correct: > >> > INPUT_MAIL_FILTER(`clamav', `S=inet:[EMAIL PROTECTED], F=, > >> T=S:4m;R:4m')dn > >> > > >> >On machineb try starting clamav-milter thus (based on the options you > >> >gave, and ensure that clamd > >> >is running on machineb first): > >> > CLAMAV_FLAGS="-qlm5 --external inet:3311" > >> > > >> >> Carl > >> > > >> >-Nigel > >> > > >> > >> As a final update to this little endeavor this is what I did > >> > >> on the mail server i used > >> INPUT_MAIL_FILTER(`clamav', `S=inet:[EMAIL PROTECTED], F=, T=S:4m;R:4m')dn > >> > >> on the scanning server i did the following > >> > >> CLAMAV_FLAGS="-qlm5 inet:3311 --server xxx.xxx.xxx.xxx" > >> > >> I tried it with --external and that worked fine if I had clamd > >> running (as it should be) so I figured i would try it internal > >> and that worked fine. > >> > >> I did however have to specify --server because without it it > >> bound to 3311 of 127.0.0.1 > > > >Again I need more information here. When you say xxx.xxx.xxx.xxx, > >what IP address did you use? Furthermore what do you have in your > >tcpwrappers files (/etc/hosts.allow and /etc/hosts.deny). > > > >--server is to do with the link clamav-milter<->clamd, where as the > >inet:3311 is to do with the link sendmail<->clamav-milter, so adding > >--server should have no effect on the incoming as you've stated. I > >need more information to see what's going on with the bind you mention. > > > >> Carl > > > >-Nigel > > okay this is what I have > > server A (sendmail server) > clmilter, S=inet:[EMAIL PROTECTED],F=, T=S:4m;R:4m > > server B (clamav-milter server) > CLAMAV_FLAGS="inet:3311 -qlm5" > > server B (sendmail config no real email accounts but the system usual) > clmilter, S=inet:[EMAIL PROTECTED],F=, T=S:4m;R:4m > > The results are that server b sendmail works fine thru the inet connection to > server b clamav-milter and scans perfectly fine but server a sendmail doesn't > connect or attempt to connect (no errors or anything in logs) to > clamav-milter on server b
I doubt that it is possible for a milter to service more than one sendmail at once. > Carl -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
