On Aug 9, 2008, at 10:06 PM, Jeff Weinberger wrote: > The question is: if I were to look at the log file, what would/should > I see there if: > > 1) ClamAV found something to be a virus? or
Well, I tend to see something like this in clamd.log: SelfCheck: Database status OK. /var/amavis/tmp/amavis-20080810T102508-59457/parts/p002: Email.Malware.Sanesecurity.08081001.StormNews.CnnGen FOUND /var/amavis/tmp/amavis-20080810T103357-68800/parts/p004: Email.Spam.Gen2986.Sanesecurity.08041408 FOUND /var/amavis/tmp/amavis-20080810T103357-68800/parts/p004: Email.Spam.Gen3801.Sanesecurity.08080610 FOUND SelfCheck: Database status OK. ...but it depends on how you invoke ClamAV (in this case, via Postfix +Amavisd). > 2) Clam AV processed a message that had no virus in it It doesn't log anything, normally, but [EMAIL PROTECTED] answered how one might change this for debugging or other purposes. Regards, -- -Chuck _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
