On Mon, Nov 17, 2008 at 09:29:18AM +0800, W B Hacker wrote: > Google will find you a malware test message you can send that harmlessly > triggers ClamAV.
You mean the eicar test? That's what I used and found out it's not detected. > ...will show you what it is logging, and where... Yeah, but the problem is that nothing shows up in the logfiles that would indicate what happens. I've already set clamd to verbose logging and now to log clean messages, and nothing shows up. Oh! I got two external messages while writing these, and those do show up in /var/log/clamav/clamav.log: Sun Nov 16 21:23:06 2008 -> /var/spool/exim4/scan/1L1uhe-0008Q8-Gc/1L1uhe-0008Q8-Gc.eml: OK Sun Nov 16 21:23:06 2008 -> /var/spool/exim4/scan/1L1uhe-0008Q8-Gc/1L1uhe-0008Q8-Gc-00000.com: OK Does this indicate that only incoming mail is scanned, but local mail is not? If so, why is that? Acl_check_data applies to all mail. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
