* Ed Ravin wrote: > Sorry, I should have posted the clamd.monitor used at my shop. > > The one from http://www.cmpublishers.com/oss/ checks the TCP > banner, complains if the socket isn't answered or if you're running > an outdated clamd (the latter a nice feature which is not in the > one I've been using). > > However, the clamd monitor attached to this message goes through > the steps to actually submit a piece of email for virus scanning, > and uses the EICAR "fake virus" to test whether clamd is actually > going through the message. That goes a bit deeper into the internals > and might turn up problems that a simple socket open/close wouldn't. > >
AAAHHH! Every minute run clamd.monitor against our servers. Later that day... A few hundred emails to our noc with the subject line VIRUS ALERT: Eicar-Test-Signature Good News: The clamd's are working right. :-) Ed, what does your shop do for clamd's VirusEvent? If' I'm going to use this code, emailing the noc every minute per server running clamd won't work. -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
_______________________________________________ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon