* Ed Ravin wrote:
> Sorry, I should have posted the clamd.monitor used at my shop.
> The one from http://www.cmpublishers.com/oss/ checks the TCP
> banner, complains if the socket isn't answered or if you're running
> an outdated clamd (the latter a nice feature which is not in the
> one I've been using).
> However, the clamd monitor attached to this message goes through
> the steps to actually submit a piece of email for virus scanning,
> and uses the EICAR "fake virus" to test whether clamd is actually
> going through the message.  That goes a bit deeper into the internals
> and might turn up problems that a simple socket open/close wouldn't.


Every minute run clamd.monitor against our servers.

Later that day...
A few hundred emails to our noc with the subject line
VIRUS ALERT: Eicar-Test-Signature

Good News:
The clamd's are working right.


Ed, what does your shop do for clamd's VirusEvent?

If' I'm going to use this code, emailing the noc every minute per server
running clamd won't work.


Nathan Gibbs

Systems Administrator
Christ Media

Attachment: signature.asc
Description: OpenPGP digital signature

mon mailing list

Reply via email to