installed amavis 2.7.1 on gentoo. problem detecting eicar files.
Mark Martinec
Mark.Martinec+amavis at ijs.si
Wed Jul 4 17:01:10 CEST 2012
Marko,
> i installed amavis 2.7.1 on my gentoo box.
> i used the amavisd.conf that come with gentoo ebuild.
> it detects banned files as expected.
> but it doesnt detect eicar text in mailbody
> and it doesnt detect eicar test files eicar.zip & eicar2.zip
>
> i am not very confirm with the amavis conf file.
> early days, with 2.6.5 it worked out of the box.
>
> can u help me to find whats wrong in config?
Rise the log level and see how decoding, and file type
detection goes. Perhaps the eicar.com pattern was not
the only thing in a mail body (e.g. wrapped, signature,
html, ...). I also heard that some virus scanners
report this pattern as a test pattern and not as
infected. Check first that your eicar file is detected
as a virus by a command line version of your virus scanner.
Mark
More information about the amavis-users
mailing list