Open tekvsakdan opened 20 hours ago
Can you please put X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
into the body of the test e-mail to check whether it is rejected? :) This way, we can verify that ClamAV is actually working, but probably not configured for scanning attachments.
Our tests check whether this works, so I expect it to work for you. Checking attachments should nevertheless be done as well.
Then, please try this configuration:
enabled = true;
ClamAV {
type = "clamav";
servers = "/var/run/clamav/clamd.ctl";
action = "reject";
message = '${SCANNER} FOUND VIRUS "${VIRUS}"';
scan_mime_parts = true;
scan_text_mime = true;
scan_image_mime = true;
symbol = "CLAM_VIRUS";
log_clean = true;
max_size = 250000000;
timeout = 20;
retransmits = 2;
}
Just FYI: GTube patterns are disabled by default, if you proceed with testing them next. You would need this too:
gtube_patterns = "all"
📝 Preliminary Checks
👀 What Happened?
Clamav doesn't scan mail if rspamd is enabled and amavis is disabled by recommendation from manual. Basically nothing happens. It does not show up in any of the logs. Whatever I put in
antivirus.conf
does not work. It work fine with amavis.👟 Reproduction Steps
rspamd.log
shows that the antivirus is enabled🐋 DMS Version
v14.0.0
💻 Operating System and Architecture
Debian 12.7 / amd64
⚙️ Container configuration files
📜 Relevant log output
Improvements to this form?
No response