Discussion :

[gilles974]

bonjour

sur mon serveur de mail, j'ai spamassassin et clamav qui ont pour interface amavis-new

quand je teste spam assassin
dans mail.log et les log et entête j'ai bien la ligne qui me dit que c'est un spam
et me le tag comme il se doit

X-Quarantine-ID: <h3915uYiF7Ly>
X-Virus-Scanned: Debian amavisd-new at xxxxxxxx
X-Spam-Flag: YES
X-Spam-Score: 1000.758
X-Spam-Level: ****************************************************************
X-Spam-Status: Yes, score=1000.758 tagged_above=2 required=6.31
tests=[ALL_TRUSTED=-1, GTUBE=1000, MISSING_SUBJECT=1.767,
TVD_SPACE_RATIO=0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Subject: ***SPAM***

quand je teste clamav avec le virus en bois eicar
amavis le laisse passer et les logs me repondent que le mail est clean

amavis[2296]: (02296-01) Passed CLEAN, LOCAL [192.168.....

1 - j'ai bien fait un freshclam manuel
2 - le demon de clamav est bien lance

ls /var/run/cla*
clamd.ctl clamd.pid

service clamav-daemon status
clamd is running.

3 - SA et clamav sont bien loader

amavis[4315]: ANTI-VIRUS code loaded
amavis[4315]: ANTI-SPAM code loaded

4 - le mail passe bien dans amavis

X-Virus-Scanned: Debian amavisd-new at xxxxxxxxxx
Received: from xxxxxxxxxx ([127.0.0.1])
by localhost (xxxxxxxxxxx [127.0.0.1]) (amavisd-new, port 10024)

5 - j'ai refait un

apt-get --reinstall install clamav

rien n'a changé

j'avoue être la tête dans le mur. Une idée serais bonne à prendre

a+

[matrix788]

Bonjour,

tu peux installer test-files:

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

apt-get install clamscan-testfiles

[gilles974]

ca y est c'est installe

cd /usr/share/clamav-testfiles/
root@facteur:/usr/share/clamav-testfiles# clamscan
/usr/share/clamav-testfiles/clam.exe.bz2: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ppt: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.html: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.bin-be.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.odc.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-v2.rar: OK
/usr/share/clamav-testfiles/clam-fsg.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.mail: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.sis: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ole.doc: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_ISmsi_ext.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-yc.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-petite.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.newc.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-upack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.binhex: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_cache_emax.tgz: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.szdd: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-upx.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.rtf: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_IScab_int.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.arj: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-mew.exe: OK
/usr/share/clamav-testfiles/clam.impl.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.cab: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_IScab_ext.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.tnef: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.bz2.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.d64.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ea06.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ea05.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-pespin.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.bin-le.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-nsis.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_ISmsi_int.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-aspack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-wwpack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.chm: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.tar.gz: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.pdf: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.mbox.uu: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.mbox.base64: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-v3.rar: OK
/usr/share/clamav-testfiles/clam.7z: ClamAV-Test-File FOUND

----------- SCAN SUMMARY -----------
Known viruses: 971965
Engine version: 0.97
Scanned directories: 1
Scanned files: 46
Infected files: 43
Data scanned: 12.45 MB
Data read: 6.21 MB (ratio 2.00:1)
Time: 12.799 sec (0 m 12 s)

[CedrX]

Un petit RESOLU alors ?

[gilles974]

desole, j'ai toujours le problème

le virus eicar arrive dans ma boite mail

les logs de amavis-new

/usr/sbin/amavisd-new[10807]: (10807-01) Passed CLEAN, LOCAL [192.168.xxx.xxx] [192.168.xxx.xxx] <essai@essai.org> -> <gilles@essai.org>, Message-ID: <20110615140323.17C9417E6E@facteur.mon-domain.org>, mail_id: IgkzgPkCFP-D, Hits: 2.232, size: 429, queued_as: AFDAD17E7B, 575 ms

l’entête du mail

X-Virus-Scanned: Debian amavisd-new at mon-domain.org
X-Spam-Flag: NO
X-Spam-Score: 2.232
X-Spam-Level: **
X-Spam-Status: No, score=2.232 tagged_above=2 required=6.31
tests=[ALL_TRUSTED=-1, DNS_FROM_RFC_BOGUSMX=1.464,
MISSING_SUBJECT=1.767, TVD_SPACE_RATIO=0.001] autolearn=no