A solution I can't give since there's not much details to go on. I can ask some questions (maybe that's why it's called Linuxquestions.org ;-p)...
Is each component configured appropriately? That is: can you receive and send email w.o problems?
When you have the eicar.zip locally, does scanning it with clamscan detect EICAR properly?
If inbound email gets delivered by the Procmail MDA: is clam(d)scan referenced in the central procmailrc?
In all other cases: turn on verbose logging, send a test email and check for errors. Post any errors you got.
BTW: my taxonomy tells me this is more of a Linux Software issue and not a Linux security issue since 0) it is about configuration, 1) there are aprox ten (10) Linux viruses, 2) about all of them are PoC, not ITW which makes the threat for Linux itself kind of infinitesimal. So unless you vehemently disagree I'll move this one to the Linux Software forum.
Last edited by unSpawn; 01-05-2007 at 08:02 AM.
Reason: //taxonomy
|