Home

Using clamscan inside /etc/procmailrc

2006/05/07

[ Originally I wrote this in June 2, 2004 ]

If for whatever reason you want to use ClamAV with sendmail and cannot use the clamav-milter (like when working with RedHat ES and its stock sendmail), using procmail as your local delivery agent might help. This is a very simple /etc/procmailrc:

# adamo, Thu May 27 16:26:48 EEST 2004

# Set the default path
PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin

# Uncomment this to monitor the recipes
#LOGFILE=/var/log/procmail.log

# NEVER forget the last dash (-) on the follwoing command
:0 Wc: /var/tmp/clamscan.${PPID}.$$.lock
| /usr/local/bin/clamscan --stdout --tempdir=/var/tmp --quiet --mbox -

# Delete emails that contain virii
:0 e: /var/tmp/formail.${PPID}.$$.lock
/dev/null

# Tag emails that contain virii
## :0 eWf: /var/tmp/formail.${PPID}.$$.lock
## | /usr/bin/formail -i "Subject: VIRUS FOUND -- PLEASE DELETE ME"

See also at the ClamAV wiki: ClamAndProcmail.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: