[clamav-users] Clamav-milter finds postive, goes to hold queue

Rick Cooper rcooper at dwford.com
Wed Feb 24 21:19:04 UTC 2021 

Perhaps you should look into MailScanner and MailWatch. Mailscanner (package
for Suse available) will handle the interaction with spamassassin and clamd
(as well as other A/V solutions) and MailWatch provides a nice GUI for
quarantine and archive. Once set they just work.

Rick

Joe Acquisto-j4 wrote:
>> On 2/24/21 6:26 AM, Joe Acquisto-j4 wrote:
>>> For now I will settle on a cron job script that peeks at the hold
>>> queue every so often and alerts someone (me) with an alert.
>> 
>> *nod*nod*
>> 
>> I have a daily cron job that runs a script which shows me:
>> 
>>    - Number of messages which are:
>>       - Normally queued messages for the MTA
>>       - Held (Postfix parlance) / Quarantined (Sendmail parlance)
>> messages for the MTA
>>       - Normally queued messages for the MSA
>>    - Output of mailq for:
>>       - Held / Quarantined messages
>>       - Normally queued messages for the MSA
>> 
>> I don't show the output for the normally queued messages for the MTA
>> because that's a constant state of flux and working like it should.
>> 
>> I mainly care to see held / quarantined messages and if something's
>> wrong with the MSA queue.
>> 
>>> I would have thought there was some mechanism already built in to
>>> the milter, or postfix, to do that, optionally) but I've not
>>> stumbled on one thus far.
>> 
>> There is.  The command is called "mailq".  It's designed to print
>> status 
>> to STDOUT and be consumed by a human.  Many people have this output
>> emailed to them or apply some sort of script logic to it.
> 
> Thanks.  Workable.
> 
>> Note:  This MTA administration is decidedly NOT the milter's job. 
>> The milter's job is to filter discrete messages and return a -1 / 0
>> / 1 
>> status to the MTA.  The MTA is what's responsible for managing
>> /it's/ queue. 
> 
> Ah.  Well I did not mean to suggest the milter should "manage" the
> postfix queue 
> at all, but could alter any "directive" as to disposition.   The log
> messages I noticed, for "infected" mail (/var/log/mail) seem to
> suggest postifix was dealing with these in a way "directed" by the
> milter. 
> 
> Perhaps these are "distinctions without a difference" brought about
> my own, limited familiarity with the tech and terms.
> 
>> --
>> Grant. . . .
>> unix || die
> 
> 
> Thanks agian
> 
> joe a.
> 
> 
> 
> 
> _______________________________________________
> 
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

More information about the clamav-users mailing list