Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Neririn on February 25, 2004, 12:35:05 AM
-
Ok, so clamav is finding hundreds of emails coming in with mydoom. Which is MUCH better than my users finding them and opening them anyway. My concern is that it is now quarantining (SP) them and writing a log file for each.
Do I need to worry about this? At this rate my hard disk is going to fill with logs and quarantined emails eventually.
Is there some maintainence that I should perform to nuke them? I really wouldnt mind if it just deleted/dropped the email completely once a virus was found. Is there a config flag to do this?
Any suggestions on a good maintainence schedule for ClamAV will be greatly appreciated.
-
Buy the Antivirus addon at http://dungog.net/sme/ works very good and you can view/delete the virus-mails via Server-Manager.
Peter
-
Hello,
All mail finding with viruses by clamav are stored in
/var/spool/amavis-ng/quarantine
And all mail that have some problems by passing through clamav are stored in
/var/spool/amavis-ng/problems
It could be usefull for you to clean up that directories sometime, when you need to gain some space on your HD.
Regards,
-
Might be nice if someone would add to the contrib a way to auto delete quarantine files. Could be on a daily, weekly, or monthly basis depending on how much hard drive you wanted to use. Really shouldn't be to hard just a simple script added to the cron jobs.
-
When I installed Clamav on my server the emails that it was flagging with Mydoom were all sent to users who don't exist.
I had my mail settings set to reject mail if it wasn't for a user - no catchall - but clam gets to it first and cleans the mails even though I reject at the server.
The directory that holds the quarantine is easy to find and I just delete the files in it once in a while.