Hi folks, I'm trying to enable the quarantine for Spamassassin/Clamav/TrashScan to store suspicious files instead of defanging or sending just the suspicious attachment notice. I'd like to remove the suspicious files from the emails, and store them in some directory so I can recover the ones I want. I have absolutely no clue about how to do it. I have a Fedora Core 3 with the latest ISPConfig version. Any ideas?
If you use Maildir you can use maildirmake to create a virus folder for each user: http://www.howtoforge.com/forums/showthread.php?t=1147 You can then change /root/ispconfig/isp/conf/antivirus.rc.master as follows: Code: # # procmail configuration for TrashScan: ZapCoded by Trashware; 13.10.2002 # # [ ... ] # ------------------------------------------------------------------------------------- # # Virus scan section ... # # ------------------------------------------------------------------------------------- # # 1. Run TrashScan :0 * multipart * !^X-Virus-Scan: | /home/admispconfig/ispconfig/tools/clamav/bin/trashscan # 2. Filter tagged virus mails :0: * ^X-Virus-Scan: Suspicious $HOME/virus
Hi, i think for Maildir with courier there had to be a slash after the last folder ? Code: $HOME/virus/ thats right ? But thinking about it, mails were tagged a suspicious but will be delivered to this folder. Theres now way to send the suspicios message to this folder and to store the virus in quarantine ? greetings cirox
I don't know if this makes a difference. Maybe there's some kind of procmail recipe that can split the attachment from the mail and store it in a quarantine folder, but I'm not sure...