[Pkg-clamav-devel] Bug#520353: clamav-milter ignores whitelist file

Kevin Fernandez kevin at findhost.org
Wed Mar 18 22:36:03 UTC 2009 

Package: clamav-milter
Version: 0.94.dfsg.2-1
Severity: normal


clamav-milter ignores my whitelist file. Here's my
/etc/default/clamav-milter file:


# Default options: 2 children max and scan outgoing and local messages
OPTIONS=" --whitelist-file=/etc/clamav/whitelist.txt --max-children=2
-ol "
#
# If you want to set an alternate pidfile (why?) please do it here:
#
#PIDFILE=/var/run/clamav/clamav-milter.pid
#
# If you want to set an alternate socket, do so here (remember to
change 
#  sendmail.mc for sendmail and main.cf for postfix):
#
#SOCKET=local:/var/run/clamav/clamav-milter.ctl
#
# For postfix, you might want these settings:
#
USE_POSTFIX='yes'
SOCKET=local:/var/spool/postfix/clamav/clamav-milter.ctl
#
# If you have troubles because of locale, uncomment the following line
#
#unset LANG
#
# If you use --external, you might want to set this to make sure
# clamav-milter is started after clamd
#RESTART_AFTER_CLAMD=yes





ls -la /etc/clamav/whitelist.txt 
-rw-r--r-- 1 root root 325 mar 18 18:42 /etc/clamav/whitelist.txt

head -n 2 /etc/clamav/whitelist.txt
<xxxxxxx-xx at xxxxxxxx.org>
<xxxxxx at xxxxxxxxx.org>


I'm using postfix as MTA, with these options:
milter_default_action = accept
smtpd_milters = unix:/var/spool/postfix/clamav/clamav-milter.ctl


If i make a typo in /etc/default/clamav-milter about the whitelist
path, there's an error when i start clamav-milter, saying it can't
find the whitelist file, so it means it finds it..

ps aux | grep clamav-milter
clamav   31873  0.0 11.8 168924 121164 ?       Ssl  20:08   0:02
/usr/sbin/clamav-milter --whitelist-file=/etc/clamav/whitelist.txt
--max-children=2 -ol --pidfile /var/run/clamav/clamav-milter.pid
local:/var/spool/postfix/clamav/clamav-milter.ctl

clamav-milter indeed works, it scans the emails (as it adds the header
to the mails), but it scans all the emails, ignoring my whitelist.

postconf mail_version
mail_version = 2.5.5


Wed Mar 18 23:34:08 2009 -> ClamAV-milter started at Wed Mar 18
23:34:08 2009
Wed Mar 18 23:34:08 2009 -> Starting ClamAV version 0.94.2,
clamav-milter version 0.94.2


-- Package-specific info:
--- configuration ---
/etc/clamav/clamd.conf: clamd directives
------------------------------
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock = no
LogFileMaxSize = 0
LogTime = yes
LogClean = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory = "/tmp"
ScanPE = yes
ScanELF = yes
DetectBrokenExecutables = no
ScanMail = yes
MailFollowURLs = no
ScanPartialMessages = no
PhishingSignatures = yes
PhishingScanURLs = yes
PhishingAlwaysBlockCloak = no
PhishingAlwaysBlockSSLMismatch = no
HeuristicScanPrecedence = no
DetectPUA = no
ExcludePUA not set
IncludePUA not set
StructuredDataDetection = no
StructuredMinCreditCardCount = 3
StructuredMinSSNCount = 3
StructuredSSNFormatNormal = yes
StructuredSSNFormatStripped = no
AlgorithmicDetection = yes
ScanHTML = yes
ScanOLE2 = yes
ScanPDF = yes
ScanArchive = yes
MaxScanSize = 104857600
MaxFileSize = 26214400
MaxRecursion = 16
MaxFiles = 10000
ArchiveLimitMemoryUsage = no
ArchiveBlockEncrypted = no
DatabaseDirectory = "/var/lib/clamav"
TCPAddr not set
TCPSocket not set
LocalSocket = "/var/run/clamav/clamd.ctl"
MaxConnectionQueueLength = 15
StreamMaxLength = 10485760
StreamMinPort = 1024
StreamMaxPort = 2048
MaxThreads = 12
ReadTimeout = 180
IdleTimeout = 30
MaxDirectoryRecursion = 15
ExcludePath not set
FollowDirectorySymlinks = no
FollowFileSymlinks = no
ExitOnOOM = no
Foreground = no
Debug = no
LeaveTemporaryFiles = no
FixStaleSocket = yes
User = "clamav"
AllowSupplementaryGroups = yes
SelfCheck = 3600
VirusEvent not set
ClamukoScanOnAccess not set
ClamukoScanOnOpen not set
ClamukoScanOnClose not set
ClamukoScanOnExec not set
ClamukoIncludePath not set
ClamukoExcludePath not set
ClamukoMaxFileSize = 5242880
DevACOnly not set
DevACDepth not set
*** MailMaxRecursion is DEPRECATED ***
*** ArchiveMaxFileSize is DEPRECATED ***
*** ArchiveMaxRecursion is DEPRECATED ***
*** ArchiveMaxFiles is DEPRECATED ***
*** ArchiveMaxCompressionRatio is DEPRECATED ***
*** ArchiveBlockMax is DEPRECATED ***

/etc/clamav/freshclam.conf: freshclam directives
------------------------------
LogFileMaxSize = 0
LogTime = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav/"
Foreground = no
Debug = no
AllowSupplementaryGroups = no
DatabaseOwner = "clamav"
Checks = 24
UpdateLogFile = "/var/log/clamav/freshclam.log"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net"
DatabaseMirror = "database.clamav.net"
MaxAttempts = 5
ScriptedUpdates = yes
CompressLocalDatabase = no
HTTPProxyServer not set
HTTPProxyPort not set
HTTPProxyUsername not set
HTTPProxyPassword not set
HTTPUserAgent not set
NotifyClamd not set
OnUpdateExecute not set
OnErrorExecute not set
OnOutdatedExecute not set
LocalIPAddress not set
ConnectTimeout = 30
ReceiveTimeout = 30
SubmitDetectionStats not set
DetectionStatsCountry not set

Engine and signature databases
------------------------------
Engine version: 0.94.2
Database directory: /var/lib/clamav/
main db: Format: .cld, Version: 50, Build time: Sun Feb 15 22:47:25 2009
daily db: Format: .cld, Version: 9132, Build time: Wed Mar 18 21:46:20 2009

--- data dir ---
total 45096
-rw-r--r-- 1 clamav clamav  1719296 mar 18 22:45 daily.cld
drwxr-xr-x 2 clamav clamav     4096 jun  1  2008 daily.inc
-rw-r--r-- 1 clamav clamav 44391424 f?15 23:25 main.cld
drwxr-xr-x 2 clamav clamav     4096 jun  1  2008 main.inc
-rw------- 1 clamav clamav      364 mar 18 22:45 mirrors.dat

-- System Information:
Debian Release: 5.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.27.10-grsec-final (SMP w/2 CPU cores)
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages clamav-milter depends on:
ii  clamav-base            0.94.dfsg.2-1     anti-virus utility for Unix - base
ii  clamav-freshclam [clam 0.94.dfsg.2-1     anti-virus utility for Unix - viru
ii  libbz2-1.0             1.0.5-1           high-quality block-sorting file co
ii  libc6                  2.7-18            GNU C Library: Shared libraries
ii  libclamav5             0.94.dfsg.2-1     anti-virus utility for Unix - libr
ii  libgmp3c2              2:4.2.2+dfsg-3    Multiprecision arithmetic library
ii  libmilter1.0.1         8.14.3-5          Sendmail Mail Filter API (Milter)
ii  libwrap0               7.6.q-16          Wietse Venema's TCP wrappers libra
ii  lsb-base               3.2-20            Linux Standard Base 3.2 init scrip
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

Versions of packages clamav-milter recommends:
ii  clamav-daemon              0.94.dfsg.2-1 anti-virus utility for Unix - scan

Versions of packages clamav-milter suggests:
pn  clamav-docs                   <none>     (no description available)
pn  daemon                        <none>     (no description available)

-- no debconf information

More information about the Pkg-clamav-devel mailing list