--- exiscan/exiscanv2.cf.orgi Mon Dec 3 09:19:30 2001 +++ exiscan/exiscanv2.cf Sun Jun 16 01:07:13 2002 @@ -16,17 +16,17 @@ # this is where you have put the exiscan package - $basepath="/usr/exim/exiscan"; + $basepath="/var/spool/exiscan"; # exims queue directory - $queuedir="/usr/exim/spool/input"; + $queuedir="/var/spool/exim/input"; # the ripmime executable. as of exiscan 1.0, this is the preferred # MIME unpacker. Get it at http://www.pldaniels.com/ripmime/ # Thanks to PL Daniels for making this thing public. - $ripmime = "/usr/local/bin/ripmime"; + $ripmime = "/usr/bin/ripmime"; # the reformime executable. Another MIME mail unpacker. # This is NOT needed if you have defined ripmime above ! @@ -43,11 +43,11 @@ # This will enable exiscan to look into these obsfucated # mails :) Set this to "0" if you do not want tnef support. - $tnef = "/usr/local/bin/tnef"; + $tnef = "/usr/bin/tnef"; # the exim executable - $exim="/usr/exim/bin/exim"; + $exim="/usr/bin/exim"; # ------------------------------------------------------------------ @@ -78,10 +78,11 @@ # NOD32 | command line | nod32 # RAV Antivirus | command line | rav # H+B EDV Antivir | command line | antivir + # MKS anti-virus | command line | mks # CUSTOM | command line | custom - $scanner="avpdaemon"; + $scanner="mks"; # By using the 'custom' scanner keyword, you can define your own scanner. # You'll have to make sure to edit the command line flags for the "custom" @@ -94,7 +95,7 @@ # If you use a "daemon" type scanner, this is the path and filename # of the UNIX socket used to communicate with the daemon. - $scannerex="/opt/AVP/AvpCtl"; + $scannerex="/usr/local/bin/mks32"; # Scanner command line flags @@ -115,7 +116,8 @@ 'nod32' => '-heursafe -basedir=/usr/local/nod32/nod32 -all ', 'rav' => '-all -listall -mail -smart -unzip ', 'antivir' => '-v -z -allfiles -noboot -s -tmp ', - 'custom' => 'YOUR CMDLINE FLAGS HERE IF USING custom KEYWORD' + 'mks' => '-s /*', + 'custom' => 'YOUR CMDLINE FLAGS HERE IF USING custom KEYWORD' ); @@ -135,6 +137,7 @@ 'nod32' => ' - ', 'rav' => 'Infected: [1-9]', 'antivir' => 'VIRUS', + 'mks' => 'status: virus found:', 'custom' => 'YOUR REGEXP HERE IF USING custom KEYWORD' ); @@ -268,14 +271,14 @@ # contain the respective virus themselves ! ;) # So, if you get a mail loop on "virus found", please check this setting. - $postmaster="postmaster\@eurescom.de"; + $postmaster="postmaster\@localhost"; # the "from" name and address used when sending notifications to # users and the postmaster. You can also set it to the same # address as the $postmaster setting. - $fromaddress="exiscan\@eurescom.de"; + $fromaddress="exiscan\@localhost"; # exiscan has 2 methods of sending notification emails: