I have a working postfix + clamav installation.
How can I configure this to not just quarantene infected emails but if this happens also send a copy of the email to the sysadmins address?
What I found in clamav-milter.conf is:
VirusAction /usr/local/bin/virus.pl
RejectMsg "REJECT - AntiVirus detected: %v"
But virus.pl only generates a virus warning message what's sent back to the client. The script does not get the infected letters message body.
I could easily modify this just to get an alert with the virus-es name to the sysadmins but what I want is that the actual message to be forwarded to us.
Thanks
Best Answer
Extract from clamav-milter.conf man page
Quarantine
- message is quarantined instead of being delivered. NOTE: InSendmail
the quarantine queue can be examined viamailq -qQ
. ForPostfix
this causes the message to be placed onhold
VirusAction /usr/local/bin/virus.pl
- Execute a command (possibly searching PATH) when an infected message is found. The following parameters are passed to the invoked program in this order:virus name, queue id, sender,destination, subject, message id, message date
.You can use the queue id passed as an argument in the script to get the actual mail content using
postcat -q <queue id>
and email the same to your administrator. Hope this helps.