To test ClamAV, first set debug=1 in the clamav.opt file. (You do not have to turn on the channel-specific master_debug or slave_debug in the imta.cnf.) Then send a file attachment to a test user which contains the EICAR virus string (http://www.eicar.org/anti_virus_test_file.htm). This string is designed to trigger virus scanners to recognize an email as virus-infected without having an actual virus attached:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* |
Review the test logs. The msg-svr-base/data/log/tcp_local_slave.log* file should have lines similar to these:
10:39:00.85: ClamAV callout debugging enabled; config /opt/SUNWmsgsr/config/clamav.opt 10:39:00.85: IP address 127.0.0.1 specified 10:39:00.85: Port 3310 selected 10:39:00.85: Mode 1 selected 10:39:00.85: Field "Virus-Test: " selected 10:39:00.85: Verdict "" selected 10:39:00.85: Initializing ClamAV message context ... 10:39:00.85: Creating socket to connect to clamd server 10:39:00.85: Binding clamd socket 10:39:00.85: Connecting to clamd server 10:39:00.85: Sending ClamAV STREAM request 10:39:00.85: Retrieving ClamAV STREAM response 10:39:00.85: STREAM response: PORT 2003 10:39:00.85: Creating socket to connect to clamd server data port 10:39:00.85: Binding clamd data socket 10:39:00.85: Connecting to clamd server data port 10:39:00.85: Sending ClamAV the message 10:39:00.85: Closing ClamAV data connection 10:39:00.85: Reading ClamAV result 10:39:00.87: Result line: stream: Eicar-Test-Signature FOUND 10:39:00.87: Scan result: Message is infected 10:39:00.87: Verdict line: Virus-Test: True ; Eicar-Test-Signature 10:39:00.87: Closing connection to ClamAV 10:39:00.87: Mode 1 verdict of Virus-Test: True ; Eicar-Test-Signature 10:39:00.87: Mode 1 verdict of Virus-Test: True ; Eicar-Test-Signature ... 10:39:00.87: Freeing ClamAV message context |
If your log file does not contain lines similar to these, or if clamd is not running, the following error message is returned in your SMTP dialog after the last period (.) is sent to the SMTP server:
452 4.4.5 Error writing message temporaries - Error connecting to ClamAV server |