X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=doc%2Fdoc-docbook%2Fspec.xfpt;h=f455c9f0c7515fae848739872e8977fdba1ec830;hb=eb445b049c9b78cbe187b9cb3c318d65862d4851;hp=16d276ee8503f11b84997eccb1266c3e41c65436;hpb=5d4da40d5b25b4f4029b46246c9757b42929bd87;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 16d276ee8..f455c9f0c 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -31858,9 +31858,7 @@ If the value of &%av_scanner%& starts with a dollar character, it is expanded before use. The usual list-parsing of the content (see &<>&) applies. The following scanner types are supported in this release, -.new though individual ones can be included or not at build time: -.wen .vlist .vitem &%avast%& @@ -31874,11 +31872,22 @@ which can be either a full path to a UNIX socket, or host and port specifiers separated by white space. The host may be a name or an IP address; the port is either a single number or a pair of numbers with a dash between. -Any further options are given, on separate lines, -to the daemon as options before the main scan command. +A list of options may follow. These options are interpreted on the +Exim's side of the malware scanner, or are given on separate lines to +the daemon as options before the main scan command. + +.new +.cindex &`pass_unscanned`& "avast" +If &`pass_unscanned`& +is set, any files the Avast scanner can't scan (e.g. +decompression bombs, or invalid archives) are considered clean. Use with +care. +.wen + For example: .code av_scanner = avast:/var/run/avast/scan.sock:FLAGS -fullfiles:SENSITIVITY -pup +av_scanner = avast:/var/run/avast/scan.sock:pass_unscanned:FLAGS -fullfiles:SENSITIVITY -pup av_scanner = avast:192.168.2.22 5036 .endd If you omit the argument, the default path @@ -31895,8 +31904,9 @@ $ socat UNIX:/var/run/avast/scan.sock STDIO: PACK .endd -Only the first virus detected will be reported. - +If the scanner returns a temporary failure (e.g. license issues, or +permission problems), the message is deferred and a paniclog entry is +written. The usual &`defer_ok`& option is available. .vitem &%aveserver%& .cindex "virus scanners" "Kaspersky" @@ -31947,7 +31957,7 @@ av_scanner = clamd:192.0.2.3 1234 : 192.0.2.4 1234 If the value of av_scanner points to a UNIX socket file or contains the &`local`& option, then the ClamAV interface will pass a filename containing the data -to be scanned, which will should normally result in less I/O happening and be +to be scanned, which should normally result in less I/O happening and be more efficient. Normally in the TCP case, the data is streamed to ClamAV as Exim does not assume that there is a common filesystem with the remote host.