I am having trouble integrating ClamAV with Anomy. I applied the ClamAV
patch to the check_for_virus file found at:
http://www.sirkull.org/patches/anomy-clamav.patch.
In my config for sanitizer I have:
file_list_4_scanner = 0:2:3:/<path-to-anomy>/check_for_virus %FILENAME
file_list_4_policy = accept:accept:drop:accept
file_list_4 = (?i).*
(at first I had it configure like the check_for_virus file says:
unknown:mangle:save:save)
I have it configured this way because I do not care to drop anything
except for a virus, I have configured other file-lists that will drop
malicious content. I been playing with the different policies and can't
seem to get it to work. I sent an eicar.txt test file to see if it would
drop/mangle the file and it did nothing. I tested ClamAV locally and it
correctly identified the file as a virus. I then ran check_for_virus
locally and it worked properly also.
I can't seem to get it to only remove virus', depending on the policy it
will tag everything as malicious content or nothing as malicious content.
I tried created a scanner setting on all of the other file lists and had
the same problem.
Where am I going wrong?