antivirus.exim no longer functions?!?

When adding a new rule (see below) to antivirus.exim, then restarting exim on the server, the email that contains 32223 in the body copy is delivered as usual.

$message_body contains "32223"

I have noticed this lately, that new rules added to antivirus.exim seem to have no effect, but curiously the old rules that were there seem to work as they did.

What could be going on with this?

By the way, I did check the exim settings in WHM and indeed antivirus.exim should be in effect.

 

Thanks.

Question - If I follow Chirpy's advice, then will Exim error out once cPanel.net get's this problem resolved?

 

Kenneth, I know this is an old thread, but this is happening again. Except this time I do find the following line in /etc/exim.conf

system_filter=/etc/antivirus.exim

The problem now is that none of the commands I have installed in /etc/antivirus.exim are having any effect. For example (and this is why I can't use clamav):

Here is the contents of my /etc/antivirus.exim file:
-----------------------------------
# Exim filter
if error_message then finish endif
if
$message_headers contains "viagra"
or $header_reply-to contains "internetseer"
or $header_Subject contains "Buy and save"
or $message_headers contains "Buy and save"
or $message_headers contains "tpnet.pl"
or $message_body contains "Facebook_details"
or $message_body contains "mailbox utility"
or $message_body contains "module.zip"
or $message_body contains "balancechecker.zip"
or $message_body contains "remote-admin.net"
or $message_body contains "microsoftofficeupdate"
or $message_body contains "viagra"
or $message_body contains "phentermine"
then
save "/dev/null" 660
endif
-----------------------------------

The above no longer has any effect, e.g. phentermine or viagra in the body copy is delivered, etc.

Any idea what may be going on with this?

OR, does anyone know of another way to install and use a global, system-wide email filter based on keywords as per the above?