Are there any log files of SpamAssassin and LMD when they scan using ClamAV?
I am testing signatures for false positives.
Thank you.
I am testing signatures for false positives.
Thank you.
Hello iso99,
Below is a sanitized live log from my exim log. This was sent from cPanel forums today. I have my SpamAssasin set to 3 in all SpamAssasin related WHM/Tweak Settings. Also in my domains Spammassasin controls i set it to auto-delete anything scoring above 3. I do not know where ClamAv logs are kept. Also i do not want to imply that this is the only place SpamAssasin scan logs are kept.
WHM/Plugins/Configserver Explorer/var/log/exim_mainlog (also look at exim_paniclog and exim_rejectlog)
Below is a sanitized live log from my exim log. This was sent from cPanel forums today. I have my SpamAssasin set to 3 in all SpamAssasin related WHM/Tweak Settings. Also in my domains Spammassasin controls i set it to auto-delete anything scoring above 3. I do not know where ClamAv logs are kept. Also i do not want to imply that this is the only place SpamAssasin scan logs are kept.
WHM/Plugins/Configserver Explorer/var/log/exim_mainlog (also look at exim_paniclog and exim_rejectlog)
Code:
2016-11-07 13:10:04 1c3oMd-0004fE-Io H=xxx.cpanel.net [xxx.xxx.xxx.xxx]:45570 Warning: "SpamAssassin as xxxx detected message as NOT spam (-101.5)"
2016-11-07 13:10:04 1c3oMd-0004fE-Io <= xxxx AT cpanel dot net H=xxxxx.cpanel.net [xxx.xxx.xxx.xxx]:45570 P=esmtps X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no S=11005 [email protected] T="Tips for .htaccess - New reply to watched thread" for xxxx AT xxxxxxxx dot com
Hello,
The previous post is accurate. ClamAV activity is logged to /var/log/exim_mainlog and /var/log/exim_rejectlog. For instance, you can see messages flagged by ClamAV with a command such as:
Thank you.
The previous post is accurate. ClamAV activity is logged to /var/log/exim_mainlog and /var/log/exim_rejectlog. For instance, you can see messages flagged by ClamAV with a command such as:
Code:
zgrep -Hn "This message contains a virus or other harmful content" /var/log/exim_rejectlog*| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| N | Question Regarding Apache Access Logs | Security | 9 | |
| J | SOLVED mod_sec conficting information in logs Failed to access DBM | Security | 3 | |
| P | logs | Security | 2 | |
| J | mod_sec & apache error logs ssl:info entries | Security | 9 | |
| J | Logs real time & interacting with log security scanners | Security | 1 |