Clamd/Procmail logging

I’ve been using Virtualmin for a couple of years, love it. I recently had a user ask a question about Virus scanning which caused me to actually dig into clam the logs. I can’t seem to get Clamd to record the FOUND line in the calmd.log and there is nothing recorded in the procmail.log related to virus scanning. I have tested clamd with the Eicar test signature so I know it is working but no record of the deletion. I have enabled all possible logging within the clamd.conf but I can’t seem to get anything to show what is being stopped. Looking through clam-wrapper.pl makes me just scratch my head because my perl is so rusty. I am running VM 5.0.gpl through clamdscan. Does anyone know where/how I can see what Clamd is finding? Thanks.

I should clarify that messages which contain the EICAR test string are logged in the clamd.log and the procmail.log once that verbose clam logging is enabled. The logging problem is for messages with virus laden attachments, there is no record of them.

Howdy,

Do you know if ClamAV is catching the attachments that you’re referring to?

That is – are you saying it is seeing them, but not logging that information? Or is it not classifying them as a virus?

-ERic

The messages come through with the attachments stripped but nothing is logged.