diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/doc-docbook/spec.xfpt | 7 | ||||
| -rw-r--r-- | doc/doc-txt/ChangeLog | 6 |
2 files changed, 12 insertions, 1 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 16d276ee8..6353e29fb 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -31895,7 +31895,12 @@ $ socat UNIX:/var/run/avast/scan.sock STDIO: PACK .endd -Only the first virus detected will be reported. +A paniclog entry is logged and the message is deferred (except the +malware condition uses "defer_ok") if the scanner returns a tmpfail +(e.g. on license issues, or permission problems). If the scanner can't +scan a file for internal reasons (e.g. decompression bomb), this is +treated as an infection and malware_name is set to the error message. +We do this err on the safe side. .vitem &%aveserver%& diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 221c808bb..837b38083 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -190,6 +190,12 @@ JH/35 Cutthrough: for a final-dot response timeout (and nonunderstood responses) PP/02 DANE: add dane_require_tls_ciphers SMTP Transport option; if unset, tls_require_ciphers is used as before. +HS/03 Malware Avast: Better match the Avast multiline protocol. + Only tmpfails from the scanner are written to the paniclog, as + they may require admin intervention (permission denied, license + issues). Other scanner errors (like decompression bombs) do not + cause a paniclog entry. + Exim version 4.90 ----------------- |