[Rspamd-Users] ClamAV and rspamd : log question
Carsten Rosenberg
cr at ncxs.de
Fri Feb 17 17:33:04 UTC 2023
Hey
17.02.2023 16:32:27 Mickaël Dequidt <Mickael.Dequidt at ifremer.fr>:
> Hello, me again /o\
>
> Things are moving forward : clamav logging allowed me to see that NOT all successful smtp transactions were scanned for viruses. But I also realized that all greylisted emails are scanned, and so far every message I saw that was accepted by rspamd without a direct clamav scan, was a previously greylisted message.
>
> So, from a purely rspamd point of view, is rspamd keeping its scan results cached (in redis, I would guess ?) when it greylists things, so as not to re-scan them if they come back (since it clearly detects them as "coming back") ? Would that be a thing ?
Yes in default rspamd is caching scan results for 2 hours. You could add antivirus or clamav to debug_modules to see what's going on.
Greets
Carsten
More information about the Users
mailing list