Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Directory Tree

check_amavis

Current Version
1.1
Last Release Date
2011-12-22
Compatible With
  • Nagios 3.x
  • Nagios 4.x
Owner
License
GPL
Hits
104129
Files:
FileDescription
amavis_check.plamavis_check.pl
check_amavis.plv1.1 (bugfixes)
Network Monitoring Software - Download Nagios XI
Log Management Software - Nagios Log Server - Download
Netflow Analysis Software - Nagios Network Analyzer - Download
check_amavis checks if amavisd-new daemon is working and if its antivirus engine is working
This check talks with amavisd-new daemon (default port is 10024) with SMTP protocol.
It tests if the daemon is up and if it's able to scan an email with a virus (EICAR test virus is sent).

Please note that if amavisd-new is run on a different machine, you should enable the connection from nagios ip address (take a look at amavisd.conf).

This Perl script needs GetOpt::Long, MIME::Tools and Net::SMTP to work.

Parameters:

--server amavisd-new address (mandatory)
--port amavisd-new port (default 10024)
--from sender email address (mandatory)
--to recipient address (if not present copied from --from)
--debug useful for debugging (launch it at command line)

Command configuration:

define command{
command_name check_amavis
command_line $USER1$/check_amavis.pl --server $HOSTADDRESS$ --from email_address --to email_address --port 10024
}

where email_address is a valid email address handled by amavisd.

Visit github page for latest version, including reporting bugs and to send pull requests! The maintainer is not reading comments from this page!
Reviews (4)
In general this script works fine. Thanks for the effort of making this for the community.

There is some minor room for improvement though which a wanted to share.

The nagios embedded perl interpreter (can be switched on/off) runs check commands with use strict.

So at line 28 the "$result =" should be "my $result =", otherwise use strict (of the embedded perl) will fail.

But if the above is changed it clashes with "my $result =" on line 79 . This should be changed to something like "my $smtp_result =". The $result at line 82 and 86 should be changed accordingly.

The regexp at line 82 only catches if amavis is configures with "$final_virus_destiny = D_DISCARD" or "$final_virus_destiny = D_ACCEPT". It fails in case of "$final_virus_destiny = D_REJECT".

An alternative for rule 82 might be:

if ( $smtp_result =~/2.7.[01] Ok, discarded/ or $smtp_result =~/5.7.[01] Reject, id=/ ) {

Or even better perhaps to:

if ( $smtp_result =~ /INFECTED:sEicar-Test-Signature/ ) {

Just a few thoughts for improvement.

Thanks again for the effort.
bygotrunks, April 15, 2013
Plugin works fine, but can´t detect if clamav (or any other is down)

I have added timeout to the smtp connection, if clamav is down, amavis holds for 15 seconds, using timout can detect it:

my $smtp = new Net::SMTP(
$server,
Port => $port,
Debug => $debug,
Timeout => $timeout
);
There is a bug if the server is unreachable.
The plugin will print CRITICAL but the exit code is still 0 so Nagios will think the status is ok.
You should use exit 2;


if (!$smtp) {
print "CRITICAL - amavisd-new server unreachable
";
exit 2;
}

Besides that the plugin works great.
I needed to change the result from 2.7.1 to 2.7.0 and I added the exit 1; otherwise the state won't change in nagios. thanks for this script!

if ($result =~/2.7.0 Ok, discarded/) {
print "OK - All fine\n"
} else {
print "CRITICAL - amavisd-new returned $result";
exit 1;
}