milter_watch tests the functionality of spam- and virus-filtering milters.

Sendmail has functionality to take a conditional action at SMTP time based on feedback from a plugin mail filter (milter). One such milter is ClamAV-milter, an open source virus scanner. Another is SpamAss-Milter, an open source spam scanner. By playing the sendmail side of the connection, milter_watch can send a fake virus (eicar) and spam (GTUBE) to these (or other) milters to ensure they are functioning properly. If the milter has hung, crashed, or is allowing malware through, it can be automatically restarted, and the postmaster notified.


Running milter_watch -h will give the following basic information:

      milter_watch [options] socket_address
      socket_address should be given in a standard format:
                     local:/path/to/socket or inet:port@host
      -h           This help screen
      -q           Quiet mode (don't print status)
      -d           Debug mode (lots of ugly information)
      -t timeout   Seconds to wait for milter response (default: 15)
      -L lockfile  Path to milter lockfile (abort if file doesn't exist)
      -A           Allow malware through if header added
      -r recipient Email address of recipient (default: victim)
    Returns 0 if milter working, or administratively shut down
            1 if milter should be restarted

    Recommended cronjob:
      milter_watch -q local:/var/milter.sock || /etc/init.d/milter condrestart



Save to to a file and chmod +x it.

Version 0.6: milter_watch-0.6 - invert return code; parse option negotiation; cleanups

Version 0.5: milter_watch-0.5 - TCP ports on remote machines; test spam milters too

Version 0.4: clmilter_watch-0.4 - test false positives; add flag to allow viruses through

Version 0.3: clmilter_watch-0.3 - handle stale socket

Version 0.2: clmilter_watch-0.2 - code cleanup and public release


This software is distributed under the University of Illinois/NCSA Open Source License.


Please send bug reports or feature requests (preferably in the form of patches) to Damian Menscher. If you are seeking help, please include as much system information as possible, along with the output of milter_watch -d. Note that because the debugging info may contain eicar (virus) or gtube (spam) samples, either put the debugging output on a website or email it in an encrypted .zip file.