Hi David,
> I have developped some externals tools that made other content filtering
> when parsing mails messages.
> I would like to include these tools In Amavisd and would like to know
> how i can add them in the main configuration file.
>
> amavisd=>Program1 => result 0/1
> =>Program2 => result 0/1
> ../...
There are three (actually four) ways that you can achieve this
functionality, I've used 3/4 for various additional scanners and filters
that I've implemented.
1) Configure your program to exit with either 0 (nothing found) or 1
(something found) together with returning the name of whatever was detected
followed by FOUND (i.e. MyVirus1 FOUND). You then configure this as a
virus scanner entry in amavisd.conf something like:
### My scanner
['MyScanner', '/usr/local/bin/myscanner',
" [any params here] ", [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
2) As above but daemonised. Whilst the above will work happily it'll
probably be quite slow if you are processing lots of mail since the system
is constantly setting up and pulling down the scanner process. It would be
much faster to have a single process which is simply passed the name of the
file in question and returns an answer. I've got a couple of custom
written scanners running as Unix daemons - which are then called using a
scanner entry something like this:
### My daemon scanner
['MyDaemon Scanner',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/myscanner/myscan.sock"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
Your scanner program will need to open a local namespace socket in the
directory specified, which will then be passed a directory name containing
the temp files created by amavis and either need to read email.txt in that
directory (which is the complete mail - in which case you'll have to do
your own mime unpacking), or the various parts1 - partsx files which are
the various mime segments as unpacked by amavisd-new. Your daemon then
writes either 'OK' or 'MyVirusxxx FOUND' to the socket - which is then
picked up by amavisd-new.
3) Use one of the custom hooks written into the latest versions of
amavisd-new (see the website for more info on this or trawl the list
archives). This is something I've never used.
4) Use the features of your MTA. I'm using the exiscan functionality of
Exim, though I'm sure postfix must have something similar. Every mail is
passed to a custom scanner which looks for banned words (viagra etc) in the
subject and body. This has the advantage that these emails are rejected
straight away rather than being quarantined or bounced back. I really need
to tidy up the code of this scanner and release it open source, it rejects
thousands of emails daily which are blatent spam.
Out of interest what scanners have you written? Are you planning to open
source them?
Hope this helps
Richard
------------------------------------------------------------------------------
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
