David,
> I use Amavis::Custom in order to add my own plugin.
> For testing i try to judge all mails received has infected
> All mails came from Fetchmail so the connection is 127.0.0.1
> i have removed 127.0.0.1 in @mynetworks attribute
>
> In This case, all mails are forwarded to recipients instead being refused
>
> the log is :
> Dec 27 02:45:08 pc-touzeau amavis[10833]: (10833) Passed INFECTED (),
> AM.PDP-SOCK [127.0.0.1] [127.0.0.1] <[email protected]> ->
> <[email protected]>, Queue-ID: E232E9187B9, Message-ID:
> <[email protected]>, mail_id: pV0TcxUGCNls, Hits: 0.632, size:
> 1320, 1542 ms
> package Amavis::Custom;
> use strict;
>
> BEGIN {
> import Amavis::Conf qw(:platform :confvars c cr ca $myhostname);
> import Amavis::Util qw(do_log untaint safe_encode safe_decode);
> import Amavis::rfc2821_2822_Tools;
> import Amavis::Notify qw(build_mime_entity);
> }
>
>
> sub new {
> my($class,$conn,$msginfo) = @_;
> bless {}, $class;
> }
>
> sub before_send {
> my($self,$conn,$msginfo) = @_;
> my($client_ip) = $msginfo->client_addr;
> my($sender_address)=$msginfo->sender;
> my($log_id)=$msginfo->log_id;
> my($tempdir) = $msginfo->mail_tempdir;
> $msginfo->header_edits->add_header('X-Artica-scanner','artica');
>
>
> do_log(0, "artica-plugin: client's IP [%s], sender: %s, tempdir:
> %s",$client_ip, $sender_address,$tempdir);
>
> #Adding banned/VIRUSES for all mail
> $msginfo->add_contents_category(CC_BANNED,1);
> $msginfo->add_contents_category(CC_VIRUS,0);
>
>
> my($infected) = $msginfo->is_in_contents_category(CC_VIRUS);
> my($banned) = $msginfo->is_in_contents_category(CC_BANNED);
> my($at_tag2) = $msginfo->is_in_contents_category(CC_SPAMMY);
> my($at_kill) = $msginfo->is_in_contents_category(CC_SPAM);
>
> do_log(0, "artica-plugins: infected:%s, banned:%s, spammy:%s,
> spam:%s",$infected, $banned, $at_tag2, $at_kill);
>
> $self;
> };
>
> 1; # insure a defined return
Two problems there:
- before_send hook comes too late, decisions have already been made;
setting of contents_category needs to go into an earlier custom
hook, the most appropriate is a sub checks (and sub new is good too).
- you only flagged the message as a whole with CC_VIRUS, but not
each recipient's ccat - which take into account also individual
recipients 'bypass' settings. What happened here is that even though
a message was flagged as infected, the recipients behaved as if
virus scanning was bypassed for them (turning bling eye to the
virus scanning results), so the message was delivered.
Also, the name of a detected virus was not supplied, which
would leave a message without a X-Amavis-Alert header field
(if delivered to virus lovers).
Try this:
sub checks {
my($self,$conn,$msginfo) = @_;
for my $r (@{$msginfo->per_recip_data}) {
$r->add_contents_category(CC_VIRUS,0) if !$r->bypass_virus_checks;
}
$msginfo->add_contents_category(CC_VIRUS,0);
$msginfo->virusnames(['my-virus-name1', 'my-virus-name2']);
}
Mark
------------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It is the best place to buy or sell services for
just about anything Open Source.
http://p.sf.net/sfu/Xq1LFB
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
