* Mark Martinec <[email protected]>: > Ralf, > > > I want to catch the case of a virus pattern update gone wrong -- right > > now all the mails pass unchecked, I'd rather tempfail them. > > amavisd.conf: > $virus_scanners_failure_is_fatal = 1; > > > > > --- amavisd.orig 2011-05-19 03:16:17.000000000 +0200 > +++ amavisd 2011-06-15 19:33:26.043489600 +0200 > @@ -380,4 +380,5 @@ > $smtpd_tls_cert_file $smtpd_tls_key_file > $enforce_smtpd_message_size_limit_64kb_min > + $virus_scanners_failure_is_fatal > $MAXLEVELS $MAXFILES > $MIN_EXPANSION_QUOTA $MIN_EXPANSION_FACTOR > @@ -12088,5 +12089,6 @@ > my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat; > do_log(-2, "AV: %s", $eval_stat); > - $virus_checking_failed = 1; > + $virus_checking_failed = $eval_stat; > + $virus_checking_failed = 1 if !$virus_checking_failed; > }; > $elapsed{'TimeElapsedVirusCheck'} = Time::HiRes::time - $t0_sect; > @@ -12103,5 +12105,4 @@ > } > > - $which_section = "post_virus_scan"; > if ($virus_checking_failed) { > $msginfo->add_contents_category(CC_UNCHECKED,0); > @@ -12109,5 +12110,11 @@ > $r->add_contents_category(CC_UNCHECKED,0) if > !$r->bypass_virus_checks; > } > + if ($virus_scanners_failure_is_fatal) { > + $hold = 'AV: ' . $virus_checking_failed; > + die "$hold\n"; # TEMPFAIL > + } > } > + > + $which_section = "post_virus_scan"; > if (@virusname) { > my($virus_suppress_reason);
Yes, killing all virus scanners causes a tempfail now, wonderful. But does this patch indeed differenciate between "unscannable content" and "couldn't scan at all"? Sorry, my perl fu is not strong :) -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 [email protected] | http://www.charite.de
