Ralf, > > > I want to catch the case of a virus pattern update gone wrong -- right > > > now all the mails pass unchecked, I'd rather tempfail them. > > $virus_scanners_failure_is_fatal = 1;
> Yes, killing all virus scanners causes a tempfail now, wonderful. > > But does this patch indeed differenciate between "unscannable content" > and "couldn't scan at all"? Sorry, my perl fu is not strong :) It reverts to the previous behaviour when the setting is true: if virus scanning is enabled (i.e. at least one scanner is present) and all scanners fail without providing a definite yes/no answer, then a 4xx tempfail happens. How each virus scanner reacts to "unscannable content" depend on each scanner. Amavis catches fatal errors (process/socket failures, timeouts, crashes), and compares the result against the 4th and 5th field in each @av_scanners entry. If no match is found (neither infected nor clean), then this scanner is considered to have failed. With some scanners it is possible to list "unscannable content" status codes as 'success' codes, i.e. in the 4th field. So to answer your question on a differenciate between "unscannable content" and "couldn't scan at all": it's all up to each av scanner entry and how the 4th and 5th fields are defined in its entry. Btw, this is all somewhat unrelated to the CC_UNCHECKED content type outcome, which can also (also) result from a decoder failure (like a password protected or corrupted archive, causing unzip to fail, but still somehow avoid total virus scanners failure). In other words, both the decoder failure as well as a total virus scanners failure set the CC_UNCHECKED content type flag. If the $virus_scanners_failure_is_fatal is false than this is it, further processing depends on %final_destiny_by_ccat or other settings for CC_UNCHECKED. If $virus_scanners_failure_is_fatal is true than the CC_UNCHECKED is still set but is irrelevant, as a temporary failure is signalled immediately, skipping further processing. Mark
