logging attachement hashes

[Andreas Schulze via amavis-users]

Hello,

I wrote a patch to enable amavisd logging a hash of each mimepart of a message.
As a result we have a nice logging about attachment with randomized names:
Nov  5 13:24:34 amavis amavis[63605]: (63605) p003 1/2 Content-Type: 
application/zip, size: 175613 B, md5: e687fa20dbe2f62418da7dee62f5ef74, name: 
VodafoneWillkommen_915348761926.zip
Nov  5 13:24:47 amavis amavis[64401]: (64401) p003 1/2 Content-Type: 
application/zip, size: 175613 B, md5: e687fa20dbe2f62418da7dee62f5ef74, name: 
VodafoneWillkommen_246684491810.zip
Nov  5 13:24:49 amavis amavis[37512]: (37512) p003 1/2 Content-Type: 
application/zip, size: 175613 B, md5: e687fa20dbe2f62418da7dee62f5ef74, name: 
VodafoneWillkommen_385492343722.zip
Nov  5 13:25:11 amavis amavis[23929]: (23929) p003 1/2 Content-Type: 
application/zip, size: 175613 B, md5: e687fa20dbe2f62418da7dee62f5ef74, name: 
VodafoneWillkommen_410730648345.zip
Nov  5 13:25:28 amavis amavis[23927]: (23927) p003 1/2 Content-Type: 
application/zip, size: 175613 B, md5: e687fa20dbe2f62418da7dee62f5ef74, name: 
VodafoneWillkommen_067966022207.zip
Nov  5 13:25:35 amavis amavis[23931]: (23931) p003 1/2 Content-Type: 
application/zip, size: 175613 B, md5: e687fa20dbe2f62418da7dee62f5ef74, name: 
VodafoneWillkommen_886327295193.zip
Nov  5 13:25:49 amavis amavis[23923]: (23923) p003 1/2 Content-Type: 
application/zip, size: 175613 B, md5: e687fa20dbe2f62418da7dee62f5ef74, name: 
VodafoneWillkommen_079214708084.zip
Nov  5 13:25:58 amavis amavis[23936]: (23936) p003 1/2 Content-Type: 
application/zip, size: 175613 B, md5: e687fa20dbe2f62418da7dee62f5ef74, name: 
VodafoneWillkommen_381806514856.zip

Looking at these logs it's very easy to identify malicius content still not 
detected by virusscanners.
Maybe somone has an idea to extend that feature.

Andreas

-- 
Andreas Schulze
Internetdienste | P252

DATEV eG
90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196
E-Mail info @datev.de | Internet www.datev.de
Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg 
Nr.70
Vorstand
Prof. Dieter Kempf (Vorsitzender)
Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender)
Dipl.-Kfm. Michael Leistenschneider
Dipl.-Kfm. Dr. Robert Mayr
Jörg Rabe v. Pappenheim
Dipl.-Vw. Eckhard Schwarzer
Vorsitzender des Aufsichtsrates: Reinhard Verholen

Index: amavisd-new-2.8.1/amavisd
===================================================================
--- amavisd-new-2.8.1.orig/amavisd	2013-10-17 14:31:48.000000000 +0200
+++ amavisd-new-2.8.1/amavisd	2013-10-17 14:32:14.000000000 +0200
@@ -9414,8 +9414,8 @@
       $part->size($size);
       if (defined($size) && $size==0)
         { $part->type_short('empty'); $part->type_long('empty') }
-      ll(2) && do_log(2, "%s %s Content-Type: %s, size: %d B, name: %s",
-                      $part->base_name, $placement, $mt, $size,
+      ll(2) && do_log(2, "%s %s Content-Type: %s, size: %d B, md5: %s, name: %s",
+                      $part->base_name, $placement, $mt, $size, Digest::MD5::md5_hex($body->as_string),
                       $entity->head->recommended_filename);
       my $old_parent_obj = $part->parent;
       if ($parent_obj ne $old_parent_obj) {  # reparent if necessary