Michael,
For what it's worth, I discovered today after updating packages on my
gentoo system that I've had to modify the clamav-perlfilter which you
provide at <http://karmak.org/2004/courier-clamav/>.
After upgrading from courier-0.45.5 to courier-0.45.6.20040618 and from
clamav-0.70 to clamav-0.75, the filter starts hanging (resulting in
messages like "courierfilter: connect(): Connection timed out" in the
maillog).
After much screwing around this afternoon I've found I can alleviate the
problem by changing the line
open(CLAMOUT, "cat ${filename} | clamdscan --stdout - |");
to
open(CLAMOUT, "clamdscan --stdout ${filename} |");
The issue must be related to clamav and not courier, because invoking a
similar command line by hand (i.e. cat somefile | clamdscan --stdout -)
causes the same hang, while passing the filename direct does not.
What is the purpose of the cat and pipe, anyhow? I suppose this way the
$filename could contain malicious characters resulting in an exploit, but
so it could the second way, as well.
As an unrelated aside, I also earlier changed the result code ("virus
detected") from 500 to 577, which seems more consistent with the
semantics described in RFC 1893.
Otherwise I have been very happy with this filter, which has been
stopping lots of viruses on their way in.
-ben
On 04 7 2004 at 8:29 am -0400, Michael Carmack wrote:
>
>Here are two simple ways of getting Courier working with ClamAV:
>
> http://karmak.org/2004/courier-clamav/
>
>m.
--
Ben Kennedy, chief magician
zygoat creative technical services
613-228-3392 | 1-866-466-4628
http://www.zygoat.ca
-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
