Re: [courier-users] Pythonfilter not running

Sun, 13 May 2007 15:50:12 -0700 

Gordon Messmer a écrit :

Jérôme Blion wrote:

I am a little bit confused about one thing : the spool folder :
In config.py, there is: spool   = '/var/spool/courier'

This folder does not exist on the 2 boxes I installed from sources...


D'oh.  I just fixed that bug, too.

Download 0.21:
http://phantom.dragonsdawn.net/~gordon/courier-pythonfilter/
Great :) My logs are filling now !!! (it should be one of the first times I'm happy to fill my logs :) )
I fixed my clamd.py. Indeed, pyclamd returns two differents types depending on the return code of the scan_file function. Else a dictionnary or a NoneType... As I don't know how to do it correctly, I converted avresult to a string.
You will find the new clamd.py in attachments. It works fine for me... The code is a little bit dirty, as the socket name is hardcoded... As I just discovered python with pythonfilter, I think there are some possible improvements in my script. 

# echo "hello world" | nail [EMAIL PROTECTED]
############# /var/log/mail.log #############
May 14 00:21:24 ns300321 courierfilter: Additional groups: [1]
May 14 00:21:24 ns300321 courierfilter: Body: /usr/lib/courier/var/tmp/117909/D206 May 14 00:21:24 ns300321 courierfilter: Raw stat: (33200, 4295L, 2306L, 1, 1, 1, 1482L, 1179094884, 1179094884, 1179094884) May 14 00:21:24 ns300321 courierfilter: Control file: /usr/lib/courier/var/tmp/117909/1179094884.31113.sim-plage.com May 14 00:21:24 ns300321 courierfilter: Raw stat: (33200, 206L, 2306L, 1, 1, 1, 121L, 1179094884, 1179094884, 1179094884) 
May 14 00:34:40 ns300321 courierfilter: Stopping pythonfilter
May 14 00:34:42 ns300321 courierfilter: Starting pythonfilter
May 14 00:34:42 ns300321 courierfilter: Initialized the "debug" python filter May 14 00:34:42 ns300321 courierfilter: Initialized the "clamdfilter" python filter May 14 00:34:42 ns300321 courierfilter: Initialized the "nosuccessdsn" python filter 
May 14 00:34:49 ns300321 courieresmtpd: started,ip=[::ffff:91.121.12.83]
May 14 00:34:49 ns300321 courierfilter: Debugging filter invoked:
May 14 00:34:49 ns300321 courierfilter: PID: 691
May 14 00:34:49 ns300321 courierfilter: CWD: /usr/lib/courier
May 14 00:34:49 ns300321 courierfilter: EUID: 1
May 14 00:34:49 ns300321 courierfilter: EGID: 1
May 14 00:34:49 ns300321 courierfilter: UID: 1
May 14 00:34:49 ns300321 courierfilter: GID: 1
May 14 00:34:49 ns300321 courierfilter: Additional groups: [1]
May 14 00:34:49 ns300321 courierfilter: Body: /usr/lib/courier/var/tmp/117909/D206 May 14 00:34:49 ns300321 courierfilter: Raw stat: (33200, 249L, 2306L, 1, 1, 1, 1103L, 1179095689, 1179095689, 1179095689) May 14 00:34:49 ns300321 courierfilter: Control file: /usr/lib/courier/var/tmp/117909/1179095689.699.sim-plage.com May 14 00:34:49 ns300321 courierfilter: Raw stat: (33200, 206L, 2306L, 1, 1, 1, 145L, 1179095689, 1179095689, 1179095689) 
May 14 00:34:49 ns300321 courieresmtpd: Unexpected SSL connection shutdown.
May 14 00:34:49 ns300321 courierd: newmsg,id=000000CE.46479289.000002BB: dns; ns23268.ovh.net (ns23268.ovh.net [::ffff:91.121.12.83]) May 14 00:34:49 ns300321 courierd: started,id=000000CE.46479289.000002BB,from=<[EMAIL PROTECTED]>,module=local,host=jerome!!1!1!/home/courier/domains/sim-plage.com/jerome!/home/courier/domains/sim-plage.com/jerome!,addr=<jerome> May 14 00:34:49 ns300321 courierd: Waiting. shutdown time=none, wakeup time=none, queuedelivering=1, inprogress=1 May 14 00:34:49 ns300321 courierlocal: id=000000CE.46479289.000002BB,from=<[EMAIL PROTECTED]>,addr=<[EMAIL PROTECTED]>,size=1103,success: Message delivered. 
May 14 00:34:49 ns300321 courierd: completed,id=000000CE.46479289.000002BB
May 14 00:34:49 ns300321 courierd: Waiting. shutdown time=Sun May 27 11:14:27 2007, wakeup time=Sun May 27 11:14:27 2007, queuedelivering=0, inprogress=0 

# echo "hello world" | nail -a clam.zip [EMAIL PROTECTED]
# 554 ClamAV-Test-File was detected. Abort!
sendmail: Unable to submit message.
############# /var/log/mail.log #############
May 14 00:37:53 ns300321 courierfilter: Starting pythonfilter
May 14 00:37:53 ns300321 courierfilter: Initialized the "debug" python filter May 14 00:37:53 ns300321 courierfilter: Initialized the "clamdfilter" python filter May 14 00:37:53 ns300321 courierfilter: Initialized the "nosuccessdsn" python filter 
May 14 00:38:01 ns300321 courierfilter: Debugging filter invoked:
May 14 00:38:01 ns300321 courierfilter: PID: 1529
May 14 00:38:01 ns300321 courierfilter: CWD: /usr/lib/courier
May 14 00:38:01 ns300321 courierfilter: EUID: 1
May 14 00:38:01 ns300321 courierfilter: EGID: 1
May 14 00:38:01 ns300321 courierfilter: UID: 1
May 14 00:38:01 ns300321 courierfilter: GID: 1
May 14 00:38:01 ns300321 courierfilter: Additional groups: [1]
May 14 00:38:01 ns300321 courierfilter: Body: /usr/lib/courier/var/tmp/117909/D206 May 14 00:38:01 ns300321 courierfilter: Raw stat: (33200, 249L, 2306L, 1, 1, 1, 1481L, 1179095881, 1179095881, 1179095881) May 14 00:38:01 ns300321 courierfilter: Control file: /usr/lib/courier/var/tmp/117909/1179095881.1538.sim-plage.com May 14 00:38:01 ns300321 courierfilter: Raw stat: (33200, 206L, 2306L, 1, 1, 1, 121L, 1179095881, 1179095881, 1179095881) 


Mail from my computer to the server:

############# /var/log/mail.log
May 14 00:39:21 ns300321 courieresmtpd: started,ip=[::ffff:212.27.42.35]
May 14 00:39:21 ns300321 courierfilter: Debugging filter invoked:
May 14 00:39:21 ns300321 courierfilter: PID: 1529
May 14 00:39:21 ns300321 courierfilter: CWD: /usr/lib/courier
May 14 00:39:21 ns300321 courierfilter: EUID: 1
May 14 00:39:21 ns300321 courierfilter: EGID: 1
May 14 00:39:21 ns300321 courierfilter: UID: 1
May 14 00:39:21 ns300321 courierfilter: GID: 1
May 14 00:39:21 ns300321 courierfilter: Additional groups: [1]
May 14 00:39:21 ns300321 courierfilter: Body: /usr/lib/courier/var/tmp/117909/D206 May 14 00:39:21 ns300321 courierfilter: Raw stat: (33200, 249L, 2306L, 1, 1, 1, 2361L, 1179095961, 1179095961, 1179095961) May 14 00:39:21 ns300321 courierfilter: Control file: /usr/lib/courier/var/tmp/117909/1179095961.1603.sim-plage.com May 14 00:39:21 ns300321 courierfilter: Raw stat: (33200, 206L, 2306L, 1, 1, 1, 149L, 1179095961, 1179095961, 1179095961) May 14 00:39:29 ns300321 courieresmtpd: error,relay=::ffff:212.27.42.35,from=<[EMAIL PROTECTED]>: 554 ClamAV-Test-File was detected. Abort! 

For me, it's perfect :)
Thanks for the quick fix, it works fine now.

Best regards, and have a good night :)
Jerome Blion.

#!/usr/bin/python
# clamav -- Courier filter which scans messages with ClamAV
# Copyright (C) 2004  Robert Penz <[EMAIL PROTECTED]>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

import sys
import pyclamd


# Record in the system log that this filter was initialized.
sys.stderr.write('Initialized the "clamdfilter" python filter\n')


def doFilter(bodyFile, controlFileList):
    # check for viruses
    try:
        pyclamd.init_unix_socket('/tmp/clamd')
        avresult = pyclamd.contscan_file(bodyFile)

    except Exception, e:
        return "554 " + str(e)

    if str(avresult) == 'None':
        return ''

    if avresult.has_key(bodyFile):
        return "554 %s was detected. Abort!" % avresult[bodyFile]

if __name__ == '__main__':
    # we only work with 2 parameter
    if len(sys.argv) != 2:
        print "Usage: clamd.py <message_body_file> <controlFileList"
        sys.exit(0)
    print doFilter(sys.argv[1], "")


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Reply via email to