If anybody is interested in ... I have patched my mimedefang.pl to support the clamd-tcp-socket. It sends the files to scan using the stream-command from clamd. I have tried it and it works very well.
But ... I'm not using it anymore, because clamd takes nearly no system-resources, and so I run clamd on the same machine. --snip-- #*********************************************************************** # %PROCEDURE: message_contains_virus_clamd_tcp # %ARGUMENTS: # clamd_host (optional) -- clamd hostname:port # %RETURNS: # 1 if any file in the working directory contains a virus # %DESCRIPTION: # Invokes the clamd daemon (http://www.clamav.net/) # on the entire message. #*********************************************************************** sub message_contains_virus_clamd_tcp (;$) { my ($clamd_host) = $ClamdHost; $clamd_host = shift if (@_ > 0); $clamd_host = "127.0.0.1:3310" if (!defined($clamd_host)); my $output; # PING/PONG test to make sure clamd is alive my $sock = IO::Socket::INET->new($clamd_host); if (defined $sock) { $sock->print("PING"); $sock->flush; $sock->sysread($output,256); $sock->close; chomp($output); if (! defined($output) || $output ne "PONG") { md_syslog('err', "$MsgID: clamd is not responding"); return (wantarray ? (999, 'cannot-execute', 'tempfail') : 999); } } else { md_syslog('err', "$MsgID: Could not connect to clamd daemon at $clamd_host"); return (wantarray ? (999, 'cannot-execute', 'tempfail') : 999); } ######################################################################## ################################# # open up a socket and scan each file in ./Work ######################################################################## ################################# $sock = IO::Socket::INET->new($clamd_host); if (defined $sock) { if (!$sock->print("STREAM")) { $sock->close; return (wantarray ? (999, 'swerr', 'tempfail') : 999); } my ($output1,$sendport); my $ans = $sock->sysread($output1,256); if (!defined($ans) || !$ans) { return (wantarray ? (999, 'swerr', 'tempfail') : 999); } if ($output1 =~ /PORT (.+)/) { $sendport .= $1; } my $sendhost; ($sendhost) = ($clamd_host =~ /^(.+):/); $sendhost = "$sendhost:$sendport"; my $sendsocket = IO::Socket::INET->new($sendhost); if (defined $sendsocket) { opendir(DIR, "$CWD/Work") or die "can't open dir $CWD/Work: $!\n"; while (defined(my $file = readdir(DIR))) { open(INPUT, "< $CWD/Work/$file") or die "Couldn't open $CWD/Work/$file for reading: $!\n"; while(<INPUT>) { print $sendsocket $_; } close INPUT; } closedir(DIR); } $sendsocket->close; if (!$sock->flush) { $sock->close; return (wantarray ? (999, 'swerr', 'tempfail') : 999); } $ans = $sock->sysread($output,256); $sock->close; if (!defined($ans) || !$ans) { return (wantarray ? (999, 'swerr', 'tempfail') : 999); } if ($output =~ /: (.+) FOUND/) { $VirusScannerMessages .= "clamd found the $1 virus.\n"; $VirusName = $1; return (wantarray ? (1, 'virus', 'quarantine') : 1); } } else { # Could not connect to daemon md_syslog('err', "$MsgID: Could not connect to clamd daemon at clamd_host"); return (wantarray ? (999, 'cannot-execute', 'tempfail') : 999); } # No errors, no infected files were found return (wantarray ? (0, 'ok', 'ok') : 0); } --snip-- Ciao, flo _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
