In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> What I have found is that if spamassassin is called before clamav plugin
> then most of the time the file being scanned isn't being detected as a mail
> file. Spamassassin adds its X-Spam-Status, X-Spam-Checked-By headers to the
> top of the email and scanning fails to parse the message. If I removed
> these to lines (makes the top line start with Received:) then scanning works
> just fine.
>
> In order to make things work successfully for me I had to reverse the order
> of clamav and spamassassin.
>
> -Shad
Shad,
My research showed that the problem was that the temporary file that the
clamav plugin creates for clamav to scan does not contain the email's
envelope "From " header (that is, the From header without a colon).
Without that, clamav doesn't recognize the file as an email (or, in
clamav terms, mbox format). I modified the plugin to add a basic form of
the envelope "From " header, and it works happily for me.
The diffs for the changes I've made to the clamav plugin are at the end
of this message. Note that the you only really need to add the first
change. The second change in the diffs is two-fold -- 1. to only add the
X-Virus-Checked header if the scan took place (the 0.27.1 version will
falsely add the header if you're using clamdscan and clamd is down) and
2. to add the host name to the X-Virus-Checked header so I could see
which mail server had done the work.
Hope this helps!
Burt
--
@@ -25,6 +25,8 @@
my ($self, $transaction) = @_;
my ($temp_fh, $filename) = tempfile();
+ # Added a basic form of the "From " header, which clamav needs, to
recognize this as an email (mbox format).
+ print $temp_fh "From ", $transaction->sender->format, "\n";
print $temp_fh $transaction->header->as_string;
print $temp_fh "\n";
$transaction->body_resetpos;
@@ -61,6 +63,9 @@
elsif ($result) {
$self->log(1, "ClamAV error: $result\n");
}
- $transaction->header->add('X-Virus-Checked', 'Checked');
+ # Added the if ($result < 2) check, so that the header isn't added if
clamd is down, or clamscan fails.
+ if ($result < 2) {
+ $transaction->header->add('X-Virus-Checked', 'Checked on ' .
$self->qp->config('me'));
+ }
return (DECLINED);
}
