On Tue, 01 Mar 2005 11:14:17 -0500 John Peacock <[EMAIL PROTECTED]> wrote:
> Hanno Hecker wrote:
> > Perldoc is included in the plugin.
> > When the "full message in spool dir" patch is in CVS I'll update
> > this plugin.
>
> That patch is in CVS already, so update away and I'll review and add.
Yes, I noticed that after sending the mail...
> I've also got two more AV plugins to donate:
>
> 1) bitdefender - advantage is that the scanner is free on Linux;
> disadvantage is that it doesn't natively support e-mail messages, so I
>
> have to rely on reformime or ripmime;
>
> 2) clamdscan - another way to use ClamAV, this time directly
> interacting with the clamd daemon (thanks to Matt Sergeant's Clamd.pm
> module).
I've added a patch for the clamav plugin to use
$transaction->body_filename instead of duplicating the contents of the
mail to a temp file. At least with clam(d)scan 0.81 and 0.82 it's
working:
4139 virus::clamav plugin: Changing permissions on file to permit
scanner access
4139 virus::clamav plugin: Running: /usr/bin/clamdscan --stdout
--disable-summary /tmp/qpsmtpd/1109703939:4139:0 2>&1
4139 virus::clamav plugin: clamscan results:
/tmp/qpsmtpd/1109703939:4139:0: OK
Clam(d)scan knows that it's scanning a mail without the mailbox
header ("From [EMAIL PROTECTED]"). Please review :-) Take out the permission
resetting if you like.
Hanno
hbedv.pl.gz
Description: Binary data
--- clamav.bak 2005-02-25 04:06:22.000000000 +0100
+++ clamav 2005-03-01 20:12:05.000000000 +0100
@@ -101,8 +101,6 @@
=cut
-use File::Temp qw(tempfile);
-
use strict;
use warnings;
@@ -156,33 +154,25 @@
sub clam_scan {
my ($self, $transaction) = @_;
-
+ my $perms_changed = 0;
+
if ($transaction->body_size > $self->{_max_size}) {
$self->log(LOGWARN, 'Mail too large to scan ('.
$transaction->body_size . " vs $self->{_max_size})" );
return (DECLINED);
}
- my ($temp_fh, $filename) = tempfile("qpsmtpd.clamav.$$.XXXXXX",
- DIR => $self->{_spool_dir});
- unless ($temp_fh) {
- $self->logerror("Couldn't open tempfile in $self->{_spool_dir}: $!");
+ my $filename = $transaction->body_filename;
+ unless (defined $filename) {
+ $self->log(LOGERROR, "didn't get a filename");
return DECLINED;
}
- print $temp_fh "From ",
- $transaction->sender->format, " " , scalar gmtime, "\n";
- print $temp_fh $transaction->header->as_string, "\n";
- $transaction->body_resetpos;
- while (my $line = $transaction->body_getline) {
- print $temp_fh $line;
- }
- seek($temp_fh, 0, 0);
-
my $mode = (stat($self->{_spool_dir}))[2];
if ( $mode & 07077 ) { # must be sharing spool directory with external app
$self->log(LOGWARN,
"Changing permissions on file to permit scanner access");
chmod $mode, $filename;
+ $perms_changed = 1;
}
# Now do the actual scanning!
@@ -195,7 +185,11 @@
my $result = ($? >> 8);
my $signal = ($? & 127);
- unlink($filename);
+ if ($perms_changed) {
+ $self->log(LOGDEBUG, "Resetting permissions on file");
+ chmod 0600, $filename
+ }
+
chomp($output);
$output =~ s/^.* (.*) FOUND$/$1 /mg;
