Hi
I'm trying to get the new qpsmtpd 0.81-2 from Debian to Ubuntu, and
noticed the following:
1. clamav plugin not working with clamav 0.95.1
It seems the clamav plugin tries to run clamscan with some old command
line options, for which clamscan gives an error, here's the log:
Sun May 17 10:25:25 2009 utest-jj.narancs.net[1352]: 354 go ahead
Sun May 17 10:25:26 2009 utest-jj.narancs.net[1352]: clamscan results:
/usr/bin/clamscan: unrecognized option `--config-file=/etc/clamd/conf'
ERROR: Unknown option passed
ERROR: Can't parse command line options
Sun May 17 10:25:26 2009 utest-jj.narancs.net[1352]: ClamAV error:
/usr/bin/clamscan --stdout --config-file=/etc/clamd/conf
--disable-summary /var/spool/qpsmtpd/1242545126:1352:0 2>&1: 40
Sun May 17 10:25:26 2009 utest-jj.narancs.net[1352]: 250 Queued!
<20090517072523.c1d6c1f...@imike.cluj.astral.ro> (Queue-Id: 19A4B33C3B)
That's because --config-file was removed from clamscan options (at least
I didn't find it in the man page) and --disable-summary was renamed to
--no-summary (that, however gives only a warning).
See attached diff file for a possible fix. Please review it, because I'm
only a casual perl code writer. I've tested it though, and it seems to work.
2. @Devin: README.Debian for enabling clamav plugins
Please consider adding the attached text to the readme file when
uploading to Debian. It contains some basic steps on how to correctly
enable clamdscan and could be useful for users/admins new to qpsmtpd.
3. If I'm not mistaken, the following message is due to added "-w"
option to every perl script:
d501:~# /etc/init.d/qpsmtpd start
Starting qpsmtpd: Odd number of elements in hash assignment at
/usr/share/qpsmtpd/plugins/virus/clamdscan line 114.
qpsmtpd-forkserver.
This happend because in /etc/qpsmtpd/plugins file I gave only one option
to clamdscan:
virus/clamdscan deny_viruses=yes
If I add a second option, say the path to clamd socket, the above
warning does not appear.
The warning could confuse users, and is not an error, so IMHO shouldn't
be shown.
Cheers.
--
Imre Gergely
Yahoo!: gergelyimre
ICQ#: 101510959
MSN: gergely_imre
GoogleTalk: gergelyimre
gpg --keyserver subkeys.pgp.net --recv-keys 0x34525305
--- clamav 2009-05-17 19:07:56.000000000 +0300
+++ clamav.my 2009-05-17 19:03:31.000000000 +0300
@@ -34,6 +34,8 @@
The default value is '/etc/clamd.conf'.
+Note: deprecated option in ClamAV 0.95.
+
=item action=E<lt>I<add-header> | I<reject>E<gt> (e.g. I<action=reject>)
Selects an action to take when an inbound message is found to be infected.
@@ -59,6 +61,12 @@
If you are using a version of ClamAV prior to 0.80, you need to set this
variable to include a couple of now deprecated options.
+Note: the back_compat5 option (explained below) will be implicitly set
+
+=item back_compat5
+
+If you are using a version of ClamAV prior to 0.95, you need to set this
+variable to include a couple of now deprecated options.
=back
@@ -136,8 +144,12 @@
elsif (/^action=(add-header|reject)$/) {
$self->{_action} = $1;
}
- elsif (/back_compat/) {
+ elsif (/^back_compat$/) {
$self->{_back_compat} = '-i --max-recursion=50';
+ $self->{_back_compat5} = '--disable-summary';
+ }
+ elsif (/^back_compat5$/) {
+ $self->{_back_compat5} = '--disable-summary';
}
else {
$self->log(LOGERROR, "Unrecognized argument '$_' to clamav plugin");
@@ -149,6 +161,8 @@
$self->{_spool_dir} ||= $self->spool_dir();
$self->{_back_compat} ||= ''; # make sure something is set
$self->{_clamd_conf} ||= '/etc/clamd/conf'; # make sure something is set
+ $self->{_back_compat5} = exists($self->{_back_compat5}) ?
+ ($self->{_back_compat5} . ' --config-file=' . $self->{_clamd_conf}) : '--no-summary'; # make sure something is set
unless ($self->{_spool_dir}) {
$self->log(LOGERROR, "No spool dir configuration found");
@@ -186,8 +200,8 @@
my $cmd = $self->{_clamscan_loc}
. " --stdout "
. $self->{_back_compat}
- . " --config-file=" . $self->{_clamd_conf}
- . " --disable-summary $filename 2>&1";
+ . " " . $self->{_back_compat5}
+ . " $filename 2>&1";
$self->log(LOGDEBUG, "Running: $cmd");
my $output = `$cmd`;
--- README.Debian 2009-05-17 20:46:15.000000000 +0300
+++ README.Debian.my 2009-05-17 20:49:12.000000000 +0300
@@ -85,3 +85,32 @@
download it from the URL above.
+5. About plugins
+
+5.a. clamdscan
+
+This plugin is not enabled by default. There are a couple of things you need
+to do before using it.
+
+The ClamAV daemon does not have access to qpsmtpd's spool directory by default:
+
+ * add clamav user to qpsmtpd group
+
+ sudo usermod -a -G qpsmtpd clamav
+
+ * change the permissions on qpsmtpd spool directory, give it group execute
+ access
+
+ sudo chmod g+x /var/spool/qpsmtpd
+
+ * make sure AllowSupplementaryGroups is set to 'true' in clamd.conf
+
+Restart clamav-daemon, enable clamdscan in /etc/qpsmtpd/plugins by uncommenting
+the following line:
+
+ # virus/clamdscan
+
+Restart qpsmtpd for the changes to take effect. Send a test email with a test
+virus signature (see EICAR website), and check in /var/log/qpsmtpd/qpsmtpd.log,
+look for 'Virus found'.
+
