Hello: I have been trying to get the Praxis antivirus matcher (it.praxis.james.matchers.IsInfected) to work. I am having an issue however in that the antivirus program always errors out. I am sure it's something I've overlooked, not a problem with the matcher (probably something with the Java language or system settings I'm missing). In any case, I'd like to pick y'all's brains anyway. Here's the setup: Linux (RedHat 9) James 3.0a1 (Did the same thing with 2.1) F-Prot Antivirus for Linux Workstations
Here is the config.xml section I have: <!-- *** START SNIPPET *** --> <mailet match="IsInfected=/usr/local/bin/f-prot -old -archive -report=%reportFile% %targetDir%/*.tt, /usr/local/james/virus_scanner_temp, true, 3" class="ToProcessor"> <processor> virus </processor> </mailet> <!-- *** END SNIPPET *** --> Here is a sample report file when f-prot is run by the matcher: *** START FILE *** Virus scanning report - 11 April 2004 @ 22:01 F-PROT ANTIVIRUS Program version: 4.3.2 Engine version: 3.14.7 VIRUS SIGNATURE FILES SIGN.DEF created 8 April 2004 SIGN2.DEF created 8 April 2004 MACRO.DEF created 24 March 2004 Search: /usr/local/james/virus_scanner_temp/virus6422487423725853807/*.tt Action: Report only Files: Attempt to identify files Switches: -ARCHIVE -REPORT=/usr/local/james/virus_scanner_temp/virus6422487423725853807/scanR eport.txt -OLD Error on reading /usr/local/james/virus_scanner_temp/virus6422487423725853807/*.tt Results of virus scanning: Files: 0 MBRs: 0 Boot sectors: 0 Objects scanned: 0 Time: 0:00 No viruses or suspicious files/boot sectors were found. *** END FILE *** The only problem being reported as: "Error on reading /usr/local/james/virus_scanner_temp/virus6422487423725853807/*.tt" To troubleshoot the problem, I recompiled the source and commented out the code to delete the attachments. I also logged the EXACT command line being executed by the matcher. After a mail arrived, I looked at the log, got the command line and executed it (of course, verifying the temporary file(s) were persisted instead of deleted). Manually executing the command line got me the following output: *** START FILE *** Virus scanning report - 11 April 2004 @ 22:19 F-PROT ANTIVIRUS Program version: 4.3.2 Engine version: 3.14.7 VIRUS SIGNATURE FILES SIGN.DEF created 8 April 2004 SIGN2.DEF created 8 April 2004 MACRO.DEF created 24 March 2004 Search: /usr/local/james/virus_scanner_temp/virus6422487423725853807/content50022. tt Action: Report only Files: Attempt to identify files Switches: -ARCHIVE -REPORT=/usr/local/james/virus_scanner_temp/virus6422487423725853807/scanR eport.txt -OLD Results of virus scanning: Files: 1 MBRs: 0 Boot sectors: 0 Objects scanned: 1 Time: 0:00 No viruses or suspicious files/boot sectors were found. *** END FILE *** So, you see, the command is valid. The next thing I thought was that perhaps the file(s) hadn't had a chance to be written to disk before the mailet executed the command (forgive my lack of knowledge of the Java system - is this even possible?). To disprove this theory, I hard-coded the same command line in the matcher so that upon a mail arrival, the matcher would just execute a known-good command on known-existing files. Still no luck (same report file as above). So, I'm stuck. Does anyone have any idea what I may be doing wrong? -- Thanks, Chris Simmons [EMAIL PROTECTED]
smime.p7s
Description: S/MIME cryptographic signature
