On Tue, 4 Jan 2005, Jeremy Kitchen wrote:
On Monday 03 January 2005 08:48 pm, Charles Sprickman wrote:Hi,
I'll apologize in advance here, this is really a maildrop question, but after posting there three times I haven't received an answer to what should be a simple question (not even an admonishment or flame from Mr. Sam)...
I found a nice network-ready clamd client that I want to use:
ftp://victor.teaser.fr/pub/lwa/clamd-stream-client/
That allows me to do virus-scanning on another set of boxes; all the other clients assume a local clamd server, which is no good.
It's pretty simple, you feed it a message and it returns a clean exit code if there's no virus. If there is a virus it prints the name to STDOUT and exits with exitcode 65. Simple, right?
that's not even compatible with clam{d,}scan
According to the docs, it emulates "sendmail exit codes", which I think means "mail.local" exit codes. Either way, it's easy enough to check in maildrop, or if need be to change in the source.
those tools use 0 for clean, 1 for virus, and 2 for non-virus. Having different tools using different exit codes is a maintanence nightmare waiting to happen.
I only have one maildrop filter to maintain, so I can live with that.
So I hacked together a simple rule in my local mailfilter rule like so to test it:[snip]
now my question is: why aren't you doing this at the queue level so you can simply reject viruses at the smtp level? This would be a much simpler design, and you could easily do all of the logging / tracking that you wanted.
I have some people that want virus filtering, some that don't...
Any ideas on the backtick problem?
Thanks,
Charles
just my two cents.
-Jeremy
-- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED]
