On Tue, 4 Jan 2005, Jeremy Kitchen wrote:

On Monday 03 January 2005 08:48 pm, Charles Sprickman wrote:
Hi,

I'll apologize in advance here, this is really a maildrop question, but
after posting there three times I haven't received an answer to what
should be a simple question (not even an admonishment or flame from Mr.
Sam)...

I found a nice network-ready clamd client that I want to use:

ftp://victor.teaser.fr/pub/lwa/clamd-stream-client/

That allows me to do virus-scanning on another set of boxes; all the other
clients assume a local clamd server, which is no good.

It's pretty simple, you feed it a message and it returns a clean exit code
if there's no virus.  If there is a virus it prints the name to STDOUT and
exits with exitcode 65.  Simple, right?

that's not even compatible with clam{d,}scan

According to the docs, it emulates "sendmail exit codes", which I think means "mail.local" exit codes. Either way, it's easy enough to check in maildrop, or if need be to change in the source.


those tools use 0 for clean, 1 for virus, and 2 for non-virus.  Having
different tools using different exit codes is a maintanence nightmare waiting
to happen.

I only have one maildrop filter to maintain, so I can live with that.

So I hacked together a simple rule in my local mailfilter rule like so to
test it:
[snip]

now my question is: why aren't you doing this at the queue level so you can
simply reject viruses at the smtp level?  This would be a much simpler
design, and you could easily do all of the logging / tracking that you
wanted.

I have some people that want virus filtering, some that don't...

Any ideas on the backtick problem?

Thanks,

Charles

just my two cents.

-Jeremy

--
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
 [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l
     kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail
        GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED]

Reply via email to