anomy-list

RE: Calling ClamAV

From: Peter Mueller (136798@xyz.molar.is)
Date: Tue 18 Jan 2005 - 00:21:55 GMT

  • Next message: Alan Munday: "Re: Calling ClamAV"

    # rpm -qa | grep clam
    clamav-0.70-1
     
    file_list_6_scanner = 0:2:3:/usr/local/anomy/bin/clamavd.sh %FILENAME
    file_list_6_policy = accept:save:drop:drop
    file_list_6 = (?i)(.*\@.*\.com)$
     
    /usr/local/anomy/bin/clamavd.sh
    #!/bin/sh
      
    # Script for the Sanitizer (procmail filter)
    # Using ClamAV
    # Version: 1.02, Xavier Roche/Serianet
    # Usage: /etc/procmail/clamavd.sh <filename>
    # Returns: "CLEAN : OK" | "VIRUS : <information>" | "ERROR"
    # Exitcode: 0=OK 2=SUSPICIOUS 3=VIRUS
    # This script is under GPL
      
    #############################################################################
    #
    # Instructions (copied from e-mail from Xavier by Bjarni):
    #
    # I tested various AV systems (avp, f-prot..) and attached to this mail
    # a simple script which recognizes the four most used av scanners on
    # linux systems (the script can be freely used and spread, of course).
    #
    # The use is simple: check_for_virus <filename>
    # which will return 0 (OK), 2 (warning), or 3 (danger)
    #
    # For example, I use the main policy:
    #
    # file_list_1_scanner = 0:2:3:/etc/procmail/check_for_virus %FILENAME
    # file_list_1_policy = unknown:mangle:save:save
    # file_list_1 = (?i).*
    #
      
    logger -p mail.notice "check $1"
      
    if test -n "$1"; then
    if test -f "$1"; then
      
      
    RET=0
      
    # ClamAV (Clam AntiVirus)
    if test -x /usr/bin/clamdscan; then
            STATUS=
            /usr/bin/clamdscan --quiet "$1"
            RETURNCODE=$?
            if test $RETURNCODE -eq 1; then
                    STATUS="virus found"
                    RET=3
            fi
            if test -n "$STATUS"; then
                    INFO=`/usr/bin/clamdscan --disable-summary --stdout "$1"|cut
    -f2 -d' '`
                    logger -i -p mail.notice "virus check for $1: VIRUS FOUND!! -
    $INFO"
                    echo "VIRUS : $INFO"
            else
                    logger -i -p mail.notice "virus check for $1: ok"
                    echo "CLEAN : OK"
            fi
    fi
    exit $RET
      
    fi
    fi
    echo "ERROR"
    exit 0

    ________________________________

    From: Alan Munday [mailto:136840@xyz.molar.is]
    Sent: Mon 1/17/2005 2:35 PM
    To: 136891@xyz.molar.is
    Subject: [anomy-list]: Calling ClamAV

    I'm looking to add ClamAV to my system (RH9) where I have Anomy configured
    with Postfix pretty much as per the Advosys document.

    Having done some searching I thought the easiest way to add clamav to the
    system is to use the rpm's produced by Dag Wieers. I'm assuming that I would
    only need to instal clamav-db and clamav rpm's (at least initially).

    While I found a couple of references to calling clamav from Anomy they were
    not clear to me. One required editing the sanitizer.pl which I would like to
    clarify as a requirement so I can remember this at upgrade time.

    Any how, does anyone have any clear advice on the set-up of Anomy to call
    clamav please?

    Thanks

    Alan

    Attachments:
     + http://mailtools.anomy.net/archives/anomy-list//b6/41/ec5638/01.unnamed.html



    hosted by molar.is