[Mimedefang] Virus Scanner Output
Stephane Lentz
Stephane.Lentz at ansf.alcatel.fr
Sat Jun 15 04:20:58 EDT 2002
On Sat, Jun 15, 2002 at 05:24:17PM +1000, Anthony Giggins wrote:
> Anyone looked into parsing the output of the virus scanner? I'm now
> testing Trend and the output from it is terrible compared to that of the
> NAI scanner.
=> I plan to.
> Can anyone supply some tips to push me in the right direction?
=> We should take some ideas/code from amavids-new which does
the following work :
<<
# Trend FileScanner/Linux
#
if ($vscan) {
do_log(2,"Using $vscan");
chop($output = `$vscan -a $TEMPDIR/parts/*`);
$errval = retcode($?);
do_log(2,$output);
if ($errval == 0) { # no errors, no viruses found
$scanner_errors = 0;
} elsif ($errval == 1 || $errval == 2) { # no errors, viruses
discovered
$scanner_errors = 0;
@virusname = ($output =~ /Found virus (.+) in/g);
return 1; # 'true' indicates virus found and stops further
checking
} else {
do_log(0,"Virus scanner failure: $vscan (error code: $errval)");
}
}
>>
Basically as you can see it :
- tries to identify some Found virus lines to get the virus name
- uses some @virusname array since there may be several viruses
in the message.
You can start writing some code ....
regards,
SL/
---
Stephane Lentz / Alcanet International - Internet Services
More information about the MIMEDefang
mailing list