[Mimedefang] How to add an antivirus to MIMEDefang??

James Whittington jwhittington at excelorant.com
Wed Nov 27 15:21:01 EST 2002 

I've been using MIMEDefang version 2.21 along with Spamassassin for a couple
of months now on an sendmail gateway.  I recently added the current version
of SOPHOS to the RedHat Linux 7.3 box seemingly without problems.  I am
using pretty much the "out of the source" config file that came along with
MIMEDefang.  

I recompiled  MIMEDefang with the "./configure --enable-sweep" and now
"mimedefang.pl -features" command seems to now know about how to get to the
sweep program.
How do I get mimedefang to use Sophos??

Do forgive me if this is a total newbie question, I haven't really learned
perl yet, so much of what I've done has been based on the work of people I
aspire to be :<).

 
The following snippet from my config file seems to be the main action of
checking for viruses 
# Scan for a virus using the first supported virus scanner we find.
sub entity_contains_virus ($) {
    my($e) = @_;
    return entity_contains_virus_avp($e)      if ($Features{'Virus:AVP'});
    return entity_contains_virus_fprot($e)    if ($Features{'Virus:FPROT'});
    return entity_contains_virus_fsav($e)     if ($Features{'Virus:FSAV'});
    return entity_contains_virus_hbedv($e)    if ($Features{'Virus:HBEDV'});
    return entity_contains_virus_nai($e)      if ($Features{'Virus:NAI'});
    return entity_contains_virus_nvcc($e)     if ($Features{'Virus:NVCC'});
    return entity_contains_virus_rav($e)      if ($Features{'Virus:RAV'});
    return entity_contains_virus_sophie($e)   if
($Features{'Virus:SOPHIE'});
    return entity_contains_virus_sophos($e)   if
($Features{'Virus:SOPHOS'});
    return entity_contains_virus_trend($e)    if ($Features{'Virus:TREND'});
    return entity_contains_virus_filescan($e) if
($Features{'Virus:FileScan'});
    return entity_contains_virus_clamav($e)   if
($Features{'Virus:CLAMAV'});
    return (wantarray ? (0, 'ok', 'ok') : 0);
}

#***********************************************************************
# %PROCEDURE: filter_begin
# %ARGUMENTS:
#  None
# %RETURNS:
#  Nothing
# %DESCRIPTION:
#  Called just before e-mail parts are processed
#***********************************************************************
sub filter_begin () {
    # ALWAYS drop messages with suspicious chars in headers
    if ($SuspiciousCharsInHeaders) {
        action_quarantine_entire_message("Message quarantined because of
suspicious characters in headers");
        # Do NOT allow message to reach recipient(s)
        return action_discard();
    }

    # Scan for viruses if any virus-scanners are installed
    my($code, $category, $action) = message_contains_virus();
    $FoundVirus = ($category eq "virus");
}

Any help or insight would be greatly appreciated,

_______________________________________________

James Whittington
Systems Administrator

Excelorant, LLC
A TM Floyd Affiliate Company
1800 St. Julian Place
P.O. Box 8263
Columbia, SC 29202

803.765.1310 | Phone
800.780.1170 | Toll Free
803.765.1431 | Fax

jwhittington <mailto:jwhittington at excelorant.com>@excelorant.com


_______________________________________________

More information about the MIMEDefang mailing list