[Mimedefang] EXAMPLE: End User Virus Notification

[Stefano McGhee]

Hello all,
	I just thought I'd share a simple piece of code for all the
non-coders out there.  I developed it because I had the occasional user who
would send me a MIMEDefang/Klez notification as a spam sample.  Not
intelligent, I agree, and annoying.  Even though I would explain that this
was just a notification that action was taken on a message sent to them,
they would still send it to me as spam.  So, I modified the
mimedefang-filter file to simply discard messages that contained the Klez
virus rather than reporting it.  The entire message is a virus with no
useful content, unlike the Word macro viruses that used to infect the
attachment, but not the accompanying text.  The From is usually bogus as
well, so there is no need to bounce Klez viruses.  Again, this is just a
sample for those out there just starting out like myself.

Cheers,

Stefano

Dedham, Massachusetts

    # Virus scan
    if ($FoundVirus) {
        my($code, $category, $action);
        $VirusScannerMessages = "";
        ($code, $category, $action) = entity_contains_virus($entity);
        if ($category eq "virus") {
            md_log('virus',$VirusName, $RelayAddr);
            # This has been added to not bother notifying recipients
            # of the Klez virus getting sent to them.  No real purpose.
            if ($VirusName =~ /klez/i) {
            return action_discard();
            } else {
            return action_quarantine($entity, "A known virus was discovered
and yadda, yadda");
            }
        }
    }