[Mimedefang] ***SPAM-POURRIEL*** Re: search perl code perl-ldap to see if a user exist + how use bogofilter + problem clamav failed with testvirus.org ?

jean-marc pouchoulon jean-marc.pouchoulon at ac-montpellier.fr
Tue Apr 13 11:39:35 EDT 2004


thanks for you your previous answer:

I have one for  bogofilter I use :

 my $bogo = "";
    $bogo = `/usr/bin/bogofilter -tu < "./INPUTMSG"`;
    if ( $bogo =~ m/Y\s[0|1]\.[0-9]*/ ) {
                action_change_header('Subject', "***SPAM-POURRIEL*** 
$Subject");
                action_change_header("X-Bogo-Score", "$bogo");
        }
in filter_end
it seems to work.

>Please be more explicit in giving information regarding your questions.
system : fedora

>What versions of mimedefang/clamav.
mimedefang 2.42 clamav 0.68 or last from cvs 

>What testviruss tests failed.

test5, 8, ,12, 19,20,21,22,23,25 

>what clamav.conf configuration, etc.

##
## Example config file for the Clam AV daemon
## Please read the clamav.conf(5) manual before editing this file.
##


# Comment or remove the line below.
#Example
#Foreground

# Uncomment this option to enable logging.
# LogFile must be writable for the user running the daemon.
# Full path is required.
#LogFile /tmp/clamd.log
LogFile /var/log/clamav/clamd.log

# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option). That's why you shouldn't uncomment
# this option.
#LogFileUnlock

# Maximal size of the log file. Default is 1 Mb.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers.
#LogFileMaxSize 2M
#LogFileMaxSize 0

# Log time with an each message.
#LogTime
LogTime

# Log also clean files. May be useful in debugging but will drastically
# increase the log size.
#LogClean

# Use system logger (can work together with LogFile).
#LogSyslog

# Enable verbose logging.
LogVerbose

# This option allows you to save the process identifier of the listening
# daemon (main thread).
#PidFile /var/run/clamd.pid
PidFile /var/run/clamav/clamd.pid

# Optional path to the global temporary directory.
# Default is system specific - usually /var/tmp or /tmp.
#TemporaryDirectory /var/tmp
TemporaryDirectory /tmp

# Path to the database directory.
# Default is the hardcoded directory (mostly /usr/local/share/clamav,
# but it depends on installation options).
#DatabaseDirectory /var/lib/clamav
#DatabaseDirectory /var/lib/clamav

# The daemon works in local or network mode. Currently the local mode is
# recommended for security reasons.

# Path to the local socket. The daemon doesn't change the mode of the
# created file (portability reasons). You may want to create it in a 
directory
# which is only accessible for a user running daemon.

LocalSocket /var/spool/MIMEDefang/clamd.sock


# Remove stale socket after unclean shutdown.
#FixStaleSocket

# TCP port address.
#TCPSocket 3310
#TCPSocket 3310

# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world.
#TCPAddr 127.0.0.1
#TCPAddr 127.0.0.1

# Maximum length the queue of pending connections may grow to.
# Default is 15.
MaxConnectionQueueLength 30

# When activated, input stream (see STREAM command) will be saved to 
disk before
# scanning - this allows scanning within archives.
StreamSaveToDisk

# Close the connection if this limit is exceeded.
StreamMaxLength 7M

# Maximal number of a threads running at the same time.
# Default is 5, and it should be sufficient for a typical workstation.
# You may need to increase threads number for a server machine.
MaxThreads 300

# Thread (scanner - single task) will be stopped after this time (seconds).
# Default is 180. Value of 0 disables the timeout. SECURITY HINT: 
Increase the
# timeout instead of disabling it.
#ThreadTimeout 500

# Maximal depth the directories are scanned at.
MaxDirectoryRecursion 15

# Follow a directory symlinks.
# SECURITY HINT: You should have enabled directory recursion limit to
# avoid potential problems.
#FollowDirectorySymlinks

# Follow regular file symlinks.
#FollowFileSymlinks

# Do internal checks (eg. check the integrity of the database structures)
# By default clamd checks itself every 3600 seconds (1 hour).
#SelfCheck 600

# Execute a command when virus is found. In the command string %v and %f 
will
# be replaced by the virus name and the infected file name respectively.
#
# SECURITY WARNING: Make sure the virus event command cannot be exploited,
#            eg. by using some special file name when %f is used.
#            Always use a full path to the command.
#            Never delete/move files with this directive !
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %f: %v"

# Run as selected user (clamd must be started by root).
# By default it doesn't drop privileges.
User defang

# Initialize the supplementary group access (for all groups in /etc/group
# user is added in. clamd must be started by root).
#AllowSupplementaryGroups
AllowSupplementaryGroups

# Don't fork into background. Useful in debugging.
#Foreground

# Enable debug messages in libclamav.
Debug

##
## Mail support
##

# Uncomment this option if you are planning to scan mail files.
#ScanMail
ScanMail

##
## Archive support
##


# Comment this line to disable scanning of the archives.
ScanArchive


# By default the built-in RAR unpacker is disabled by default because 
the code
# terribly leaks, however it's probably a good idea to enable it.
ScanRAR


# Options below protect your system against Denial of Service attacks
# with archive bombs.

# Files in archives larger than this limit won't be scanned.
# Value of 0 disables the limit.
# WARNING: Due to the unrarlib implementation, whole files (one by one) 
in RAR
#       archives are decompressed to the memory. That's why never disable
#       this limit (but you may increase it of course!)
ArchiveMaxFileSize 10M

# Archives are scanned recursively - e.g. if Zip archive contains RAR file,
# the RAR file will be decompressed, too (but only if recursion limit is set
# at least to 1). With this option you may set the recursion level.
# Value of 0 disables the limit.
ArchiveMaxRecursion 0

# Number of files to be scanned within archive.
# Value of 0 disables the limit.
ArchiveMaxFiles 1000

# Mark potential archive bombs as viruses (0 disables the limit)
ArchiveMaxCompressionRatio 200

# Use slower decompression algorithm which uses less memory. This option
# affects bzip2 decompressor only.
#ArchiveLimitMemoryUsage

##
## Clamuko settings
## WARNING: This is experimental software. It is very likely it will hang
##        up your system !!!
##

# Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.
#ClamukoScanOnLine

# Set access mask for Clamuko.
ClamukoScanOnOpen
ClamukoScanOnClose
ClamukoScanOnExec

# Set the include paths (all files in them will be scanned). You can have
# multiple ClamukoIncludePath options, but each directory must be added
# in a seperate option. All subdirectories are scanned, too.
ClamukoIncludePath /home
#ClamukoIncludePath /students

# Set the exclude paths. All subdirectories are also excluded.
#ClamukoExcludePath /home/guru

# Limit the file size to be scanned (probably you don't want to scan 
your movie
# files ;))
# Value of 0 disables the limit. 1 Mb should be fine.
ClamukoMaxFileSize 1M

# Enable archive support. It uses the limits from clamd section.
# (This option doesn't depend on ScanArchive, you can have archive support
# in clamd disabled).
ClamukoScanArchive
----------------------------




Any help would be greatly appreciated. Using clamav-milter cause no 
problem.

thanks




More information about the MIMEDefang mailing list