[Mimedefang] Running multiple virus scanners
Mark Sheppard
mark at ddf.net
Thu Jan 8 02:32:47 EST 2004
On 2004-01-07 (Wednesday) at 18:46:41 -0500, Jon R. Kibler wrote:
>
> Two question:
> 1) When running multiple virus scanners, is there any way to tell
> which scanner caught the virus?
>
> 2) Is there any easy way to specify which virus scanner runs first?
The code as it stands will only call one virus scanner so you'll need
to alter the code. I'd do something like the following (note that all
this code is totally untested):
Change message_contains_virus to something like this:
sub message_contains_virus () {
my @return;
for my $scanner ('nai', 'clamd'){
@return = eval "message_contains_virus_$scanner()";
last if $return[0];
}
return (wantarray ? @return : ($return[0] ? 1 : 0));
}
And entity_contains_virus to something like this:
sub entity_contains_virus ($) {
my($e) = @_;
my @return;
my $scanner;
for $scanner ('nai', 'clamd'){
@return = eval "entity_contains_virus_$scanner(\$e)";
last if $return[0];
}
return (wantarray ? (@return, $scanner) : ($return[0] ? 1 : 0));
}
Then in filter where this is called pick up the scanner:
my($code, $category, $action, $scanner) = entity_contains_virus($entity);
and add it to the syslog message in filter:
md_graphdefang_log("virus-$scanner", $VirusName, $RelayAddr);
Mark.
More information about the MIMEDefang
mailing list