[Mimedefang] Saving Headers for report
Jerome Tytgat
jerome.tytgat at asterion.fr
Thu May 6 11:25:42 EDT 2004
Hi I've made a test but it does not look like I have the full headers.
I've implemented your test in Filter_begin where the virus test
is done as I wanted to save the headers only for virus mails.
Maybe my problem is with filter_begin and I should move the save
headers in filter_end.
Here is a test from testvirus.org, so I test good email and virus
email. I should have nearly the same informations in Headers :
Good Email :
=-=-=-=-=-=-
Return-Path: <tester at testvirus.org>
Received: from mail01.excedent.us (crc2.excedent.us [12.5.19.157])
by shax.sioban.net (8.12.11/8.12.11) with ESMTP id i46FKuNx013799
for <titi at sioban.net>; Thu, 6 May 2004 17:20:56 +0200
X-Originating-Ip: 194.242.168.20
Message-Id: <307082. at testvirus.org>
Date: Thu, 06 May 2004 11:29:20 -0500
From: "TESTVIRUS.org" <tester at testvirus.org>
To: <toto at xxx>
Subject: Virus Scanner Test Authorization
Mime-Version: 1.0
Content-Type: text/plain;
Virus Email :
=-=-=-=-=-=-=
X-Originating-Ip: 194.242.168.20
Message-Id: <789367. at testvirus.org>
Date: Thu, 06 May 2004 11:22:52 -0500
From: "TESTVIRUS.org" <tester at testvirus.org>
To: <toto at xxx>
Subject: Virus Scanner Test #1
Mime-Version: 1.0
Content-Type: multipart/mixed;
BounDary="=====================_307115168==_"
As you see I'm lacking at least the "Received:" line
which is the most important part in the headers for
me.
In mail log I get for the source : 12.5.19.157
MDLOG,i46FEUmQ013540,virus,EICAR-AV-Test,12.5.19.157,<tester at testvirus.org>,<toto at sioban.net>,Virus
Scanner Test #1
Steffen Kaiser wrote:
> On Thu, 6 May 2004, Jerome Tytgat wrote:
>
>
>>Is there a possibility, with mimedefang, to automatically save
>>only the headers (I don't want the full mail, as forwarding virus
>>is not a good idea) to a folder using for name the reference number
>>of the mail (also found in MDLOG entries) for easy linking.
>
>
> I do it like so in filter_end():
>
> my $logd = $Features{'Path:QUARANTINEDIR'} . "/maillog";
> if(-d $logd) {
> my $logf = "$logd/${MsgID}-Report-" . localtime() . ".txt";
> if(open(LOG, ">$logf")) {
> print LOG $report;
> if(open(H, 'HEADERS')) {
> print LOG "\nHeaders:\n" . join('', <H>);
> close H;
> } else {
> print LOG "\nFailed to open headers: $!\n";
> }
> close LOG;
> } else {
> skalog "\nFailed to create logfile: $logf: $!\n";
> }
> } else {
> skalog "No maillog dir: $logd";
> }
>
> Bye,
>
--
====================================
> Jérôme Tytgat
Administrateur Réseau et Sécurité
ASTERION - Impasse de la Hache
CP 5911 - 44 477 CARQUEFOU CEDEX
T: 02 40 300 800 - F: 02 40 25 10 74
====================================
More information about the MIMEDefang
mailing list