[Mimedefang] Saving Headers for report

Jerome Tytgat jerome.tytgat at asterion.fr
Thu May 6 11:25:42 EDT 2004 

Hi I've made a test but it does not look like I have the full headers.

I've implemented your test in Filter_begin where the virus test
is done as I wanted to save the headers only for virus mails.

Maybe my problem is with filter_begin and I should move the save
headers in filter_end.

Here is a test from testvirus.org, so I test good email and virus
email. I should have nearly the same informations in Headers :

Good Email :
=-=-=-=-=-=-
Return-Path: <tester at testvirus.org>
Received: from mail01.excedent.us (crc2.excedent.us [12.5.19.157])
      by shax.sioban.net (8.12.11/8.12.11) with ESMTP id i46FKuNx013799
      for <titi at sioban.net>; Thu, 6 May 2004 17:20:56 +0200
X-Originating-Ip: 194.242.168.20
Message-Id: <307082. at testvirus.org>
Date: Thu, 06 May 2004 11:29:20 -0500
From: "TESTVIRUS.org" <tester at testvirus.org>
To: <toto at xxx>
Subject: Virus Scanner Test Authorization
Mime-Version: 1.0
Content-Type: text/plain;

Virus Email :
=-=-=-=-=-=-=
X-Originating-Ip: 194.242.168.20
Message-Id: <789367. at testvirus.org>
Date: Thu, 06 May 2004 11:22:52 -0500
From: "TESTVIRUS.org" <tester at testvirus.org>
To: <toto at xxx>
Subject: Virus Scanner Test #1
Mime-Version: 1.0
Content-Type: multipart/mixed; 
BounDary="=====================_307115168==_"

As you see I'm lacking at least the "Received:" line
which is the most important part in the headers for
me.

In mail log I get for the source : 12.5.19.157

MDLOG,i46FEUmQ013540,virus,EICAR-AV-Test,12.5.19.157,<tester at testvirus.org>,<toto at sioban.net>,Virus 
Scanner Test #1



Steffen Kaiser wrote:

> On Thu, 6 May 2004, Jerome Tytgat wrote:
> 
> 
>>Is there a possibility, with mimedefang, to automatically save
>>only the headers (I don't want the full mail, as forwarding virus
>>is not a good idea) to a folder using for name the reference number
>>of the mail (also found in MDLOG entries) for easy linking.
> 
> 
> I do it like so in filter_end():
> 
> my $logd = $Features{'Path:QUARANTINEDIR'} . "/maillog";
> if(-d $logd) {
> 	my $logf = "$logd/${MsgID}-Report-" . localtime() . ".txt";
> 	if(open(LOG, ">$logf")) {
> 		print LOG $report;
> 		if(open(H, 'HEADERS')) {
> 			print LOG "\nHeaders:\n" . join('', <H>);
> 			close H;
> 		} else {
> 			print LOG "\nFailed to open headers: $!\n";
> 		}
> 		close LOG;
> 	} else {
> 			skalog "\nFailed to create logfile: $logf: $!\n";
> 	}
> } else {
> 	skalog "No maillog dir: $logd";
> }
> 
> Bye,
> 

-- 
====================================
 > Jérôme Tytgat
Administrateur  Réseau  et  Sécurité
ASTERION     -   Impasse de la Hache
CP 5911   -   44 477 CARQUEFOU CEDEX
T: 02 40 300 800 - F: 02 40 25 10 74
====================================

More information about the MIMEDefang mailing list