[Mimedefang] patch for Command Anti-Virus
Bill Maidment
bill at maidment.com.au
Thu Sep 30 00:47:57 EDT 2004
Here is a patch to mimedefang-2.45 to support Command Anti-Virus (csav)
Regards
--
_/_/_/_/ _/ _/
_/ _/ _/ _/ _/
_/_/_/ _/ _/
_/ _/ _/ _/ _/
_/_/_/_/ _/ _/ _/
Bill Maidment
Maidment Enterprises Pty Ltd
Unless you are named "Alfred E. Newman", you may read only the "odd
numbered words" (every other word beginning with the first) of the
message above. If you have violated that, then you hereby owe the sender
AU$10 for each even numbered word you have read.
Adapted from "Stupid Email Disclaimers" (see
http://www.goldmark.org/jeff/stupid-disclaimers/)
-------------- next part --------------
diff -u ../mimedefang-2.45/Changelog ../mimedefang-2.45-patched/Changelog
--- ../mimedefang-2.45/Changelog Thu Sep 23 01:26:47 2004
+++ ../mimedefang-2.45-patched/Changelog Thu Sep 30 14:41:02 2004
@@ -2,6 +2,10 @@
*** NOTE INCOMPATIBILITY ** to see if anything has changed that will
affect your filter.
+2004-09-30 Bill Maidment <bill at maidment.com.au>
+
+ * Added support for Command "csav" anti-virus.
+
2004-09-22 David F. Skoll <dfs at roaringpenguin.com>
* Version 2.45 RELEASED
diff -u ../mimedefang-2.45/README ../mimedefang-2.45-patched/README
--- ../mimedefang-2.45/README Thu Sep 23 00:30:03 2004
+++ ../mimedefang-2.45-patched/README Thu Sep 30 14:41:38 2004
@@ -233,6 +233,7 @@
--disable-trend Do not include support for Trend Filescanner/Interscan
--disable-AvpLinux Do not include support for AVP AvpLinux
--disable-clamav Do not include support for clamav
+ --disable-csav Do not include support for Command Anti-Virus
--disable-fsav Do not include support for F-Secure Anti-Virus
--disable-fprot Do not include support for F-prot Anti-Virus
--disable-sophie Do not include support for Sophie
Common subdirectories: ../mimedefang-2.45/SpamAssassin and ../mimedefang-2.45-patched/SpamAssassin
diff -u ../mimedefang-2.45/configure ../mimedefang-2.45-patched/configure
--- ../mimedefang-2.45/configure Thu Sep 23 00:51:46 2004
+++ ../mimedefang-2.45-patched/configure Wed Sep 29 20:23:28 2004
@@ -308,7 +308,7 @@
# include <unistd.h>
#endif"
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT AR INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA PERL PERLPREFIX PERLSITEPREFIX PERLVENDORPREFIX PERLINSTALLARCHLIB PERLINSTALLPRIVLIB PERLINSTALLBIN PERLINSTALLMAN1DIR PERLINSTALLMAN3DIR PERLINSTALLSCRIPT PERLINSTALLSITEARCH PERLINSTALLSITELIB PERLINSTALLDATA PERLINSTALLSITEDATA PERLINSTALLVENDORDATA PERLINSTALLCONF PERLINSTALLSITECONF PERLINSTALLVENDORCONF NM DEFANGUSER IP_HEADER CONFSUBDIR CLEANUP_DEFS SETLOGSOCK_UNIX HAVE_SPAM_ASSASSIN CPP EGREP USE_UNIX_SYSLOG USE_SYS_SYSLOG EMBPERLCFLAGS EMBPERLLDFLAGS EMBPERLLIBS EMBPERLOBJS EMBPERLDEFS MINCLUDE SPOOLDIR QDIR HBEDV VEXIRA NAI BDC SOPHOS TREND CLAMSCAN AVP AVP_KAVSCANNER AVP_KAVDAEMON AVP5 FSAV FPROT SOPHIE NVCC CLAMD TROPHIE LIBMILTER LIBSM SENDMAILPROG RM ENABLE_DEBUGGING PTHREAD_FLAG VERSION LIBS_WITHOUT_PTHREAD CONFDIR_EVAL LIBOBJS LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT AR INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA PERL PERLPREFIX PERLSITEPREFIX PERLVENDORPREFIX PERLINSTALLARCHLIB PERLINSTALLPRIVLIB PERLINSTALLBIN PERLINSTALLMAN1DIR PERLINSTALLMAN3DIR PERLINSTALLSCRIPT PERLINSTALLSITEARCH PERLINSTALLSITELIB PERLINSTALLDATA PERLINSTALLSITEDATA PERLINSTALLVENDORDATA PERLINSTALLCONF PERLINSTALLSITECONF PERLINSTALLVENDORCONF NM DEFANGUSER IP_HEADER CONFSUBDIR CLEANUP_DEFS SETLOGSOCK_UNIX HAVE_SPAM_ASSASSIN CPP EGREP USE_UNIX_SYSLOG USE_SYS_SYSLOG EMBPERLCFLAGS EMBPERLLDFLAGS EMBPERLLIBS EMBPERLOBJS EMBPERLDEFS MINCLUDE SPOOLDIR QDIR HBEDV VEXIRA NAI BDC SOPHOS TREND CLAMSCAN AVP AVP_KAVSCANNER AVP_KAVDAEMON AVP5 CSAV FSAV FPROT SOPHIE NVCC CLAMD TROPHIE LIBMILTER LIBSM SENDMAILPROG RM ENABLE_DEBUGGING PTHREAD_FLAG VERSION LIBS_WITHOUT_PTHREAD CONFDIR_EVAL LIBOBJS LTLIBOBJS'
ac_subst_files=''
# Initialize some variables set by options.
@@ -857,6 +857,7 @@
--disable-AvpLinux Do not include support for AVP AvpLinux
--disable-aveclient Do not include support for AVP5 aveclient
--disable-clamav Do not include support for clamav
+ --disable-csav Do not include support for CSAV Anti-Virus
--disable-fsav Do not include support for F-Secure Anti-Virus
--disable-fprot Do not include support for F-prot Anti-Virus
--disable-sophie Do not include support for Sophie
@@ -4904,6 +4905,13 @@
else
ac_cv_clamav=yes
fi;
+# Check whether --enable-csav or --disable-csav was given.
+if test "${enable_csav+set}" = set; then
+ enableval="$enable_csav"
+ ac_cv_csav=$enableval
+else
+ ac_cv_csav=yes
+fi;
# Check whether --enable-fsav or --disable-fsav was given.
if test "${enable_fsav+set}" = set; then
enableval="$enable_fsav"
@@ -5426,6 +5434,49 @@
AVP="$AVP_KAVSCANNER"
fi
+ if test "$ac_cv_csav" = yes; then
+ # Extract the first word of "csav", so it can be a program name with args.
+set dummy csav; ac_word=$2
+echo "$as_me:$LINENO: checking for $ac_word" >&5
+echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
+if test "${ac_cv_path_CSAV+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ case $CSAV in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_CSAV="$CSAV" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $ANTIVIR_PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_path_CSAV="$as_dir/$ac_word$ac_exec_ext"
+ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+done
+
+ test -z "$ac_cv_path_CSAV" && ac_cv_path_CSAV="/bin/false"
+ ;;
+esac
+fi
+CSAV=$ac_cv_path_CSAV
+
+if test -n "$CSAV"; then
+ echo "$as_me:$LINENO: result: $CSAV" >&5
+echo "${ECHO_T}$CSAV" >&6
+else
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+ fi
+
if test "$ac_cv_fsav" = yes; then
# Extract the first word of "fsav", so it can be a program name with args.
set dummy fsav; ac_word=$2
@@ -5696,6 +5747,7 @@
test -z "$AVP5" && AVP5=/bin/false
test -z "$AVP_KAVDAEMON" && AVP_KAVDAEMON=/bin/false
test -z "$AVP_KAVSCANNER" && AVP_KAVSCANNER=/bin/false
+test -z "$CSAV" && CSAV=/bin/false
test -z "$FSAV" && FSAV=/bin/false
test -z "$FPROT" && FPROT=/bin/false
test -z "$SOPHIE" && SOPHIE=/bin/false
@@ -6654,6 +6706,7 @@
s, at AVP_KAVSCANNER@,$AVP_KAVSCANNER,;t t
s, at AVP_KAVDAEMON@,$AVP_KAVDAEMON,;t t
s, at AVP5@,$AVP5,;t t
+s, at CSAV@,$CSAV,;t t
s, at FSAV@,$FSAV,;t t
s, at FPROT@,$FPROT,;t t
s, at SOPHIE@,$SOPHIE,;t t
@@ -7238,6 +7291,17 @@
GOT_VIRUS_SCANNER=1
fi
+ if test "$CSAV" = "/bin/false" ; then
+ if test "$ac_cv_csav" != "yes" ; then
+ echo "CSAV 'csav' NO (Disabled by configure command)"
+ else
+ echo "CSAV 'csav' NO (not found)"
+ fi
+ else
+ echo "CSAV 'csav' YES - $CSAV"
+ GOT_VIRUS_SCANNER=1
+ fi
+
if test "$FSAV" = "/bin/false" ; then
if test "$ac_cv_fsav" != "yes" ; then
echo "FSAV 'fsav' NO (Disabled by configure command)"
diff -u ../mimedefang-2.45/configure.in ../mimedefang-2.45-patched/configure.in
--- ../mimedefang-2.45/configure.in Thu Sep 23 00:51:53 2004
+++ ../mimedefang-2.45-patched/configure.in Wed Sep 29 20:23:31 2004
@@ -568,6 +568,10 @@
AVP="$AVP_KAVSCANNER"
fi
+ if test "$ac_cv_csav" = yes; then
+ AC_PATH_PROG(CSAV, csav, /bin/false, $ANTIVIR_PATH)
+ fi
+
if test "$ac_cv_fsav" = yes; then
AC_PATH_PROG(FSAV, fsav, /bin/false, $ANTIVIR_PATH)
fi
@@ -604,6 +608,7 @@
test -z "$AVP5" && AVP5=/bin/false
test -z "$AVP_KAVDAEMON" && AVP_KAVDAEMON=/bin/false
test -z "$AVP_KAVSCANNER" && AVP_KAVSCANNER=/bin/false
+test -z "$CSAV" && CSAV=/bin/false
test -z "$FSAV" && FSAV=/bin/false
test -z "$FPROT" && FPROT=/bin/false
test -z "$SOPHIE" && SOPHIE=/bin/false
@@ -866,6 +871,17 @@
GOT_VIRUS_SCANNER=1
fi
+ if test "$CSAV" = "/bin/false" ; then
+ if test "$ac_cv_csav" != "yes" ; then
+ echo "CSAV 'csav' NO (Disabled by configure command)"
+ else
+ echo "CSAV 'csav' NO (not found)"
+ fi
+ else
+ echo "CSAV 'csav' YES - $CSAV"
+ GOT_VIRUS_SCANNER=1
+ fi
+
if test "$FSAV" = "/bin/false" ; then
if test "$ac_cv_fsav" != "yes" ; then
echo "FSAV 'fsav' NO (Disabled by configure command)"
Common subdirectories: ../mimedefang-2.45/contrib and ../mimedefang-2.45-patched/contrib
Common subdirectories: ../mimedefang-2.45/examples and ../mimedefang-2.45-patched/examples
diff -u ../mimedefang-2.45/mimedefang-filter.5.in ../mimedefang-2.45-patched/mimedefang-filter.5.in
--- ../mimedefang-2.45/mimedefang-filter.5.in Thu Sep 23 00:08:57 2004
+++ ../mimedefang-2.45-patched/mimedefang-filter.5.in Thu Sep 30 14:39:21 2004
@@ -748,6 +748,9 @@
$Features{"Virus:AVP5"} is the full path to Kaspersky "aveclient" if
it is installed; 0 if it is not.
+$Features{"Virus:CSAV"} is the full path to Command csav if it is installed;
+0 if it is not.
+
$Features{"Virus:FSAV"} is the full path to F-Secure fsav if it is installed;
0 if it is not.
@@ -1715,6 +1718,8 @@
.TP
.B message_contains_virus_nvcc()
.TP
+.B message_contains_virus_csav()
+.TP
.B message_contains_virus_fsav()
.TP
.B message_contains_virus_hbedv()
@@ -1749,6 +1754,9 @@
Bitdefender "bdc" - http://www.bitdefender.com/
.TP
.B fsav
+Command Anti-Virus - http://www.commandsoftware.com/
+.TP
+.B fsav
F-Secure Anti-Virus - http://www.f-secure.com/
.TP
.B hbedv
@@ -1817,6 +1825,8 @@
.TP
.B entity_contains_virus_nvcc($entity)
.TP
+.B entity_contains_virus_csav($entity)
+.TP
.B entity_contains_virus_fsav($entity)
.TP
.B entity_contains_virus_hbedv($entity)
@@ -2212,6 +2222,10 @@
.TP
.B o
+Command csav (http://www.commandsoftware.com)
+
+.TP
+.B o
F-Secure fsav (http://www.f-secure.com)
.TP
diff -u ../mimedefang-2.45/mimedefang.pl.in ../mimedefang-2.45-patched/mimedefang.pl.in
--- ../mimedefang-2.45/mimedefang.pl.in Wed Sep 22 11:50:35 2004
+++ ../mimedefang-2.45-patched/mimedefang.pl.in Thu Sep 30 14:28:20 2004
@@ -115,6 +115,7 @@
$Features{'Virus:SOPHOS'} = ('@SOPHOS@' ne '/bin/false' ? '@SOPHOS@' : 0);
$Features{'Virus:TREND'} = ('@TREND@' ne '/bin/false' ? '@TREND@' : 0);
$Features{'Virus:TROPHIE'} = ('@TROPHIE@' ne '/bin/false' ? '@TROPHIE@' : 0);
+$Features{'Virus:CSAV'} = ('@CSAV@' ne '/bin/false' ? '@CSAV@' : 0);
$Features{'Path:SENDMAIL'} = '@SENDMAILPROG@';
$Features{'Path:QUARANTINEDIR'} = '@QDIR@';
@@ -2626,6 +2627,107 @@
}
#***********************************************************************
+# %PROCEDURE: entity_contains_virus_csav
+# %ARGUMENTS:
+# entity -- a MIME entity
+# %RETURNS:
+# 1 if entity contains a virus as reported by Command Anti-Virus
+# %DESCRIPTION:
+# Runs the Command Anti-Virus program. (http://www.commandsoftware.com)
+#***********************************************************************
+sub entity_contains_virus_csav ($) {
+
+ unless($Features{'Virus:CSAV'}) {
+ md_syslog('err', "$MsgID: Command Anti-Virus not installed on this system");
+ return (wantarray ? (1, 'not-installed', 'tempfail') : 1);
+ }
+
+ my($entity) = @_;
+ my($body) = $entity->bodyhandle;
+
+ if (!defined($body)) {
+ return (wantarray ? (0, 'ok', 'ok') : 0);
+ }
+
+ # Get filename
+ my($path) = $body->path;
+ if (!defined($path)) {
+ return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+ }
+
+ # Run csav
+ my($code, $category, $action) =
+ run_virus_scanner($Features{'Virus:CSAV'} . " $path 2>&1");
+ if ($action ne 'proceed') {
+ return (wantarray ? ($code, $category, $action) : $code);
+ }
+
+ # csav return codes
+ return (wantarray ? interpret_csav_code($code) : $code);
+}
+
+#***********************************************************************
+# %PROCEDURE: message_contains_virus_csav
+# %ARGUMENTS:
+# Nothing
+# %RETURNS:
+# 1 if any file in the working directory contains a virus
+# %DESCRIPTION:
+# Runs the Command Anti-Virus program on the working directory
+#***********************************************************************
+sub message_contains_virus_csav () {
+
+ unless($Features{'Virus:CSAV'}) {
+ md_syslog('err', "$MsgID: Command Anti-Virus not installed on this system");
+ return (wantarray ? (1, 'not-installed', 'tempfail') : 1);
+ }
+
+ # Run csav
+ my($code, $category, $action) =
+ run_virus_scanner($Features{'Virus:CSAV'} . " ./Work 2>&1");
+ if ($action ne 'proceed') {
+ return (wantarray ? ($code, $category, $action) : $code);
+ }
+ # csav return codes
+ return (wantarray ? interpret_csav_code($code) : $code);
+}
+
+sub interpret_csav_code ($) {
+
+ my($code) = @_;
+ # OK
+ return ($code, 'ok', 'ok') if ($code == 50);
+
+ # Interrupted
+ return ($code, 'interrupted', 'tempfail') if ($code == 5);
+
+ # Out of memory
+ return ($code, 'swerr', 'tempfail') if ($code == 101);
+
+ # Suspicious files found
+ if ($code == 52) {
+ $VirusName = 'suspicious';
+ return ($code, 'suspicious', 'quarantine');
+ }
+
+ # Found a virus
+ if ($code == 51) {
+ $VirusName = $1 if ($CurrentVirusScannerMessage =~ m/infec.*\: (\S+)/i);
+ $VirusName = "unknown-CSAV-virus" if $VirusName eq "";
+ return ($code, 'virus', 'quarantine');
+ }
+
+ # Found a virus and disinfected
+ if ($code == 53) {
+ $VirusName = "unknown-CSAV-virus disinfected";
+ return ($code, 'virus', 'quarantine');
+ }
+
+ # Unknown exit code
+ return ($code, 'swerr', 'tempfail');
+}
+
+#***********************************************************************
# %PROCEDURE: entity_contains_virus_fsav
# %ARGUMENTS:
# entity -- a MIME entity
@@ -6480,6 +6582,11 @@
push @VirusScannerEntityRoutines, \&entity_contains_virus_fprot;
}
+ if ($Features{'Virus:CSAV'}) {
+ push @VirusScannerMessageRoutines, \&message_contains_virus_csav;
+ push @VirusScannerEntityRoutines, \&entity_contains_virus_csav;
+ }
+
if ($Features{'Virus:FSAV'}) {
push @VirusScannerMessageRoutines, \&message_contains_virus_fsav;
push @VirusScannerEntityRoutines, \&entity_contains_virus_fsav;
Common subdirectories: ../mimedefang-2.45/redhat and ../mimedefang-2.45-patched/redhat
Common subdirectories: ../mimedefang-2.45/tests and ../mimedefang-2.45-patched/tests
More information about the MIMEDefang
mailing list