[Mimedefang] [PATCH] clamav does not filter all zipfiles/rarfiles
Martin Blapp
mb at imp.ch
Thu May 12 18:38:31 EDT 2005
Hi David,
there is currently a discussion in the clamav mailinglist about the
Input/Output error many users get with clamd. I've done a workaround
which works fairly well.
Can you include something (not tested, I've done a different patch) like this:
@@ -3714,7 +3714,7 @@
# Run clamscan
my($code, $category, $action) =
- run_virus_scanner($Features{'Virus:CLAMAV'} . " --mbox --stdout --disable-summary --infected $path 2>&1");
+ run_virus_scanner($Features{'Virus:CLAMAV'} . " --unzip --unrar --mbox --stdout --disable-summary --infected $path 2>&1");
if ($action ne 'proceed') {
return (wantarray ? ($code, $category, $action) : $code);
}
@@ -3738,7 +3738,7 @@
# Run clamscan
my($code, $category, $action) =
- run_virus_scanner($Features{'Virus:CLAMAV'} . " -r --mbox --stdout --disable-summary --infected ./Work 2>&1");
+ run_virus_scanner($Features{'Virus:CLAMAV'} . " -r --unzip --unrar --mbox --stdout --disable-summary --infected ./Work 2>&1");
if ($action ne 'proceed') {
return (wantarray ? ($code, $category, $action) : $code);
}
@@ -4455,8 +4455,21 @@
$VirusName = $1;
return (wantarray ? (1, 'virus', 'quarantine') : 1);
} elsif ($output =~ /^(.+) ERROR$/) {
- md_syslog('err', "$MsgID: Clamd returned error: $1");
- return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+ if ($1 =~ /(?:RAR module failure|Input\/Output error|Zip module failure)/) {
+ entity_contains_virus_clamav($entity);
+ if ($output =~ /: (.+) FOUND/) {
+ $VirusScannerMessages .= "clamscan found the $1 virus.\n";
+ $VirusName = $1;
+ return (wantarray ? (1, 'virus', 'quarantine') : 1);
+ } elsif ($output =~ /^(.+) ERROR$/) {
+ md_syslog('err', "$MsgID: Clamscan returned error: $1");
+ return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+ }
+ } else {
+ md_syslog('err', "$MsgID: Clamd returned error: $1");
+ return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+ }
+ }
}
And the same for message_contains_virus_clamd(). Of course Mimedefang then needs
dependencies to unzip and unrar. Maybe you could make that available dependent
if unzip and unrar are available ...
Else you'll get messages like this and some mails will never reach their
recipient ...
May 12 12:24:13 mx1 mimedefang.pl[7423]: j4CAO3Za051140: Clamd returned error:
/var/spool/MIMEDefang/mdefang-j4CAO3Za051140/Work/msg-7423-14.zip: Input/Output error
May 12 19:58:10 mx1 mimedefang.pl[91187]: j4CHw8Ip013621: Clamd returned error:
/var/spool/MIMEDefang/mdefang-j4CHw8Ip013621/Work/msg-91187-38.zip: Zip module failure
Martin
Martin Blapp, <mb at imp.ch> <mbr at FreeBSD.org>
------------------------------------------------------------------
ImproWare AG, UNIXSP & ISP, Zurlindenstrasse 29, 4133 Pratteln, CH
Phone: +41 61 826 93 00 Fax: +41 61 826 93 01
PGP: <finger -l mbr at freebsd.org>
PGP Fingerprint: B434 53FC C87C FE7B 0A18 B84C 8686 EF22 D300 551E
------------------------------------------------------------------
More information about the MIMEDefang
mailing list