--- mimedefang.pl.orig 2006-01-27 16:49:36.000000000 +0100 +++ mimedefang.pl 2006-01-27 16:52:10.000000000 +0100 @@ -147,6 +147,7 @@ $Features{'Virus:TREND'} = ('/bin/false' ne '/bin/false' ? '/bin/false' : 0); $Features{'Virus:TROPHIE'} = ('/bin/false' ne '/bin/false' ? '/bin/false' : 0); $Features{'Virus:CSAV'} = ('/bin/false' ne '/bin/false' ? '/bin/false' : 0); +$Features{'Virus:NOD32'} = ('/opt/nod32/nod32' ne '/bin/false' ? '/opt/nod32/nod32' : 0); $Features{'Path:SENDMAIL'} = '/opt/sendmail/sbin/sendmail'; $Features{'Path:QUARANTINEDIR'} = '/var/spool/MD-Quarantine'; @@ -4216,6 +4217,87 @@ return ($code, 'swerr', 'tempfail'); } + +#*********************************************************************** +# %PROCEDURE: entity_contains_virus_nod32 +# %ARGUMENTS: +# entity -- a MIME entity +# %RETURNS: +# 1 if entity contains a virus as reported by Trend Micro vscan +# %DESCRIPTION: +# Runs the nod32 av on the entity. +#*********************************************************************** +sub entity_contains_virus_nod32 ($) { + md_syslog('info', "Running nod32 on entity"); + unless ($Features{'Virus:NOD32'}) { + md_syslog('err', "$MsgID: NOD32 antivirus not installed on this system"); + return (wantarray ? (1, 'not-installed', 'tempfail') : 1); + } + + my($entity) = @_; + my($body) = $entity->bodyhandle; + + if (!defined($body)) { + return (wantarray ? (0, 'ok', 'ok') : 0); + } + + # Get filename + my($path) = $body->path; + if (!defined($path)) { + return (wantarray ? (999, 'swerr', 'tempfail') : 1); + } + + # Run antivir + my($code, $category, $action) = + run_virus_scanner($Features{'Virus:NOD32'} . " -all $path 2>&1", "Found "); + md_syslog('info', $Features{'Virus:NOD32'} . " -all $path 2>&1"); + if ($action ne 'proceed') { + return (wantarray ? ($code, $category, $action) : $code); + } + return (wantarray ? interpret_nod32_code ($code) : $code); +} +#*********************************************************************** +# %PROCEDURE: message_contains_virus_nod32 +# %ARGUMENTS: +# Nothing +# %RETURNS: +# 1 if any file in the working directory contains a virus +# %DESCRIPTION: +# Runs the nod32 av +#*********************************************************************** +sub message_contains_virus_nod32 () { + md_syslog('info', "Running nod32 on message"); + unless ($Features{'Virus:NOD32'}) { + md_syslog('err', "$MsgID: NOD32 Filescanner not installed on this system"); + return (wantarray ? (1, 'not-installed', 'tempfail') : 1); + } + + # Run nod32 + my($code, $category, $action) = + run_virus_scanner($Features{'Virus:NOD32'} . " -all ./Work/* 2>&1", "Found "); + md_syslog('info', $Features{'Virus:NOD32'} . " -all ./Work/* 2>&1"); + if ($action ne 'proceed') { + return (wantarray ? ($code, $category, $action) : $code); + } + return (wantarray ? interpret_nod32_code($code) : $code); +} + +sub interpret_nod32_code ($) { + my($code) = @_; + + # OK + return ($code, 'ok', 'ok') if ($code == 0); + + # virus found + if ($code >= 1 and $code < 10) { + $VirusName = "NOD32-virus"; + return ($code, 'virus', 'quarantine'); + } + + # Anything else shouldn't happen + return ($code, 'swerr', 'tempfail'); +} + #*********************************************************************** # %PROCEDURE: entity_contains_virus_trend # %ARGUMENTS: @@ -7024,6 +7106,11 @@ push @VirusScannerEntityRoutines, \&entity_contains_virus_trend; } + if ($Features{'Virus:NOD32'}) { + push @VirusScannerMessageRoutines, \&message_contains_virus_nod32; + push @VirusScannerEntityRoutines, \&entity_contains_virus_nod32; + } + } #***********************************************************************