Re: [Nolug] Re: SpamAssassin and Dialup

From: Mark A. Hershberger <mah_at_everybody.org>
Date: Fri, 19 Sep 2003 22:42:29 -0500
Message-ID: <87u178cehm.fsf@weblog.localhost>

Joey Kelly <joey@joeykelly.net> writes:

> If all you've got is procmail (you don't admin the box, or
> won't/can't set up site-wide filtering, this works just as good, I
> suppose.

After getting more than my fair share of viruses, I set up clamscan
on my server. Here's a script that should come in handy for use
with procmail:

    #!/bin/sh

    tempfile=`tempfile`
    cat - >> $tempfile

    mkdir ${tempfile}-check
    cd ${tempfile}-check

    cat $tempfile | reformime -xpart-
    clamscan --threads=1 --disable-summary --quiet
    virus=$?

    if [ $virus -eq 1 ]; then
      cat $tempfile | formail -a "X-Virus-Found: YES"
    else
      cat $tempfile
    fi

    rm -rf $tempfile ${tempfile}-*

If you only have a shell account, you can set up clamscan in your own
directory and use it there. Don't forget to run freshclam
periodically (in cron, hopefully, by hand, if necessary) to update
your virus signatures.

I'm not exactly sure about how to call this from procmail, but it
would be something similar to a call to spamc. So, if the above
script were /usr/local/bin/virus-check:

       :0fw
       | /usr/local/bin/virus-check

       :0:
       * ^X-Virus-Found:.*YES
       Virus

       :0fw
       | /usr/bin/spamc

       :0:
       * ^X-Spam-Flag:.*YES
       Spam

Note that delivery of virus messages should happen before SA is
invoked. This saves some load on the machine.

Mark.
___________________
Nolug mailing list
nolug@nolug.org
Received on 09/19/03

This archive was generated by hypermail 2.2.0 : 12/19/08 EST