Joey Kelly <joey@joeykelly.net> writes:
> If all you've got is procmail (you don't admin the box, or
> won't/can't set up site-wide filtering, this works just as good, I
> suppose.
After getting more than my fair share of viruses, I set up clamscan
on my server. Here's a script that should come in handy for use
with procmail:
#!/bin/sh
tempfile=`tempfile`
cat - >> $tempfile
mkdir ${tempfile}-check
cd ${tempfile}-check
cat $tempfile | reformime -xpart-
clamscan --threads=1 --disable-summary --quiet
virus=$?
if [ $virus -eq 1 ]; then
cat $tempfile | formail -a "X-Virus-Found: YES"
else
cat $tempfile
fi
rm -rf $tempfile ${tempfile}-*
If you only have a shell account, you can set up clamscan in your own
directory and use it there. Don't forget to run freshclam
periodically (in cron, hopefully, by hand, if necessary) to update
your virus signatures.
I'm not exactly sure about how to call this from procmail, but it
would be something similar to a call to spamc. So, if the above
script were /usr/local/bin/virus-check:
:0fw
| /usr/local/bin/virus-check
:0:
* ^X-Virus-Found:.*YES
Virus
:0fw
| /usr/bin/spamc
:0:
* ^X-Spam-Flag:.*YES
Spam
Note that delivery of virus messages should happen before SA is
invoked. This saves some load on the machine.
Mark.
___________________
Nolug mailing list
nolug@nolug.org
Received on 09/19/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST