Menu
▾
▴
Fw: [AMaViS-user] Missing "To" {recipient} info...
|
From: juaid <ju...@fa...> - 2001-03-28 16:28:15
|
Well, my last mail encouraged me to improve tge code for the subrutines I
made...
maybe there is a better way to do it, but it's quite simple and clear, and
works fine
I'm using it with amavis-perl10, so here's the code if anyone wants to use
it and get rid of messages which have no valid sender (as I said, it works
fine, but as always, use it at your own risk!!!):
First I defined some variablss in the beggining of the amavis script
(/usr/sbin/amavis in my case)
###### SNAP ######
#
# Define various constants
#
#
# Added variables
#
my $VIRUSFOUND = "";
my $IGNOREVIRUS = "no";
# List of viruses that arrive without a valid sender
my @VIRUSLIST = ('W32/Hybris.gen@MM','W95/MTX@M','W32/Magistr@MM');
###### END OF SNAP ######
Then I added at the end of the script my sub routine that gets the virus
name and defines if the virus should be discarded, without backuping nor
warning sender, recip and admin
###### SNAP ######
#
# Sub routine to get the virus name, and define if it should or not be
ignored
#
sub getVirus() {
# Obtain the virus name
open (OUTPUT,">> /var/tmp/output$VIRUSFILE");
print OUTPUT "$output";
close (OUTPUT);
open (OUTPUT,"/var/tmp/output$VIRUSFILE");
while (<OUTPUT>){
if ( $_ =~ /Found/ ) {
$_ =~ s/\s+Found the\s+//;
$_ =~ s/\s+virus \!\!\!\s+//;
$VIRUSFOUND = $_;
}
}
close (OUTPUT);
unlink ("/var/tmp/output$VIRUSFILE");
# If the virus that was found is defined
# in @VIRUSLIST set $IGNOREVIRUS = "yes"
# to ignore it, without backuping or warning
for ( my $i = 0; $i < @VIRUSLIST; $i++){
if ( $VIRUSFOUND =~ /$VIRUSLIST[$i]/ ){
$IGNOREVIRUS = "yes"
}
}
}
###### END OF SNAP ######
Finally, I added some conditions in the do_virus(@) sub routine to manage
this things
I also added a couple of lines in the routines that send the warning mails,
to include in them tha name of the virus that was found, but that is
something more of personal like, so I don't include it here..
###### SNAP ######
sub do_virus(@) {
my $output = shift;
# If a virus is found
# First we quarantine the original email messages
if ($TESTING ne "yes") {
# Call sub routine to get the virus name
# and define with $IGNOREVIRUS if ignore it or not
getVirus();
# If defined to backup, and the mail has a valid sender then
make the backup
if ($virusbackup eq "yes" && $IGNOREVIRUS eq "no") {
`mv $TEMPDIR/email.txt $QUARANTINE/$VIRUSFILE`;
do_debug("Virus quarantined as $VIRUSFILE\n");
do_log("Virus found - quarantined as $VIRUSFILE");
} else {
do_log("Virus found - not quarantined");
}
# If the mail has a valid sender then notify
if ( $IGNOREVIRUS eq "no" ){
# Virus tiene remitente valido
# asi que notifico
# Then we send email
warn_sender();
# warn_recip() is disabled by default because of possible
# problems with mailing lists. Enable only if you know what
# you're doing!
warn_recip();
# Notify admin
warn_admin($output);
}
# Finally, we bounce the message or pretend everything was
okay,
# depending on the MTA
do_exit($VIRUSERR, __LINE__);
} else {
do_exit(2, __LINE__);
}
}
###### END OF SNAP ######
cheers
juaid :)
----- Original Message -----
From: "juaid" <ju...@fa...>
To: <ama...@li...>
Sent: Wednesday, March 28, 2001 11:14 AM
Subject: Re: [AMaViS-user] Missing "To" {recipient} info...
That's right, one of those virus is the famous snowhite, but in these days
I've seen 2 more that act the same way..
What I did, is I made a subrutine that looks for the name of the virus
found.
Then if it matches one of the viruses in my list, it does not backup it, nor
even warn admin, recipient or sender.
If you want I can send you the code..
it could be coded better, I made it a bit in a hurry and I haven't
programmed in Perl for some time, so I have forgotten how to do some things
in better ways, but it works well.
just tell me if you want it
juaid :)
----- Original Message -----
From: "Klaus Muth" <mu...@ha...>
To: <ste...@kn...>
Cc: <ama...@li...>
Sent: Wednesday, March 28, 2001 4:04 AM
Subject: Re: [AMaViS-user] Missing "To" {recipient} info...
ste...@kn... wrote:
>
> Hello AMaVis users,
>
> I have recently installed AMaViS 0.2.1 on Solaris 2.6 with Sendmail
8.8.5/8.6.11
> and it seems to be working nicely with Sophos Anti-Virus (once I also
installed
> gawk and Gnu findutils) except that it seems to leave out the details on
the
> original recipient when a virus is detected...
Seems, You have caught Hybris. Hybris has its own SMTP client and sends
itself
witout any other help of the system (besides opening a network connection).
Result is a empty header.
> Does anyone have an idea what the problem might be here?
> Any help is appreciated, please reply directly to
ste...@kn... .
No help needed. The sender cannot be warned in other ways than finding
the IP address in the header and informing the ISP.
klaus
--
Klaus Muth
HAGOS eG Industriestr. 62 fon: (+49) 711 78805-86
EDV-Programmierung 70565 Stuttgart fax: (+49) 711 78805-35
http://www.hagos.de Germany mailto:mu...@ha...
_______________________________________________
AMaViS-user mailing list
AMa...@li...
http://lists.sourceforge.net/lists/listinfo/amavis-user
_______________________________________________
AMaViS-user mailing list
AMa...@li...
http://lists.sourceforge.net/lists/listinfo/amavis-user
|