Re: [Qmail-scanner-general] qscanner and roundcube

[Salvatore T. <to...@pu...>]

Hi

Have you check the logs to verify if the message pass through qmail-scanner?

Do you know how Roundcube sends the messages, through sendmail, 
qmail-inject...? You should need to set QMAILQUEUE variable for 
qmail-scanner in the process that Roudcube uses to send emails to 
ensure that they pass through qmail-scanner.

For example with Sqwebmail is done like this:
----------------------------
more /usr/sqwebmail/share/sqwebmail/sendit.sh
#!/bin/sh
#
# $1 will contain the return (or bounce) address for this mailboxid, as
# specified by auth.c
#
# $2 will contain the sqwebmail mailboxid of the sender (note that we're
# executing under whatever id auth.c sets for this mailboxid).  Furthermore,
# $REMOTE_ADDR will contain the IP address where the client is coming from
# (the rest of the CGI vars are available too).
#

QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
export QMAILQUEUE

# If you want to run spamassassin
#QS_SPAMASSASSIN="on"
#export QS_SPAMASSASSIN

QMAILUSER="$1"
export QMAILUSER

exec /var/qmail/bin/qmail-inject -hf "$1"
----------------------------

Kind regards

ST

At 23:03 +0000 5-12-2016, Petre wrote:
>Hi,
>
>I successfully use qmail and Qmail-Scanner, with clamav and spamassassin.
>I use courier-authlib, courier-imap and users are kept in ldap.
>I tried a few days ago roundcube as a webmail application and 
>observed a strange behavior: I can send emails with viruses and spam 
>in attachments. Squirrelmail and rainloop (and also other clients 
>like thunderbird) behaves normally, meaning that dangereous 
>attachments are successfully blocked by qmail-scanner.
>In logs I did't observe unusual things.
>
>Why the attachments are not blocked ?
>
>
>10x
>Pit