From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Jun 27 10:30:46 2006 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E2D216A40A for ; Tue, 27 Jun 2006 10:30:46 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 787BD43D77 for ; Tue, 27 Jun 2006 10:30:32 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k5RAUWlv052905 for ; Tue, 27 Jun 2006 10:30:32 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k5RAUWC3052904; Tue, 27 Jun 2006 10:30:32 GMT (envelope-from gnats) Resent-Date: Tue, 27 Jun 2006 10:30:32 GMT Resent-Message-Id: <200606271030.k5RAUWC3052904@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Polnsutee Thanesniratsai Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 303C716A40B for ; Tue, 27 Jun 2006 10:29:03 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5FF5D43D64 for ; Tue, 27 Jun 2006 10:28:52 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id k5RASpCh019632 for ; Tue, 27 Jun 2006 10:28:51 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id k5RASptj019631; Tue, 27 Jun 2006 10:28:51 GMT (envelope-from nobody) Message-Id: <200606271028.k5RASptj019631@www.freebsd.org> Date: Tue, 27 Jun 2006 10:28:51 GMT From: Polnsutee Thanesniratsai To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Cc: Subject: ports/99535: New port: mail/qmail-scanner2 qmail-scanner2 with st patch X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jun 2006 10:30:46 -0000 >Number: 99535 >Category: ports >Synopsis: New port: mail/qmail-scanner2 qmail-scanner2 with st patch >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Jun 27 10:30:31 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Polnsutee Thanesniratsai >Release: FreeBSD 6.0-RELEASE >Organization: ThaiCERT >Environment: FreeBSD bangkok.thaicert.org 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Nov 3 09:36:13 UTC 2005 root@x64.samsco.home:/usr/obj/usr/src/sys/GENERIC i386 >Description: qmail-scanner2 with st patch is e-mail content scanner that enables a qmail server to scan all messages it receives for certain characteristics (normally viruses), and react accordingly. If you have a commercial virus scanner (eg, Sophos sweep, McAfee uvscan, etc) installed when you build qmail-scanner, qmail-scanner will configure itself to use that. Otherwise, it will only use its internal content filter which only allows you to block mail based on text in the subject/body, general types of attachments, etc. WWW: http://qmail-scanner.sourceforge.net/ and all decription about st patch is on http://toribio.apollinare.org/qmail-scanner/ >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # /usr/ports/mail/qmail-scanner2 # /usr/ports/mail/qmail-scanner2/files # /usr/ports/mail/qmail-scanner2/files/patch-sub-vexira.pl # /usr/ports/mail/qmail-scanner2/files/patch-avgd.template # /usr/ports/mail/qmail-scanner2/files/patch-configure # /usr/ports/mail/qmail-scanner2/files/patch-log-report.sh # /usr/ports/mail/qmail-scanner2/files/patch-README.html # /usr/ports/mail/qmail-scanner2/files/patch-sub-attachments.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-avp.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-bitdefender.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-clamdscan.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-clamscan.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-csav.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-fprot.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-fsecure.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-hbedv.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-inocucmd.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-iscan.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-nod32.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-normalize.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-patch-st.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-ravlin.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-sophie.template # /usr/ports/mail/qmail-scanner2/files/patch-sub-spamassassin.pl # /usr/ports/mail/qmail-scanner2/files/patch-sub-sweep.template # /usr/ports/mail/qmail-scanner2/files/patch-sub-trophie.template # /usr/ports/mail/qmail-scanner2/files/patch-sub-uvscan.pl # /usr/ports/mail/qmail-scanner2/files/patch-aab.js # /usr/ports/mail/qmail-scanner2/files/patch-qmail-scanner-queue.template # /usr/ports/mail/qmail-scanner2/Makefile # /usr/ports/mail/qmail-scanner2/distinfo # /usr/ports/mail/qmail-scanner2/pkg-install # /usr/ports/mail/qmail-scanner2/pkg-message # /usr/ports/mail/qmail-scanner2/pkg-plist # /usr/ports/mail/qmail-scanner2/pkg-descr # echo c - /usr/ports/mail/qmail-scanner2 mkdir -p /usr/ports/mail/qmail-scanner2 > /dev/null 2>&1 echo c - /usr/ports/mail/qmail-scanner2/files mkdir -p /usr/ports/mail/qmail-scanner2/files > /dev/null 2>&1 echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-vexira.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-vexira.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-vexira.pl' X--- sub-vexira.pl.orig Mon Sep 27 07:15:48 2004 X+++ sub-vexira.pl Tue Jun 20 07:56:14 2006 X@@ -17,6 +17,7 @@ X if ($DD =~ /^\s+ALERT: \[([^\]]+)\]/m) { X $quarantine_description=$1; X &debug("vexira_scanner: There be a virus! ($quarantine_description)"); X+ &minidebug("vexira_scanner: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="VEX:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---vexira results ---\n$DD"; X@@ -39,4 +40,5 @@ X $stop_vexira_time=[gettimeofday]; X $vexira_time = tv_interval ($start_vexira_time, $stop_vexira_time); X &debug("vexira_scanner: finished scan of dir \"$ENV{'TMPDIR'}\" in $vexira_time secs"); X+ &minidebug("vexira_scanner: finished scan in $vexira_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-vexira.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-avgd.template sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-avgd.template << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-avgd.template' X--- sub-avgd.template.orig Thu May 19 05:35:38 2005 X+++ sub-avgd.template Tue Jun 20 07:56:14 2006 X@@ -17,6 +17,7 @@ X if ( ! socket( AVG_SOCK, PF_INET, SOCK_STREAM, $proto ) ) X { X &debug( "AVG Anti-Virus daemon: could not create socket \($!\)\n" ); X+ &minidebug( "AVG Anti-Virus daemon: could not create socket \($!\)\n" ); X &error_condition( "AVG Anti-Virus daemon: could not create socket \($!\)\n" ); X } X X@@ -24,6 +25,7 @@ X if ( ! connect( AVG_SOCK, $paddr ) ) X { X &debug( "AVG Anti-Virus daemon: could not connect to daemon on 127.0.0.1:AVGD_PORT \($!\)\n" ); X+ &minidebug( "AVG Anti-Virus daemon: could not connect to daemon on 127.0.0.1:AVGD_PORT \($!\)\n" ); X &error_condition( "AVG Anti-Virus daemon: could not connect to daemon on 127.0.0.1:AVGD_PORT \($!\)\n" ); X } X X@@ -33,6 +35,7 @@ X if ( ! sysread( AVG_SOCK, $buffer, 256 ) ) X { X &debug( "AVG Anti-Virus daemon: sysread failed \($!\)\n" ); X+ &minidebug( "AVG Anti-Virus daemon: sysread failed \($!\)\n" ); X &error_condition( "AVG Anti-Virus daemon: sysread failed \($!\)\n" ); X } X $output .= $buffer; X@@ -43,6 +46,7 @@ X if ( ! syswrite( AVG_SOCK, $command, length( $command ) ) ) X { X &debug( "AVG Anti-Virus daemon: syswrite failed \($!\)\n" ); X+ &minidebug( "AVG Anti-Virus daemon: syswrite failed \($!\)\n" ); X &error_condition( "AVG Anti-Virus daemon: syswrite failed \($!\)\n" ); X } X X@@ -52,6 +56,7 @@ X if ( ! sysread( AVG_SOCK, $buffer, 256 ) ) X { X &debug( "AVG Anti-Virus daemon: sysread failed \($!\)\n" ); X+ &minidebug( "AVG Anti-Virus daemon: sysread failed \($!\)\n" ); X &error_condition( "AVG Anti-Virus daemon: sysread failed \($!\)\n" ); X } X $output .= $buffer; X@@ -62,6 +67,7 @@ X if ( ! close( AVG_SOCK ) ) X { X &debug( "AVG Anti-Virus daemon: socket close failed \($!\)\n" ); X+ &minidebug( "AVG Anti-Virus daemon: socket close failed \($!\)\n" ); X &error_condition( "AVG Anti-Virus daemon: socket close failed \($!\)\n" ); X } X X@@ -83,12 +89,15 @@ X $description .= "$output"; X $quarantine_event = $quarantine_description; X $quarantine_event = "AVG Anti-Virus: ".substr( $quarantine_event, 0, $QE_LEN ); X+ &debug( "AVG Anti-Virus daemon: there be a virus! ($quarantine_description)" ); X+ &minidebug( "AVG Anti-Virus daemon: there be a virus! ($quarantine_description)" ); X } elsif ( @no_virus ) { X # no virus found X &debug( "AVG Anti-Virus daemon: $path is clean!" ); X } else { X # error X &debug( "AVG Anti-Virus daemon: scanner failure \($output\)\n" ); X+ &minidebug( "AVG Anti-Virus daemon: scanner failure \($output\)\n" ); X &error_condition( "AVG Anti-Virus daemon: scanner failure \($output\)\n" ); X } X X@@ -96,4 +105,5 @@ X $avgd_time = tv_interval( $start_avgd_time, $stop_avgd_time ); X X &debug( "AVG Anti-Virus daemon: finished scan of dir\"$path\" in $avgd_time secs" ); X+ &minidebug( "AVG Anti-Virus daemon: finished scan in $avgd_time secs" ); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-avgd.template echo x - /usr/ports/mail/qmail-scanner2/files/patch-configure sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-configure << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-configure' X--- configure.orig Wed Apr 5 04:37:03 2006 X+++ configure Tue Jun 20 07:56:14 2006 X@@ -14,17 +14,20 @@ X LANG=C X export LANG OLD_LANG X X-QS_VERSION=`grep 'my $VERSION' qmail-scanner-queue.template|cut -d= -f2|sed -e 's/\"//g' -e 's/\;//g'` X+JH_VERSION=`grep 'my $VERSION' qmail-scanner-queue.template|cut -d= -f2|sed -e 's/\"//g' -e 's/\;//g'` X+ST_VERSION=`grep 'my $st_version' qmail-scanner-queue.template|cut -d= -f2|sed -e 's/\"//g' -e 's/\;//g'` X+QS_VERSION="$JH_VERSION-$ST_VERSION" X X export QS_VERSION X X-echo "Building Qmail-Scanner $QS_VERSION..." X+echo X+echo " Building Qmail-Scanner $QS_VERSION..." X X if [ "`id |grep root`" = "" ]; then X cat<&2 X X+ Invalid option: $1 [ --help is a valid option ;-) ] X+ X valid options: X- --qs-user User that Qmail-Scanner runs as (default: $QS_USER) X- --qmaildir defaults to $QMAILDIR/ X- --spooldir defaults to $SPOOLDIR/ X- --bindir where to install Qmail-Scanner programs X- Defaults to /var/qmail/bin/ X- --admin user to Email alerts to (default: $USERNAME) X- --domain "user"@"domain" makes up Email address X- to Email alerts to. X- --admin-description Defaults to: X- "$ADMIN_DESCRIPTION" X- - this plus "--admin" and X- "--domain" settings are used X- to construct the From: line X- in any e-mails generated by Q-S X+ X+ --qs-user (default: qscand) X+ User that Qmail-Scanner runs as X+ X+ --qs-group (default: same as qs-user) X+ Group of the user that Qmail-Scanner runs as X+ X+ --qmaildir (defaults to /var/qmail) X+ X+ --spooldir (defaults to $SPOOLDIR) X+ X+ --bindir (defaults to /var/qmail/bin) X+ Where to install Qmail-Scanner programs X+ X+ --admin (default: $USERNAME) X+ User to Email alerts to X+ X+ --domain X+ "user"@"domain" makes up Email address to Email alerts to X+ X+ --admin-description <"description"> (default: "System Anti-Virus Administrator") X+ From line information used when making reports, the input X+ must be quoted. i.e. --admin-description "Antivirus Admin" X+ X --scanners X- Defaults to "auto" - will use X- whatever scanners are found on system. X- Use this option to override "auto" - set X- to one or more of the following: X- X-auto,none,$SUPPORTED_SCANNERS X- X- Note the special-case "none". This X- will disable all but the internal X- perlscanner module. X- X- --skip-text-msgs [yes|no] Defaults to "yes" - Q-S will skip X- running any anti-virus scanners on X- any messages it works out are text-only. X- i.e. don't have any attachments. X- Set to "no" if you want them to be scanned X- anyway. X- X- --normalize [yes|no] Defaults to "$NORMALIZE_MSG". X- This decides if base64/qp attachment X- filenames and/or Subject: headers should X- be "normalized" back to their decoded form X- before being checked against entries in X- quarantine-events.txt. X- X- --notify "none|sender|recips|precips|admin|nmladm|nmlvadm|all" X- Defaults to "$NOTIFY_ADDRESSES". X- Comma-separated list (no spaces!) X- of addresses to which alerts should X- be sent to. "nmladm" means only X- notify admin for "user infections", X- i.e. non-mailing-list mail. X- "nmlvadm" is the same as nmladm - except X- that it also doesn't notify for viral X- e-mails. i.e. just "policy" quarantines get X- e-mails. This allows you to still notify X- people when an e-mail is blocked due to X- a policy decision (such as blocking X- password-protected zip files), but a X- message tagged as viral by an AV system X- will *not* trigger notification. X- Similarly, "psender"/"precips" means notify X- the sender/recips only if their e-mail was X- blocked for policy reasons. i.e. if an AV X- system found a virus, then don't notify X- the sender/recip as the address was X- probably forged. X- --local-domains "one.domain,two.domain" X- Defaults to the X- value of the "--domain" setting. X- Comma-separated list (no spaces!) X- of domains that are classified as X- "local". This is needed to ensure X- alerts are only sent to local users X- and not remote when '--notify "*recips"' X- is chosen. This will dramatically X- reduce the chance of alerts being X- sent to mailing-lists. X- --silent-viruses "virus1,virus2" Depreciated. Defaults to "auto". X- This option allows you to tell X- Qmail-Scanner *not* to notify X- senders when it quarantines one X- of these viruses. Viruses such X- as Klez alter the sender address X- so that it has no relation to the X- actual sender - so there's no point X- in responding to Klez messages - it X- just confuses people. The admin and X- recips will still be notified as set X- by "--notify". X- Use this option to override "auto". X- By default this is set to: X- $SILENT_VIRUSES. X- Typically not needed anymore, as X- by default alerts are no longer sent X- anyway. X- --sa-quarantine "X" Disabled by default. If you have X- SpamAssassin installed and enabled, then X- configuring this allows you to quarantine X- SPAM that is more than +X points than X- the "required_hits" value (typically "5"). X- If you want to use this, a good starting point X- might be "--sa-quarantine 5" X- i.e. for required_hits=5, a score of 10 (5+5) X- gets the message quarantined instead of X- delivered to the end-user. E-mail X- alerts are NEVER generated for SPAM, and X- they are quarantined into the "./spam/" X- maildir instead of the "./viruses/" X- maildir where viruses go. X- --lang "$LANGUAGES" X- Defaults to $QSLANG. X- --archive [yes|no|regex] Defaults to "no". Whether to archive mail after X- it as been processed. If "yes", all copies of X- processed mail will be moved into the maildir X- "$SPOOLDIR/$ARCHIVEDIR/". Any other string besides X- "yes" and "no" will be treated as a REGEX. Only mail X- from or to an address that contains that regex will X- be archived. e.g. "jhaar|harry" or "\@our.domain". X- Be careful with this option, a badly written regex X- will cause Qmail-Scanner to crash. X- --redundant [yes|no] Defaults to "yes". Whether or not to let the scanners X- also scan any zip files and the original "raw" Email X- file. X- --max-scan-size [number] X- Defaults to 100Mbytes X- Email messages (raw size) larger than this X- number (in bytes) will skip all AV and Spam X- scanning checks. It's to stop Q-S scanning X- 300Mbyte TIFF file messages and the like. X- --log-details [yes|syslog|no] Whether or not to log to mailstats.csv/via X- syslog the attachment structure of every Email X- message. Logs to "syslog" by default. X- --log-crypto [yes|no] Defaults to "no". Whether or not to log the presence X- of cryptographic (both signing and encrypting) X- technologies in the "log-details". Q-S can flag X- PGP, S/MIME and password-protected zip files. This X- is informational logging only. X- --fix-mime [yes|no|num] Defaults to "yes". Whether or not to attempt to X- "fix" broken MIME messages before doing anything X- else. Should be safe, but *may* break some X- strange, old mailers (none known yet). If you see blocks X- occurring due to this setting, try "--fix-mime 1" first X- before "--fix-mime no". X- --ignore-eol-check [yes|no] Defaults to "no". Making this "yes" stops Qmail-Scanner X- from treating "\r" or "\0" chars in the headers of X- MIME mail messages as being suspicious enough to quarantine X- mail over. Some sites receive so much broken e-mail that this X- option has been created so that they can still receive such X- messages without having to be as drastic as to "--fix-mime no" X- - which disables all sorts of other good stuff. Use only if you X- have to. X- X- --add-dscr-hdrs [yes|no|all] Defaults to "no". This adds the now old-fashion X- X-Qmail-Scanner headers to the message. "all" adds X- the "rcpt to" headers too - this is a privacy hole. X- --debug [yes|no] Whether or not debugging is turned on. On (yes) X- by default. Can be also set to a number. Numbers X- over 100 cause Q-S to not cleanup working files X- - thus allowing for offline debugging... X- --unzip [yes|no] Whether or not to forcibly unzip all zip files. Off X- by default as most AV's do unzip'ping themselves. X- --max-zip-size [number] Defaults to 1 Gbytes. X- This setting allows you to control the maximum size you X- are willing to allow zip file attachments to unpack to. X- This is to enable you to limit DoS attacks against your X- Qmail-Scanner installation (someone could send you a small zip X- file that unpacks to Gbytes of useless files - filling your harddisk). X- Set to whatever value you think is appropriate for your system. The X- default value of 1Gb is set so large so as not to assume anything about X- your system - YOU WILL NEED TO SET THIS VALUE IN ORDER TO GAIN ANY X- PROTECTION. Something like "100000000" (100 Mb) might be appropriate. X- --batch Do not confirm configure information (mainly for scripting) X- --install Create directory paths, install perl script, X- and change ownerships to match. X- --mime-unpacker "reformime" Defaults to reformime. X+ Defaults to "auto" - will use whatever scanners are found X+ on system. X+ Use this option to override "auto" - set to one or more X+ of the following: X+ X+ [auto|none|$SUPPORTED_SCANNERS] X+ X+ Note the special-case "none". This will disable all but X+ the internal perlscanner module. X+ X+ --skip-text-msgs [yes|no] (defaults to "yes") X+ Q-S will skip running any anti-virus scanner on any messages X+ it works out are text-only. i.e. don't have any attachments. X+ Set to "no" if you want them to be scanned anyway. X+ X+ --normalize [yes|no] (defaults to "$NORMALIZE_MSG") X+ This decides if base64/qp attachment X+ filenames and/or Subject: headers should X+ be "normalized" back to their decoded form X+ before being checked against entries in X+ quarantine-events.txt. X+ X+ --notify [none|sender|recips|precips|admin|nmladm|nmlvadm|all] (defaults to "$NOTIFY_ADDRESSES") X+ Comma-separated list (no spaces!) of addresses to which X+ alerts should be sent to. "nmladm" means only notify X+ admin for "user infections", X+ i.e. non-mailing-list mail. X+ "nmlvadm" is the same as nmladm - except that it also doesn't X+ notify for viral e-mails. X+ i.e. just "policy" quarantines get e-mails. X+ This allows you to still notify people when an e-mail is X+ blocked due to a policy decision (such as blocking X+ password-protected zip files), but a message tagged as viral X+ by an AV system will *not* trigger notification. X+ Similarly, "psender"/"precips" means notify the X+ sender/recips only if their e-mail was blocked for policy X+ reasons. i.e. if an AV system found a virus, then don't X+ notify the sender/recip as the address was probably forged. X+ X+ --local-domains "one.domain,two.domain" X+ Defaults to the value of the "--domain" setting. X+ Comma-separated list (no spaces!) of domains that are X+ classified as "local". This is needed to ensure alerts X+ are only sent to local users and not remote when X+ '--notify "*recips"' is chosen. This will drastically X+ reduce the chance of alerts being sent to mailing-lists. X+ X+ --silent-viruses "virus1,virus2" (defaults to "auto") X+ (This option is almost deprecated) X+ This option allows you to tell Qmail-Scanner *not* to X+ notify senders when it quarantines one of these viruses. X+ Viruses such as Klez alter the sender address so that it X+ has no relation to the actual sender - so there's no point X+ in responding to Klez messages - it just confuses people. X+ The admin and recips will still be notified as set X+ by "--notify". Use this option to override "auto". X+ By default this is set to: X+ "$SILENT_VIRUSES" X+ X+ --lang (defaults to "$QSLANG") X+ "$LANGUAGES" X+ X+ --archive [yes|no|regex] (defaults to "no") X+ Whether to archive mail after it as been processed. X+ If "yes", all copies of processed mail will be moved into X+ the maildir "$SPOOLDIR/$ARCHIVEDIR/". X+ Any other string besides "yes" and "no" will be treated X+ as a REGEX. Only mail from or to an address that contains X+ that regex will be archived. e.g. "jhaar|harry" or X+ "\@our.domain". X+ Be careful with this option, a badly written regex X+ will cause Qmail-Scanner to crash. X+ X+ --redundant [yes|no] (defaults to "yes") X+ Whether or not to let the scanners also scan any zip files X+ and the original "raw" Email file. X+ X+ --unzip [yes|no] (defaults to "no" - off) X+ Whether or not to forcibly unzip all zip files. X+ Off by default as most AV's do unzip'ping themselves. X+ X+ --max-zip-size (defaults to 1 Gbytes) X+ This setting allows you to control the maximum size you X+ are willing to allow zip file attachments to unpack to. X+ This is to enable you to limit DoS attacks against your X+ Qmail-Scanner installation (someone could send you a small X+ zip file that unpacks to Gbytes of useless files - filling X+ your harddisk). Set to whatever value you think is X+ appropriate for your system. The default value of 1Gb is X+ set so large so as not to assume anything about your X+ system - YOU WILL NEED TO SET THIS VALUE IN ORDER TO GAIN X+ ANY PROTECTION. X+ Something like "100000000" (100 Mb) might be appropriate. X+ X+ --max-unpacked-files (defaults to 10000 files) X+ X+ --max-scan-size (defaults to 100 Mbytes) X+ Email messages (raw size) larger than this X+ number (in bytes) will skip all AV and Spam X+ scanning checks. It's to stop Q-S scanning X+ 300Mbyte TIFF file messages and the like. X+ X+ --log-crypto [yes|no] (defaults to "no") X+ Whether or not to log the presence X+ of cryptographic (both signing and encrypting) X+ technologies in the "log-details". Q-S can flag X+ PGP, S/MIME and password-protected zip files. This X+ is informational logging only. X+ X+ --fix-mime [yes|no|num] (defaults to "2") X+ Whether or not to attempt to "fix" broken MIME messages X+ before doing anything else. Should be safe, but *may* break X+ some strange, old mailers (none known yet). If you see X+ blocks occurring due to this setting, try "--fix-mime 1" X+ first before "--fix-mime no". X+ Defaults to "2" enables a bunch of extra MIME checks that X+ have proven to be very useful. X+ X+ --ignore-eol-check [yes|no] (defaults to "no") X+ Making this "yes" stops Qmail-Scanner X+ from treating "\r" or "\0" chars in the headers of X+ MIME mail messages as being suspicious enough to quarantine X+ mail over. X+ st: Unfortunately there are too many mailers that send X+ some "\r" in their headers so, the option is enabled X+ by default. X+ X+ --add-dscr-hdrs [yes|no|all] (defaults to "no") X+ This adds the now old-fashion X-Qmail-Scanner headers to X+ the message. "all" adds the "rcpt to" headers too - this is X+ a privacy hole. X+ X+ --dscr-hdrs-text <"Descrip-Headers-Text"> (defaults to "X-Qmail-Scanner") X+ Input must be quoted and must not contain spaces. X+ i.e. --dscr-hdrs-text "X-Antivirus-MYDOMAIN" X+ X+ --log-details [yes|syslog|no] (defaults to "syslog") X+ Whether or not to log to mailstats.csv/via syslog the X+ attachment structure of every Email message. X+ X+ --debug [yes|no] (defaults to "no" - off) X+ Whether or not debugging is turned on. Can be also set to X+ a number. Numbers over 100 cause Q-S to not cleanup working X+ files. Thus allowing for offline debugging... X+ X+ --minidebug [yes|no|1|2] (default: 1) X+ Logs only important information, mail headers, blocks, X+ errors and elapsed time. If set to 2, it will log the X+ parent pid (ppid) and the message size. X+ X+ --batch [yes|no] (default: no = ask for confirm) X+ Do not confirm configure information (mainly for scripting) X+ Set to yes if you are doing scripting. X+ X+ --install [yes|no] (default: no) X+ Create directory paths, install perl script, and X+ change ownerships to match. X+ X+ --mime-unpacker "reformime" (defaults to reformime) X+ X+ X+ --settings-per-domain [yes|no] (defaults to "no") X+ Enable or disable the domain-wise mode, each user/domain X+ will have a customized settings (@scanner_array and X+ sa_settings). If the user/domain haven't a custom X+ settings, qmail-scanner will fall to the defaults X+ site settings (@scanner_array and sa_site_settings). X+ X+ --virus-to-delete [yes|no] (defaults to "no") X+ Enable this option if you want to delete some viruses X+ (i.e. mydoom) without notifying anyone. If you don't enable X+ it now, you can later edit qmail-scanner-queue.pl and add X+ the virus you want to the list virus_to_delete. X+ X+ --spamdir (defaults to "$SPAM_MAILDIR") X+ This will be the maildir directory structure X+ into which spam mails are quarantined X+ (under $SPOOLDIR/quarantine/$SPAM_MAILDIR) X+ It is possible to set it per user/domain enabling the X+ feature settings-per-domain, see the docs. X+ X+ --sa-sql [yes|no] (defaults to "no") X+ Whether to run spamassassin with the 'rcpt to' as option, X+ only useful if you are running spamassassin with user X+ settings in mysql. X+ If you enable 'settings-per-domain' a message with multiples X+ recipients will be scanned for each recipient with his X+ own spamassassin settings. X+ X+ --sa-delta [num] (default: 0) X+ If $spamc_subject is defined, and fast_spamassassin mode is X+ selected, a tag will be added to the subject indicating how X+ the message is to be considered as spam, in this way: X+ LOW: required_hits < score < required_hits + sa_delta X+ MEDIUM: required_hits + sa_delta < score < required_hits + 2 * sa_delta X+ HIGH: required_hits + 2 * sa_delta < score X+ Be aware, sa_max+2*sa_delta must be lower than sa_quarantine. X+ 'required_hits' is the value set in the SpamAssassin X+ configuration file. X+ X+ --sa-subject <"some text"> (defaults to nothing) X+ This is an alternative way to set the tag that qmail-scanner X+ add to subject of spam mails, to some text. X+ Spamassassin must be working in *fast_spamassassin* mode X+ Be sure that is better to tag the subject, of spam messages, X+ through qmail-scanner than with the rewrite_subject X+ of SpamAssassin. X+ The input must be quoted i.e. "SPAM *** ". X+ X+ --sa-forward (defaults to nothing) X+ User to redirect spam mails 'being quarantined' for X+ admin purposes... X+ The message is forwarded almost unmodified so you can X+ use 'sa-learn' with them. X+ If you prefer that the message includes the spam headers X+ enable the next option. X+ (i.e. --sa-forward antispam@mydomain.com) X+ X+ --sa-fwd-verbose [yes|no] (default: no) X+ Whether to add the X-Spam headers to the forwarded message. X+ X+ --sa-quarantine [num] (default: 0) X+ Spam messages with a score higher than X+ (required_hits + sa_quarantine) should be quarantined. X+ Only relevant if SpamAssassin is used. X+ Score of 0 means deliver all messages. X+ X+ --sa-delete [num] (default: 0) X+ Spam messages with a score higher than X+ (required_hits + sa_delete) should be deleted. X+ Only relevant if SpamAssassin is used. X+ Score of 0 means deliver all messages. X+ X+ --sa-reject [yes|no] (default: no) X+ If you enable sa-reject and sa-delete is properly set, X+ messages with a score higher than sa-delete will be rejected X+ before the smtp session is closed. Otherwise they are just X+ dropped silently. (1/0) X+ X+ --sa-alt [yes|no] (default: no) X+ Use the alternative subroutine for spamassassin, it runs in X+ *fast_spamassassin* mode and doesn't pass the '-u' option X+ to spamc. (1/0) X+ X+ --sa-debug [yes|no] (default: no) X+ If sa-alt is enabled an you enable this option, you will X+ have a beautiful log with the tests and the scores of X+ spamassassin in the file qmail-queue.log (1/0) X+ X+ --sa-report [yes|no] (default: no) X+ If sa-alt and sa-debug are enabled you can add X+ the X-Spam-Report header to the messages enabling X+ this option. X+ X+ --sa-socket (defaults to nothing) X+ Actually the configure script can automatically discover X+ if spamd is running in unix-socket mode, but, X+ if for some reasson the socket couldn't be X+ found properly you can set the path with this option. X+ i.e. --sa-socket /var/run/spamd X X **************** X Rarely Used X **************** X X- --no-QQ-check Do not check that the QMAILQUEUE patch is installed. X- This explicitly disables any "--install" reference X- as that is NOT POSSIBLE with a manual install. X- Use ONLY IF YOU MUST. The QMAILQUEUE patch is REALLY X- a GOOD THING!!!! X- X- --skip-setuid-test don't test for setuid perl. Only of use for those wanting X- to run the C-wrapper version. X- X- --qmail-queue-binary Set this to the FULL PATH to the Qmail qmail-queue X- binary. This is only EVER set when doing a manual X- install. X+ --no-QQ-check X+ Do not check that the QMAILQUEUE patch is installed. X+ This explicitly disables any "--install" reference X+ as that is NOT POSSIBLE with a manual install. X+ Use ONLY IF YOU MUST. The QMAILQUEUE patch is REALLY X+ a GOOD THING!!!! X+ X+ --skip-setuid-test X+ don't test for setuid perl. Only of use for those wanting X+ to run the C-wrapper version. X+ X+ --qmail-queue-binary X+ Set this to the FULL PATH to the Qmail qmail-queue X+ binary. This is only EVER set when doing a manual install. X X X This script must be run as root so it can detect problems with setuid X perl scripts! X X-invalid option: $1 X+invalid option: $1 [ --help is a valid option ;-) ] X X See above for the valid options X X@@ -355,23 +554,43 @@ X shift X done X X-DD="`id $QS_USER 2>/dev/null`" X+if [ "$QS_GROUP" = "" ]; then QS_GROUP=$QS_USER ; fi X X-if [ "$DD" = "" ]; then X- cat< $TMP_DIR/eicar.com X-chown $QS_USER:$QS_USER $TMP_DIR/eicar.com X+chown $QS_USER:$QS_GROUP $TMP_DIR/eicar.com X chmod 644 $TMP_DIR/eicar.com X X+# st: We need 'setuidgid' to test the antivirus, so let X+# check if daemontools are installed... X+ X+if test -x /usr/local/bin/setuidgid ; then X+ SETUIDGID="/usr/local/bin/setuidgid" X+elif test -x /usr/bin/setuidgid ; then X+ SETUIDGID="/usr/bin/setuidgid" X+elif test -x /commands/setuidgid ; then X+ SETUIDGID="/commands/setuidgid" X+else X+ cat<&1|grep perl5 |head -1`} X@@ -656,10 +884,10 @@ X QMAILSMTPD="${QMAILSMTPD:-$dir/qmail-smtpd}" X fi X X- if test -x $dir/setuidgid X- then X- SETUIDGID="${SETUIDGID:-$dir/setuidgid}" X- fi X+# if test -x $dir/setuidgid X+# then X+# SETUIDGID="${SETUIDGID:-$dir/setuidgid}" X+# fi X if test -x $dir/strings X then X STRINGS="${STRINGS:-$dir/strings}" X@@ -778,11 +1006,11 @@ X fi X fi X fi X- X+ X if test -x $dir/uvscan X then X if [ "`echo $FIND_SCANNERS|grep ' uvscan '`" != "" -a "$UVSCAN" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/uvscan -r --secure --fam --unzip --macro-heuristics -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/uvscan -r --secure --fam --unzip --macro-heuristics -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X UVSCAN="${UVSCAN:-$dir/uvscan}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X uvscan" X@@ -792,7 +1020,7 @@ X if test -x $dir/csav X then X if [ "`echo $FIND_SCANNERS|grep ' csav '`" != "" -a "$CSAV" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/csav -list -nomem -packed -archive -noboot $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/csav -list -nomem -packed -archive -noboot $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X CSAV="${CSAV:-$dir/csav}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X csav" X@@ -802,10 +1030,10 @@ X if [ "`echo $FIND_SCANNERS|grep ' sophie '`" != "" -a "$SOPHIE" = "" ]; then X if test -x $dir/sophie X then X- SOCKET="`setuidgid $QS_USER $dir/sophie -d -f README 2>&1|grep 'Socket path'|awk '{print $NF}'|sed 's/\"//g'`" X+ SOCKET="`$SETUIDGID_QS $dir/sophie -d -f README 2>&1|grep 'Socket path'|awk '{print $NF}'|sed 's/\"//g'`" X if [ "$SOCKET" != "" ]; then X DD= X- if [ "`setuidgid $QS_USER perl ./contrib/test-sophie.pl -s $SOCKET -f $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS perl ./contrib/test-sophie.pl -s $SOCKET -f $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X SOPHIE="${SOPHIE:-$dir/sophie}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X sophie" X@@ -824,8 +1052,8 @@ X if test -x $dir/sweep X then X if [ "`$dir/sweep -h 2>&1|grep LAM`" = "" -a "$SWEEP" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/sweep -f -eec -all -sc -nc -ss -nb -archive $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X- SWEEP="${SWEEP:-$dir/sweep}" X+ if [ "`$SETUIDGID_QS $dir/sweep -f -eec -all -sc -nc -ss -nb -archive $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ SWEEP="${SWEEP:-$dir/sweep}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X sweep" X fi X@@ -847,16 +1075,16 @@ X if [ "`echo $FIND_SCANNERS|grep ' trophie '`" != "" -a "$TROPHIE" = "" ]; then X if test -x $dir/trophie X then X- SOCKET="`setuidgid $QS_USER $dir/trophie -d -f README 2>&1|grep 'Socket path'|awk '{print $NF}'|sed 's/\"//g'`" X+ SOCKET="`$SETUIDGID_QS $dir/trophie -d -f README 2>&1|grep 'Socket path'|awk '{print $NF}'|sed 's/\"//g'`" X if [ "$SOCKET" != "" ]; then X- if [ "`setuidgid $QS_USER perl ./contrib/test-trophie.pl -s $SOCKET -f $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS perl ./contrib/test-trophie.pl -s $SOCKET -f $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X TROPHIE="${TROPHIE:-$dir/trophie}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X trophie" X TSOCKET="$SOCKET" X else X echo " X-Something like trophie for Trend detected - but is not correctly installed or operational. X+Something like trophie for Trend detected - but not correctly installed or operational. X Please read Q-S FAQ if you want it - especially check that trophie daemon X can read files owned by $QS_USER (i.e. run it as $QS_USER). X ". X@@ -867,7 +1095,7 @@ X if [ "`echo $FIND_SCANNERS|egrep ' (vscan|trophie) '`" != "" -a "$ISCAN" = "" ]; then X if test -x $dir/vscan X then X- if [ "`setuidgid $QS_USER $dir/vscan -p/etc/iscan/ -za -a -u -nl -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/vscan -p/etc/iscan/ -za -a -u -nl -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X vscan" X ISCAN="${ISCAN:-$dir/vscan}" X@@ -877,12 +1105,12 @@ X if [ "`echo $FIND_SCANNERS|grep ' antivir '`" != "" -a "$HBEDV" = "" ]; then X if test -x $dir/antivir X then X- if [ "`setuidgid $QS_USER $dir/antivir -allfiles -s -tmp. -z -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/antivir -allfiles -s -tmp. -z -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X HBEDV="${HBEDV:-$dir/antivir}" X HBEDV_OPTIONS="-allfiles -s -tmp. -z -v" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X antivir" X- elif [ "`setuidgid $QS_USER $dir/antivir -allfiles -s -tmp. -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ elif [ "`$SETUIDGID_QS $dir/antivir -allfiles -s -tmp. -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X HBEDV="${HBEDV:-$dir/antivir}" X HBEDV_OPTIONS="-allfiles -s -tmp. -v" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X@@ -893,7 +1121,7 @@ X if test -x $dir/kavscanner X then X if [ "`echo $FIND_SCANNERS|grep ' kavscanner '`" != "" -a "$AVPSCAN" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/kavscanner $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/kavscanner $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X AVPSCAN="${AVPSCAN:-$dir/kavscanner}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X kavscanner" X@@ -903,7 +1131,7 @@ X if test -x $dir/AvpLinux X then X if [ "`echo $FIND_SCANNERS|grep ' AvpLinux '`" != "" -a "$AVPSCAN" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/AvpLinux -Y $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/AvpLinux -Y $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X AVPSCAN="${AVPSCAN:-$dir/AvpLinux}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X AvpLinux" X@@ -916,7 +1144,7 @@ X if [ "`echo $FIND_SCANNERS|grep ' kavdaemon '`" != "" -a "$AVPDAEMON" = "" ]; then X if test -f "sub-avpdaemon.pl" X then X- if [ "`setuidgid $QS_USER $dir/kavdaemon $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/kavdaemon $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X AVPSCAN="" X AVPDAEMON="${AVDAEMON:-$dir/kavdaemon}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X@@ -930,7 +1158,7 @@ X if [ "`echo $FIND_SCANNERS|grep ' AvpDaemonClient '`" != "" -a "$AVPDAEMON" = "" ]; then X if test -f "sub-avpdaemon.pl" X then X- if [ "`setuidgid $QS_USER $dir/AvpDaemonClient $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/AvpDaemonClient $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X AVPSCAN="" X AVPDAEMON="${AVDAEMON:-$dir/AvpDaemonClient}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X@@ -943,7 +1171,7 @@ X if test -x $dir/fsav X then X if [ "`echo $FIND_SCANNERS|grep ' fsav '`" != "" -a "$FSECURE" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/fsav --list --archive --auto --dumb $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/fsav --list --archive --auto --dumb $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X FSECURE="${FSECURE:-$dir/fsav}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X fsav" X@@ -953,7 +1181,7 @@ X if test -x $dir/f-prot X then X if [ "`echo $FIND_SCANNERS|grep ' fprot '`" != "" -a "$FPROT" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/f-prot -ai -archive -dumb -list $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/f-prot -ai -archive -dumb -list $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X FPROT="${FPROT:-$dir/f-prot}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X fprot" X@@ -963,9 +1191,9 @@ X if test -x $dir/bdc X then X if [ "`echo $FIND_SCANNERS|grep ' bitdefender '`" != "" -a "$BITDEFENDER" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/bdc --all --alev=10 --flev=10 --arc --mail $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X- BITDEFENDER="${BITDEFENDER:-$dir/bdc}" X- INSTALLED_SCANNERS="$INSTALLED_SCANNERS X+ if [ "`$SETUIDGID_QS $dir/bdc --all --alev=10 --flev=10 --arc --mail $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ BITDEFENDER="${BITDEFENDER:-$dir/bdc}" X+ INSTALLED_SCANNERS="$INSTALLED_SCANNERS X bdc" X fi X fi X@@ -974,17 +1202,17 @@ X then X if [ "`echo $FIND_SCANNERS|grep ' nod32 '`" != "" ]; then X if [ "`$dir/nod32cli -c 1 --subdir $TMP_DIR 2>&1|egrep -i 'virus='`" != "" ]; then X- NOD32="${NOD32:-$dir/nod32cli}" X- UPDNOD="${NOD32:-$dir/nod32upd}" X- INSTALLED_SCANNERS="$INSTALLED_SCANNERS X+ NOD32="${NOD32:-$dir/nod32cli}" X+ UPDNOD="${NOD32:-$dir/nod32upd}" X+ INSTALLED_SCANNERS="$INSTALLED_SCANNERS X nod32" X fi X fi X- fi X+ fi X if test -x $dir/inocucmd X then X if [ "`echo $FIND_SCANNERS|grep ' inocucmd '`" != "" -a "$INOCUCMD" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/inocucmd -SEC -NEX $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/inocucmd -SEC -NEX $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X INOCUCMD="${INOCUCMD:-$dir/inocucmd}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X inocucmd" X@@ -994,7 +1222,7 @@ X # if test -x $dir/ravav X # then X # if [ "`echo $FIND_SCANNERS|grep ' ravlin '`" != "" ]; then X-# if [ "`setuidgid $QS_USER $dir/ravav --mail --archive --heuristics=on --all $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+# if [ "`$SETUIDGID_QS $dir/ravav --mail --archive --heuristics=on --all $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X # RAVLIN="${RAVLIN:-$dir/ravav}" X # INSTALLED_SCANNERS="$INSTALLED_SCANNERS X #ravlin" X@@ -1004,7 +1232,7 @@ X if test -x $dir/vexira X then X if [ "`echo $FIND_SCANNERS|grep ' vexira '`" != "" -a "$VEXIRA" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/vexira --allfiles -s -z -nolnk -noboot -nombr -nodef -r1 $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/vexira --allfiles -s -z -nolnk -noboot -nombr -nodef -r1 $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X VEXIRA="${VEXIRA:-$dir/vexira}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X vexira" X@@ -1014,7 +1242,7 @@ X if [ "`echo $FIND_SCANNERS|grep ' clamdscan '`" != "" -a "$CLAMDSCAN" = "" ]; then X if test -x $dir/clamdscan X then X- DD="`setuidgid $QS_USER $dir/clamdscan --help 2>&1|grep -i Daemon`" X+ DD="`$SETUIDGID_QS $dir/clamdscan --help 2>&1|grep -i Daemon`" X if [ "$DD" = "" ]; then X echo " X Something like clamdscan for ClamAV detected - but not correctly installed. X@@ -1023,7 +1251,7 @@ X (i.e. make sure clamd runs as $QS_USER). X " X fi X- DD="`setuidgid $QS_USER $dir/clamdscan -v $TMP_DIR 2>&1`|egrep -i 'virus|test'" X+ DD="`$SETUIDGID_QS $dir/clamdscan -v $TMP_DIR 2>&1`|egrep -i 'virus|test'" X if [ "$DD" != "" ]; then X CLAMDSCAN="${CLAMDSCAN:-$dir/clamdscan}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X@@ -1041,7 +1269,7 @@ X if test -x $dir/clamscan X then X if [ "`echo $FIND_SCANNERS|grep ' clamscan '`" != "" -a "$CLAMSCAN" = "" ]; then X- if [ "`setuidgid $QS_USER $dir/clamscan -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X+ if [ "`$SETUIDGID_QS $dir/clamscan -v $TMP_DIR 2>&1|egrep -i 'virus|test'`" != "" ]; then X CLAMSCAN="${CLAMSCAN:-$dir/clamscan}" X INSTALLED_SCANNERS="$INSTALLED_SCANNERS X clamscan" X@@ -1050,28 +1278,75 @@ X fi X X if [ "`echo $FIND_SCANNERS|grep spamassassin`" != "" -a "$SPAMASSASSIN_BINARY" = "" ]; then X- if test -x $dir/spamassassin X- then X- SPAMASSASSIN_BINARY="${SPAMASSASSIN_BINARY:-$dir/spamassassin}" X- fi X- if [ "$SPAMASSASSIN_BINARY" != "" -a -x "$dir/spamc" -a "$SPAMC_BINARY" = "" ] X- then X- #Test it out X- if [ "`setuidgid $QS_USER $dir/spamc -h 2>&1|grep 'spamd'`" != "" ] ;then X- SPAMC_BINARY="${SPAMC_BINARY:-$dir/spamc}" X+ if test -x $dir/spamassassin X+ then X+ SPAMASSASSIN_BINARY="${SPAMASSASSIN_BINARY:-$dir/spamassassin}" X+ fi X+ if [ "$SPAMASSASSIN_BINARY" != "" -a -x "$dir/spamc" -a "$SPAMC_BINARY" = "" ] X+ then X+ #Test it out X+ if [ "`$SETUIDGID_QS $dir/spamc -h 2>&1|grep 'spamd'`" != "" ] ;then X+ SPAMC_BINARY="${SPAMC_BINARY:-$dir/spamc} -t 30" X+ X+ # st: is spamd running with sql per user settings? X+ SA_SQL_AUT=`ps ax -w 2>/dev/null | egrep 'spamd.*( \-q | \-Q | \-\-sql|with\-sql)' |grep -v grep` X+ if [ "$SA_SQL_AUT" = "" ]; then X+ SA_SQL_AUT=`ps -ef 2>/dev/null | egrep 'spamd.*( \-q | \-Q | \-\-sql|with\-sql)' |grep -v grep` X+ fi X+ if [ "$SA_SQL_AUT" = "" ]; then X+ SA_SQL_AUT=`ps aux 2>/dev/null | egrep 'spamd.*( \-q | \-Q | \-\-sql|with\-sql)' |grep -v grep` X+ fi X+ X+ # st: are we using spamd in unix-socket mode? X+ if [ "$SPAMD_SOCKET" != "" ] ;then X+ if [ ! -S "$SPAMD_SOCKET" ] ;then X+ cat</dev/null|egrep 'spamd.*socketpath'|grep -v grep|sed -e 's/^.*socketpath=//'|awk '{print $1}'` X+ if [ "$SPAMD_SOCKET" = "" ]; then X+ SPAMD_SOCKET=`ps auxww 2>/dev/null|egrep 'spamd.*socketpath'|grep -v grep|sed -e 's/^.*socketpath=//'|awk '{print $1}'` X+ fi X+ X+ # st: in my RH7.3 servers this works... X+ if [ "$SPAMD_SOCKET" = "" ]; then X+ SPAMD_SOCKET=`ps ax -w 2>/dev/null|egrep 'spamd.*socketpath'|grep -v grep|sed -e 's/^.*socketpath=//'|awk '{print $1}'` X+ fi X+ if [ "$SPAMD_SOCKET" != "" ]; then X+ if [ -S "$SPAMD_SOCKET" ]; then X+ #SPAMC_BINARY="$SPAMC_BINARY -U $SPAMD_SOCKET" X+ SA_SKT=" -U $SPAMD_SOCKET" X+ else X+ cat</dev/null|egrep 'spamd.*socketpath'|grep -v grep|sed -e 's/^.*socketpath=//'|awk '{print $1}'` X- if [ "$SPAMD_SOCKET" = "" ]; then X- SPAMD_SOCKET=`ps auxww 2>/dev/null|egrep 'spamd.*socketpath'|grep -v grep|sed -e 's/^.*socketpath=//'|awk '{print $1}'` X- fi X- if [ "$SPAMD_SOCKET" != "" -a -S "$SPAMD_SOCKET" ]; then X- SPAMC_BINARY="$SPAMC_BINARY -U $SPAMD_SOCKET" X- SA_HN=" -U $SPAMD_SOCKET" X- fi X- DD="`setuidgid $QS_USER $SPAMC_BINARY < ./contrib/spamc-nice.eml`" X- if [ "`echo $DD|grep '^From '`" != "" ]; then X- cat<" X echo "local-domains=$LOCAL_DOMAINS_ARRAY" X echo "silent-viruses=$FIND_SILENT_VIRUSES_ARRAY" X echo "scanners=`echo $SCANNER_ARRAY|sed 's/_scanner//g'`" X+echo X+echo "-------------------------------------" X+echo "st: configuration options for 2.00st" X+echo "-------------------------------------" X+if [ "`echo $MINI_DEBUG|egrep -i '^1|^yes|^y|^on|^true'`" != "" ]; then X+ MINI_DEBUG="1" X+elif [ "`echo $MINI_DEBUG|egrep -i '^[2-9]+$'`" != "" ]; then X+ MINI_DEBUG="$MINI_DEBUG" X+else X+ MINI_DEBUG="0" X+fi X+if [ "$MINI_DEBUG" != "" ]; then X+ echo "minidebug=$MINI_DEBUG" X+fi X+if [ "$SETTINGS_P_D" != "" ]; then X+ echo "settings-per-domain=$SETTINGS_P_D" X+fi X+if [ "$VIRUS_DELETE" != "0" ]; then X+ echo "virus-to-delete=$VIRUS_DELETE" X+else X+ VIRUS_TO_DELETE="" X+fi X+ X+if [ "$DESCRIPTIVE_HEADERS" != "" ]; then X+ echo "dscr-hdrs-text='$DESCR_HEADERS_TEXT'" X+fi X+if [ "$SPAMC_BINARY" != "" ]; then X+ echo X+ if [ "$SPAM_MAILDIR" != "spam" ] ; then X+ echo "spamdir =$SPOOLDIR/quarantine/$SPAM_MAILDIR" X+ CMDLINE="$CMDLINE --spamdir $SPAM_MAILDIR" X+ fi X+ if [ "$SPAMD_SOCKET" != "" ] ; then X+ echo "sa-socket =$SPAMD_SOCKET" X+ CMDLINE="$CMDLINE --sa-socket $SPAMD_SOCKET" X+ fi X+ if [ "$SA_SQL" != "0" -o "$SA_SQL_AUT" != "" ] ; then X+ if [ "$SA_SQL_AUT" = "" ]; then X+ echo X+ echo "########################################################################" X+ echo " sa-sql is set to '1' but spamd doesn't seem to be running with" X+ echo " sql per user settings... Everything will work, but it is better" X+ echo " to disable this option for performance if it is really not active." X+ echo "########################################################################" X+ echo X+ fi X+ SA_SQL="1" X+ echo "sa-sql =$SA_SQL (Spamassassin per user settings active)" X+ CMDLINE="$CMDLINE --sa-sql $SA_SQL" X+ fi X+ if [ "$SA_FORWARD_IN" != "" ] ;then X+ # st: Add a '\' to the sa_forward mail address X+ if [ "`echo $SA_FORWARD_IN | grep @ `" = "" ]; then X+ SA_FORWARD_IN="$SA_FORWARD_IN@$MAILDOMAIN" X+ fi X+ SA_FORWARD=`echo "$SA_FORWARD_IN" | awk -F @ '{print $1 "\\\@" $2}'` X+ CMDLINE="$CMDLINE --sa-forward $SA_FORWARD" X+ echo "sa-forward=\"$SA_FORWARD_IN\" (Is it a valid address?)" X+ if [ "$SA_FWD_VERBOSE" != "0" ] ; then X+ echo "sa-fwd-verbose=$SA_FWD_VERBOSE (X-Spam headers will be added in the forwarded mail)" X+ else X+ echo "sa-fwd-verbose=$SA_FWD_VERBOSE (X-Spam headers won't be added in the forwarded mail)" X+ fi X+ CMDLINE="$CMDLINE --sa-fwd-verbose $SA_FWD_VERBOSE" X+ fi X+ if [ "$SPAMASSASSIN_VERSION" != "verbose_spamassassin" -a "$SPAMC_SUBJECT" != "" ] ;then X+ echo "sa-subject=\"$SPAMC_SUBJECT\"" X+ CMDLINE="$CMDLINE --sa-subject \"$SPAMC_SUBJECT\"" X+ fi X+ echo X+ echo "sa-delta =$SA_DELTA" X+ echo "sa-alt =$SA_ALT" X+ echo "sa-debug =$SA_DEBUG (only valid if sa-alt is enabled)" X+ echo "sa-report =$SA_HDR_REPORT (only valid if sa-alt and sa-debug are enabled)" X+ echo X+ echo "Spamassasin Required_Hits=$SA_THRESHOLD" X+ if [ "$SA_QUARANTINE" != "0" ]; then X+ SA_CONTROL="$SA_QUARANTINE $SA_DELETE" X+ if [ "$SA_DELETE" != "0" -a "`echo $SA_CONTROL | awk '{if ($1 > $2) print 1}'`" ] ; then X+ echo X+ echo "########################################################################" X+ echo "WARNING: sa-quarantine ($SA_QUARANTINE) is higher than" X+ echo " sa-delete ($SA_DELETE), resetting sa-delete and sa-reject to 0." X+ echo " You can fix this later editing qmail-scanner-queue.pl and" X+ echo " setting the appropriated values. No mail will be" X+ echo " deleted or rejected" X+ echo "########################################################################" X+ echo X+ SA_DELETE="0" X+ SA_REJECT="0" X+ fi X+ SA_QTINE=`echo "$SA_QUARANTINE $SA_THRESHOLD" | awk '{print $1+$2}'` X+ echo "sa-quarantine=$SA_QUARANTINE (messages over $SA_QTINE hits will be quarantined)" X+ else X+ echo "sa-quarantine=0 (no mail will be quarantined)" X+ fi X+ if [ "$SA_DELETE" != "0" ]; then X+ SA_DLT=`echo "$SA_DELETE $SA_THRESHOLD" | awk '{print $1+$2}'` X+ if [ "$SA_REJECT" != "0" ]; then X+ echo "sa-delete =$SA_DELETE (messages over $SA_DLT hits will be rejected)" X+ else X+ echo "sa-delete =$SA_DELETE (messages over $SA_DLT hits will be deleted)" X+ fi X+ else X+ echo "sa-delete =0 (no mail will be deleted/rejected)" X+ fi X+ echo "sa-reject =$SA_REJECT" X+ echo "-------------------------------------------------------------------------" X+ CMDLINE="$CMDLINE --sa-delta $SA_DELTA --sa-alt $SA_ALT --sa-debug $SA_DEBUG --sa-report $SA_HDR_REPORT --sa-quarantine $SA_QUARANTINE --sa-delete $SA_DELETE --sa-reject $SA_REJECT" X+fi X+ X+CMDLINE="$CMDLINE --scanners \"$SCANNERS\"" X X SCANNER_ARRAY="`echo $SCANNER_ARRAY|sed -e 's/fast_spamassassin/spamassassin/g' -e 's/verbose_spamassassin/spamassassin/g'`" X+ X+if [ "$SCANNER_ARRAY" != "" ]; then X+ SCANNER_ARRAY="$SCANNER_ARRAY," X+fi X+ X cat< .perl-test.pl X chmod 0755 .perl-test.pl X- DD=`setuidgid $QS_USER $PERL5 ./.perl-test.pl 2>&1` X+ DD=`$SETUIDGID_QS $PERL5 ./.perl-test.pl 2>&1` X QS_UID=`echo "$DD"|grep ^uid=|sed 's/^uid=//g'|egrep '^[0-9]+$'` X #Now setuid it and see if the output changes X- chown $QS_USER:$QS_USER .perl-test.pl X+ chown $QS_USER:$QS_GROUP .perl-test.pl X chmod 6755 .perl-test.pl X #This will be run as a different account than $QS_USER - we'll use qmailq X #as that must exist on every Qmail system X- DD=`setuidgid qmailq ./.perl-test.pl 2>&1` X+ DD=`$SETUIDGID_QQ ./.perl-test.pl 2>&1` X QS_SUID=`echo "$DD"|grep ^uid=|sed 's/^uid=//g'|egrep '^[0-9]+$'` X if [ "$QS_SUID" = "" -o "$QS_SUID" != "$QS_UID" ]; then X echo "Whoa - broken perl install found." X@@ -1770,6 +2184,7 @@ X s?GREP_BINARY?$GREP_BINARY?g; X s?UNZIP_BINARY?$UNZIP_BINARY?g; X s?MAX_ZIP_SIZE?$MAX_ZIP_SIZE?g; X+s?MAX_UNPACKED_FILES?$MAX_UNPACKED_FILES?g; X s?MAX_MSG_SIZE?$MAX_SCAN_SIZE?g; X s?UNZIP_OPTIONS?$UNZIP_OPTIONS?g; X s?FORCE_UNZIP?$FORCE_UNZIP?g; X@@ -1800,10 +2215,10 @@ X s?BITDEFENDER?$BITDEFENDER?g; X s?CLAMSCAN?$CLAMSCAN?g; X s?CLAMDSCAN?$CLAMDSCAN?g; X-s?SA_QUARANTINE?$SA_QUARANTINE?g; X s?SPAMASSASSIN_BINARY?$SPAMASSASSIN_BINARY?g; X s?SPAMC_BINARY?$SPAMC_BINARY?g; X-s?SPAMC_OPTIONS?$SPAMC_OPTIONS?g; X+s?SA_FAST?$SA_FAST?g; X+s?SA_HN?$SA_HN?g; X s?SPAMC_SUBJECT?$SPAMC_SUBJECT?g; X s?USERNAME?$USERNAME?g; X s?SKIP_TEXT_MSGS?$SKIP_TEXT_MSGS?g; X@@ -1848,7 +2263,24 @@ X s?LOCALE_destring_disallowed_attachment_type?$LOCALE_destring_disallowed_attachment_type?g; X s?LOCALE_destring_virus?$LOCALE_destring_virus?g; X s?LOCALE_destring_policy_violation?$LOCALE_destring_policy_violation?g; X-s?SCANNER_ARRAY?$SCANNER_ARRAY?g;" qmail-scanner-queue.template > qmail-scanner-queue.pl-1 X+s?SCANNER_ARRAY?$SCANNER_ARRAY?g; X+s?JH_VERSION?$JH_VERSION?g; X+s?ST_VERSION?$ST_VERSION?g; X+s?MINI_DEBUG?$MINI_DEBUG?g; X+s?DESCR_HEADERS_TEXT?$DESCR_HEADERS_TEXT?g; X+s?SETTINGS_P_D?$SETTINGS_P_D?g; X+s?VIRUS_TO_DELETE?$VIRUS_TO_DELETE?g; X+s?SA_SQL?$SA_SQL?g; X+s?SA_DELTA?$SA_DELTA?g; X+s?SA_FORWARD?$SA_FORWARD?g; X+s?SA_FWD_VERBOSE?$SA_FWD_VERBOSE?g; X+s?SA_QUARANTINE?$SA_QUARANTINE?g; X+s?SA_DELETE?$SA_DELETE?g; X+s?SA_REJECT?$SA_REJECT?g; X+s?SA_ALT?$SA_ALT?g; X+s?SA_DEBUG?$SA_DEBUG?g; X+s?SA_HDR_REPORT?$SA_HDR_REPORT?g; X+s?SPAMD_SOCKET?$SPAMD_SOCKET?g;" qmail-scanner-queue.template > qmail-scanner-queue.pl-1 X perl -pe 's/%%/\$/g' qmail-scanner-queue.pl-1 > qmail-scanner-queue.pl X rm -f qmail-scanner-queue.pl-1 X X@@ -1876,7 +2308,7 @@ X (cat<> qmail-scanner-queue.pl X X+# st: Add some subroutines X+cat sub-patch-st.pl >> qmail-scanner-queue.pl X+ X+if [ "`echo $SCANNER_ARRAY| grep -i spamassassin`" = "" ]; then X+ echo " X+# st: If we do not have spamassassin, at least we need this empty routine X+sub check_sa_score {}; X+ X+" >> qmail-scanner-queue.pl X+fi X+ X for scanner in `echo $SCANNER_ARRAY|sed -e 's/\"//g' -e 's/,/ /g' -e's/_scanner//g'` X do X if [ "$scanner" = "avgd" ]; then X@@ -1937,7 +2380,7 @@ X fi X mv -f $BINDIR/qmail-scanner-queue.pl $BINDIR/qmail-scanner-queue.pl.old 2>/dev/null X cp -f qmail-scanner-queue.pl $BINDIR/qmail-scanner-queue.pl X- chown $QS_USER:$QS_USER $BINDIR/qmail-scanner-queue.pl X+ chown $QS_USER:$QS_GROUP $BINDIR/qmail-scanner-queue.pl X chmod 6755 $BINDIR/qmail-scanner-queue.pl X if [ -f "$BINDIR/antivirus-qmail-queue.pl" -a ! -L "$BINDIR/antivirus-qmail-queue.pl" ]; then X mv -f $BINDIR/antivirus-qmail-queue.pl $BINDIR/antivirus-qmail-queue.pl.old X@@ -1983,14 +2426,30 @@ X if [ "$LOG_DETAILS" = "mailstats.csv" ]; then X if [ ! -f "$LOGDIR/$LOG_DETAILS" ]; then X echo "#Virus_Found Process_Time From Recipients Subject Message-ID Msg_Size Date Attachment_Filenames" > $LOGDIR/$LOG_DETAILS X- chown $QS_USER:$QS_USER $LOGDIR/$LOG_DETAILS X+ chown $QS_USER:$QS_GROUP $LOGDIR/$LOG_DETAILS X fi X fi X X if [ ! -f "$ETCDIR/quarantine-events.txt" ] ; then X cp quarantine-events.txt $ETCDIR/ X fi X- find $SPOOLDIR/ -type d -exec chown -R $QS_USER:$QS_USER {} \; X+ X+ if [ ! -f "$ETCDIR/settings_per_domain.txt" ] ; then X+ cp settings_per_domain.txt $ETCDIR/ X+ fi X+ X+ if [ ! -f "$LOGDIR/log-report.sh" ] ; then X+ cp log-report.sh $LOGDIR/ X+ chown $QS_USER:$QS_GROUP $LOGDIR/log-report.sh X+ else X+ if [ "`stat -t log-report.sh | cut -d ' ' -f2`" != "`stat -t $LOGDIR/log-report.sh | cut -d ' ' -f2`" ] ; then X+ mv -f $LOGDIR/log-report.sh $LOGDIR/log-report.sh.old 2>/dev/null X+ cp log-report.sh $LOGDIR/ X+ chown $QS_USER:$QS_GROUP $LOGDIR/log-report.sh X+ fi X+ fi X+ X+ find $SPOOLDIR/ -type d -exec chown -R $QS_USER:$QS_GROUP {} \; X #if [ "$SPOOLDIR" != "$ETCDIR" ]; then X #chown -R root:$QS_USER $ETCDIR X #chmod -R 750 $ETCDIR X@@ -2017,7 +2476,7 @@ X X EOF X if [ -f "$BINDIR/qmail-scanner-queue.pl.old" ]; then X- mv -f $BINDIR/qmail-scanner-queue.pl.old $BINDIR/qmail-scanner-queue.pl X+ mv -f $BINDIR/qmail-scanner-queue.pl.old $BINDIR/qmail-scanner-queue.pl X fi X exit X fi X@@ -2033,6 +2492,10 @@ X "$BINDIR/qmail-scanner-queue.pl -r" should return some well-known virus X definitions to show that the internal perlscanner component is working. X X+If you're upgrading, remember that your previous quarantine-attachments.txt file X+has not been changed, maybe it's a good idea to have a look at the file X+coming with this distribution. X+ X That's it! X X EOF X@@ -2075,7 +2538,6 @@ X fi X X if [ -x "$BINDIR/qmail-scanner-queue.pl" ]; then X- X $BINDIR/qmail-scanner-queue.pl -v > SYSDEF X (cat</usr/ports/mail/qmail-scanner2/files/patch-log-report.sh << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-log-report.sh' X--- log-report.sh.orig Tue Jun 20 07:56:14 2006 X+++ log-report.sh Tue Jun 20 07:56:14 2006 X@@ -0,0 +1,53 @@ X+#/bin/sh X+# X+# This is a very simple script to report a quick statistic from the X+# qmail-queue.log or qmail-queue.log.x.gz, it needs to be improved... X+# X+# You can send a mail with the output after rotating qmail-queue.log X+# X+# Salvatore Toribio X+# 20060416 X+# X+ X+if [ ! $1 ]; then X+ echo " X+ Usage: $0 X+ X+ It is possible to analize compress files i.e.: qmail-queue.log.1.gz X+ X+" X+ exit 1 X+fi X+ X+if [ ! -f "$1" ]; then X+ echo " X+ File: '$1' doesn't exist, exit. X+" X+ exit X+fi X+ X+FF="`file $1 | grep 'gzip compressed data'`" X+ X+echo X+ X+if [ ! "$FF" ]; then X+ # It is not a compress file X+ grep "here be a virus\|------ \| SA: yup, this smells \| something to block" $1 \ X+ | grep -v " message for " \ X+ | sed -e "s/.* hits.* - message \(.*\) \(.*\)$/Spam \1/" \ X+ | sed -e "s/^.* Process .*$/Messages processed/" \ X+ | sed -e "s/^.* something to block.*$/Policy blocked/" \ X+ | sed -e "s/.*(\(.*\))$/Virus \1/" | sort | uniq -c | sort -gr X+ echo X+else X+ # It is a compress file X+ zcat $1 | grep "here be a virus\|------ \| SA: yup, this smells \| something to block" \ X+ | grep -v " message for " \ X+ | sed -e "s/.* hits.* - message \(.*\) \(.*\)$/Spam \1/" \ X+ | sed -e "s/^.* Process .*$/Messages processed/" \ X+ | sed -e "s/^.* something to block.*$/Policy blocked/" \ X+ | sed -e "s/.*(\(.*\))$/Virus \1/" | sort | uniq -c | sort -gr X+ echo X+fi X+ X+echo END-of-/usr/ports/mail/qmail-scanner2/files/patch-log-report.sh echo x - /usr/ports/mail/qmail-scanner2/files/patch-README.html sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-README.html << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-README.html' X--- README.html.orig Tue Apr 4 09:00:08 2006 X+++ README.html Tue Jun 20 07:56:13 2006 X@@ -123,8 +123,8 @@ X X

X Download

X-The latest release is 2.01 (via http), X-and is kindly housed by SourceForge. GnuPG signature of qmail-scanner-2.01.tgz.asc is also available. Of course, you'll be needing my GPG Public Key to verify that. X+The latest release is 2.00 (via http), X+and is kindly housed by SourceForge. GnuPG signature of qmail-scanner-2.00.tgz.asc is also available. Of course, you'll be needing my GPG Public Key to verify that. X

X Requirements

X END-of-/usr/ports/mail/qmail-scanner2/files/patch-README.html echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-attachments.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-attachments.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-attachments.pl' X--- sub-attachments.pl.orig Mon Mar 27 04:09:53 2006 X+++ sub-attachments.pl Tue Jun 20 07:56:14 2006 X@@ -10,21 +10,25 @@ X if (/^\-+ (Below this line|This) is a copy of the message/) { X $indicates_attachments += 2; X &debug("c_a_g: found hidden MIME attachment") if ($indicates_attachments == 2); X+ &minidebug("c_a_g: found hidden MIME attachment") if ($indicates_attachments == 2); X } X #This will define any text mail that contains a URL as requiring scanning - otherwise X #some phishing attacks will geet past X if ($indicates_attachments < 2 && /http:\/\/|www\.|[a-z0-9\-]+\.[a-z0-9\-]+\//i) { X $indicates_attachments += 2; X &debug("c_a_g: found URL in message - maybe phishy - better scan it"); X+ &minidebug("c_a_g: found URL in message - maybe phishy - better scan it"); X } X #This finds BinHex attachments X if (/^\(This file must be converted with BinHex/) { X $indicates_attachments += 2; X &debug("c_a_g: found hidden BinHex attachment") if ($indicates_attachments == 2); X+ &minidebug("c_a_g: found hidden BinHex attachment") if ($indicates_attachments == 2); X } X my ($begin,$perms,$uufile,$uuextension,$uulength,$uuencoded_attachments,$begin_content); X if (/^(begin) ([0-9][0-9][0-9]) (.*)\n$/) { X &debug("Ooohhhh, a uuencoded attachment!"); X+ &minidebug("Ooohhhh, a uuencoded attachment!"); X #Better reset this message back to potentially having attachments X $plain_text_msg=0; X $uuencoded_attachments++; X@@ -41,6 +45,7 @@ X #Ensure the filelength isn't too large! X if ( $uulength > $MAX_FILE_LENGTH) { X &debug("uudecode output: gah! filename is > $MAX_FILE_LENGTH (actually $uulength), chopping..."); X+ &minidebug("uudecode output: gah! filename is > $MAX_FILE_LENGTH (actually $uulength), chopping..."); X $uufile=substr($uufile,0,$MAX_FILE_LENGTH).".".$uuextension; X } X return if (!$uudecode_binary); END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-attachments.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-avp.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-avp.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-avp.pl' X--- sub-avp.pl.orig Thu Apr 28 07:56:33 2005 X+++ sub-avp.pl Tue Jun 20 07:56:14 2006 X@@ -26,6 +26,7 @@ X $quarantine_description=$3; X } X &debug("There be a $destring! ($quarantine_description)"); X+ &minidebug("kasp: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="AVP:".substr($quarantine_event,0,$QE_LEN); X } else { X@@ -39,4 +40,5 @@ X &debug("Deleting enviroment \$TEMP"); X delete $ENV{'TEMP'}; X &debug("kasp: finished scan of dir \"$ENV{'TMPDIR'}\" in $avp_time secs"); X+ &minidebug("kasp: finished scan in $avp_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-avp.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-bitdefender.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-bitdefender.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-bitdefender.pl' X--- sub-bitdefender.pl.orig Thu Jun 3 06:13:40 2004 X+++ sub-bitdefender.pl Tue Jun 20 07:56:14 2006 X@@ -1,3 +1,4 @@ X+ X sub bitdefender_scanner { X #BitDefender Linux scanner X &debug("bitdefender: starting scan of directory \"$ENV{'TMPDIR'}\"..."); X@@ -20,6 +21,7 @@ X $quarantine_description=$3; X $quarantine_description=~s/^\s+//g; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("bitdefender: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="BITDEFENDER:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---bitdefender results ---\n$DD"; X@@ -35,4 +37,5 @@ X $stop_bitdefender_time=[gettimeofday]; X $bitdefender_time = tv_interval ($start_bitdefender_time, $stop_bitdefender_time); X &debug("bitdefender: finished scan of dir \"$ENV{'TMPDIR'}\" in $bitdefender_time secs"); X+ &minidebug("bitdefender: finished scan in $bitdefender_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-bitdefender.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-clamdscan.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-clamdscan.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-clamdscan.pl' X--- sub-clamdscan.pl.orig Mon Oct 18 08:40:36 2004 X+++ sub-clamdscan.pl Tue Jun 20 07:56:14 2006 X@@ -1,3 +1,4 @@ X+ X sub clamdscan_scanner { X #Clamdscan scanner X &debug("clamdscan: starting scan of directory \"$ENV{'TMPDIR'}\"..."); X@@ -19,6 +20,7 @@ X if ($eclamdscan_status == 1 && $DD =~ /\:\s(.*)\sFOUND$/m) { X $quarantine_description=$+; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("clamdscan: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="CLAMDSCAN:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---clamdscan results ---\n$DD"; X@@ -32,6 +34,7 @@ X if ($DD =~ /Recursion limit exceeded/) { X $quarantine_description="Resource attack - $1"; X &debug("clamdscan: $quarantine_description"); X+ &minidebug("clamdscan: $quarantine_description"); X $quarantine_event="CLAMDSCAN:Resource_attack"; X $description .= "\n---clamdscan results ---\n$DD"; X } elsif ($clamdscan_status > 0) { X@@ -48,4 +51,5 @@ X $stop_clamdscan_time=[gettimeofday]; X $clamdscan_time = tv_interval ($start_clamdscan_time, $stop_clamdscan_time); X &debug("clamdscan: finished scan of dir \"$ENV{'TMPDIR'}\" in $clamdscan_time secs"); X+ &minidebug("clamdscan: finished scan in $clamdscan_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-clamdscan.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-clamscan.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-clamscan.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-clamscan.pl' X--- sub-clamscan.pl.orig Tue Apr 20 11:04:15 2004 X+++ sub-clamscan.pl Tue Jun 20 07:56:14 2006 X@@ -19,6 +19,7 @@ X if ($eclamscan_status == 1 && $DD =~ /\:\s(.*)\sFOUND$/m) { X $quarantine_description=$+; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("clamscan: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="CLAMSCAN:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---clamscan results ---\n$DD"; X@@ -30,6 +31,7 @@ X if ($DD =~ /Recursion limit exceeded/) { X $quarantine_description="Resource attack - $1"; X &debug("clamscan: $quarantine_description"); X+ &minidebug("clamscan: $quarantine_description"); X $quarantine_event="CLAMSCAN:Resource_attack"; X $description .= "\n---clamscan results ---\n$DD"; X } elsif ($clamscan_status > 0) { X@@ -41,4 +43,5 @@ X $stop_clamscan_time=[gettimeofday]; X $clamscan_time = tv_interval ($start_clamscan_time, $stop_clamscan_time); X &debug("clamscan: finished scan of dir \"$ENV{'TMPDIR'}\" in $clamscan_time secs"); X+ &minidebug("clamscan: finished scan in $clamscan_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-clamscan.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-csav.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-csav.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-csav.pl' X--- sub-csav.pl.orig Tue Apr 20 10:59:50 2004 X+++ sub-csav.pl Tue Jun 20 07:56:14 2006 X@@ -17,6 +17,7 @@ X if ($DD =~ / Infection: (.*)/) { X $quarantine_description=$1; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("csav_scanner: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="CSAV:".substr($quarantine_event,0,$QE_LEN); X } X@@ -24,4 +25,5 @@ X $stop_csav_time=[gettimeofday]; X $csav_time = tv_interval ($start_csav_time, $stop_csav_time); X &debug("csav_scanner: finished scan of dir \"$ENV{'TMPDIR'}\" in $csav_time secs"); X+ &minidebug("csav_scanner: finished scan in $csav_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-csav.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-fprot.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-fprot.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-fprot.pl' X--- sub-fprot.pl.orig Tue Apr 20 11:05:02 2004 X+++ sub-fprot.pl Tue Jun 20 07:56:14 2006 X@@ -20,6 +20,7 @@ X $quarantine_description=$+; X $quarantine_description=~s/^\s+//g; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("fprot: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="FPROT:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---fprot results ---\n$DD"; X@@ -36,4 +37,5 @@ X $stop_fprot_time=[gettimeofday]; X $fprot_time = tv_interval ($start_fprot_time, $stop_fprot_time); X &debug("fprot: finished scan of dir \"$ENV{'TMPDIR'}\" in $fprot_time secs"); X+ &minidebug("fprot: finished scan in $fprot_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-fprot.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-fsecure.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-fsecure.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-fsecure.pl' X--- sub-fsecure.pl.orig Tue Apr 20 11:24:41 2004 X+++ sub-fsecure.pl Tue Jun 20 07:56:14 2006 X@@ -23,6 +23,7 @@ X } X $quarantine_description=~s/^\s+//g; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("fsecure: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="FSEC:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---fsecure results ---\n$DD"; X@@ -40,4 +41,5 @@ X $stop_fsecure_time=[gettimeofday]; X $fsecure_time = tv_interval ($start_fsecure_time, $stop_fsecure_time); X &debug("fsecure: finished scan of dir \"$ENV{'TMPDIR'}\" in $fsecure_time secs"); X+ &minidebug("fsecure: finished scan in $fsecure_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-fsecure.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-hbedv.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-hbedv.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-hbedv.pl' X--- sub-hbedv.pl.orig Tue Apr 20 10:57:07 2004 X+++ sub-hbedv.pl Tue Jun 20 07:56:14 2006 X@@ -16,6 +16,7 @@ X if ($DD =~ /^\s+ALERT:\s+\[([^\]]+)/m || $DD =~ /(VIRUS.*)$/m) { X $quarantine_description=$1; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("hbedv: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="HBEDV:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---hbedv results ---\n$DD"; X@@ -33,5 +34,6 @@ X $stop_hbedv_time=[gettimeofday]; X $hbedv_time = tv_interval ($start_hbedv_time, $stop_hbedv_time); X &debug("hbedv: finished scan of dir \"$ENV{'TMPDIR'}\" in $hbedv_time secs"); X+ &minidebug("hbedv: finished scan in $hbedv_time secs"); X } X END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-hbedv.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-inocucmd.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-inocucmd.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-inocucmd.pl' X--- sub-inocucmd.pl.orig Tue Apr 20 11:21:50 2004 X+++ sub-inocucmd.pl Tue Jun 20 07:56:14 2006 X@@ -14,6 +14,7 @@ X if ( $einocucmd_status == 100 && $DD =~ /.*infected\sby\svirus\s(.*)\s/m ) { X $quarantine_description=$1; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("inocucmd: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="INOC:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n$DD\n"; X@@ -25,6 +26,7 @@ X $stop_inocucmd_time=[gettimeofday]; X $inocucmd_time = tv_interval ($start_inocucmd_time, $stop_inocucmd_time); X &debug("inocucmd: finished scan of dir \"$ENV{'TMPDIR'}\" in $inocucmd_time secs"); X+ &minidebug("inocucmd: finished scan in $inocucmd_time secs"); X } X X END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-inocucmd.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-iscan.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-iscan.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-iscan.pl' X--- sub-iscan.pl.orig Tue Apr 20 11:22:11 2004 X+++ sub-iscan.pl Tue Jun 20 07:56:14 2006 X@@ -15,6 +15,7 @@ X if ( $DD =~ /\*\*\*\s+Found(.*) in file/m ) { X $quarantine_description=$1; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("iscan: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="ISCAN:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---iscan results ---\n$DD"; X@@ -25,4 +26,5 @@ X $stop_iscan_time=[gettimeofday]; X $iscan_time = tv_interval ($start_iscan_time, $stop_iscan_time); X &debug("iscan: finished scan of dir \"$ENV{'TMPDIR'}\" in $iscan_time secs"); X+ &minidebug("iscan: finished scan in $iscan_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-iscan.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-nod32.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-nod32.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-nod32.pl' X--- sub-nod32.pl.orig Thu Mar 23 08:11:41 2006 X+++ sub-nod32.pl Tue Jun 20 07:56:14 2006 X@@ -15,6 +15,7 @@ X if ( $nod32_status == 2 && $DD =~ /virus="(.*?)"$/m) { X $quarantine_description=$1; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("nod32: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="nod32:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---nod32 results ---\n$DD"; X@@ -26,4 +27,5 @@ X $stop_nod32_time=[gettimeofday]; X $nod32_time = tv_interval ($start_nod32_time, $stop_nod32_time); X &debug("nod32: finished scan of dir \"$ENV{'TMPDIR'}\" in $nod32_time secs"); X+ &minidebug("nod32: finished scan in $nod32_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-nod32.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-normalize.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-normalize.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-normalize.pl' X--- sub-normalize.pl.orig Mon Mar 27 04:35:22 2006 X+++ sub-normalize.pl Tue Jun 20 07:56:14 2006 X@@ -23,6 +23,7 @@ X &debug("normalize_string: $type \"$string\" is decoded to \"$nstring\""); X }else { X &debug("normalize_string: encoded string discovered that isn't Quoted-printable or Base64"); X+ &minidebug("normalize_string: encoded string discovered that isn't Quoted-printable or Base64"); X $illegal_mime=1; X $destring='LOCALE_destring_problem'; X $quarantine_description="Disallowed MIME encoding - potential virus"; X@@ -37,5 +38,6 @@ X $stop_normalize_time=[gettimeofday]; X $normalize_time = tv_interval ($start_normalize_time, $stop_normalize_time); X &debug("normalize_string: finished normalizing in $normalize_time secs") if ($encoding ne ""); X+ &minidebug("normalize_string: finished normalizing in $normalize_time secs") if ($encoding ne ""); X return $nstring; X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-normalize.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-patch-st.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-patch-st.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-patch-st.pl' X--- sub-patch-st.pl.orig Tue Jun 20 07:56:14 2006 X+++ sub-patch-st.pl Tue Jun 20 07:56:14 2006 X@@ -0,0 +1,360 @@ X+################################################# X+# Subroutines added by ST X+################################################# X+ X+sub minidebug { X+ my $dnowtime = strftime("%a, %d %b %Y %H:%M:%S %Z", localtime(time)); X+ print LOG "$dnowtime:$nprocess: ",@_,"\n" if ($MINIDEBUG && !$DEBUG); X+} X+ X+sub close_log { X+ ($sec,$min,$hour,$mday,$mon,$year) = localtime(time); X+ X+ &debug("--- all finished. Total of ",tv_interval ($start_time, [gettimeofday])," secs"); X+ &minidebug("------ Process $nprocess finished. Total of ",tv_interval ($start_time, [gettimeofday])," secs"); X+ close(LOG); X+} X+ X+sub reject_email { X+ my ($exit_string,$exit_code)=@_; X+ $exit_code=111 if (!$exit_code); X+ X+ # st: tell qmail-smtpd why the message is rejected, X+ # so it can be written to the qmail-smtpd log X+ warn "$V_HEADER-$VERSION: $exit_string\n" if ($MINIDEBUG <= 2); X+ warn "$nppid QS-$VERSION: $exit_string\n" if ($MINIDEBUG > 2); X+ X+ &debug("r_e: $V_HEADER-$VERSION: $exit_string"); X+ &minidebug("r_e: $V_HEADER-$VERSION: $exit_string") if ($MINIDEBUG <= 2); X+ &minidebug("r_e: QS-$VERSION: $exit_string") if ($MINIDEBUG > 2); X+ X+ &cleanup; X+ X+ &close_log; X+ exit $exit_code; X+} X+ X+############################################## X+# st: SETTINGS PER DOMAIN routines X+############################################## X+ X+sub start_scanners { X+ my($e_sender,$f_recips,$msg)=@_; X+ $sa_rcpt='0'; X+ X+ # Now, start the scanners! X+ &init_scanners if ($scanner_array[0] ne "none"); X+ X+ # st: if the message is marked to delete skip the mailing routines X+ if (!$del_message) { X+ if (($quarantine_event || $quarantine_spam) && ($scanner_array[0] ne "none")) { X+ &debug("unsetting TCPREMOTEIP env var"); X+ delete $ENV{'TCPREMOTEIP'}; X+ #Reset locale back to original X+ $ENV{'LC_ALL'}=$orig_locale; X+ X+ if ($sa_forward ne "" && $quarantine_event =~/spam/i && $description !~/potential virus/i) { X+ if ($sa_fwd_verbose) { X+ $sa_hdr_report='1' if ($sa_alt && $sa_debug && $sa_report); X+ &qmail_parent_check; X+ &qmail_requeue($e_sender,"T$sa_forward\0\0",$msg); X+ } else { X+ open (SF,"$qmailinject -f$returnpath $sa_forward < $msg|")||&error_condition("cannot run $qmailinject -f$returnpath $sa_forward < $msg - $!"); X+ close SF ; X+ } X+ # st: forward the messages just once.. X+ $sa_rcpt='0'; X+ $sa_forward=''; X+ } X+ ## st: This code is from qs-2.00, I have to check... X+ #is this a greylist event? X+ if ($quarantine_event=~/gr[ae]ylist/i ) { X+ #This text will only be seen by those using the "custom-error" X+ #patch. Others will just get a general "qq" temp failure msg. X+ &log_event; X+ print STDERR "Z$quarantine_event"; X+ &cleanup; X+ &close_log; X+ exit 82; X+ }else{ X+ &email_quarantine_report; X+ } X+ ## X+ } else { X+ &qmail_parent_check; X+ &qmail_requeue($e_sender,$f_recips,$msg); X+ } X+ } X+} X+ X+sub sa_defaults { X+ $sa_subject=$sa_subject_site; X+ $sa_quarantine=$sa_quarantine_site; X+ $sa_delta=$sa_delta_site; X+ $sa_delete=$sa_delete_site; X+ $sa_reject=$sa_reject_site; X+ $sa_forward=$sa_forward_site; X+ $sa_fwd_verbose=$sa_fwd_verbose_site; X+ $sa_hdr_report=$sa_hdr_report_site; X+ $smaildir=$smaildir_site; X+} X+ X+sub settings_pd { X+ my ($match_hdr,$match_rcpt,$domain_settings)=@_; X+ my ($scanners_rcpt); X+ X+ ($scanners_rcpt,$sa_subject,$sa_quarantine,$sa_delta,$sa_delete,$sa_reject,$sa_forward,$sa_fwd_verbose,$sa_hdr_report,$smaildir)=split(/'/,$domain_settings); X+ $sa_subject="" if ($sa_subject eq "none"); X+ $smaildir=untaint($smaildir); # st: suggested by P-O Yliniemi X+ X+ &debug("s_p_d: $match_hdr match '$match_rcpt', settings '$sa_subject,$sa_quarantine,$sa_delta,$sa_delete,$sa_reject,$sa_forward,$sa_fwd_verbose,$sa_hdr_report,$smaildir'"); X+ X+ @scanner_array=split(/,/,$scanners_rcpt); X+ X+ &debug("s_p_d: $match_hdr match '$match_rcpt', scanners '$scanners_rcpt'"); X+ &minidebug("s_p_d: $match_hdr match '$match_rcpt', scanners '$scanners_rcpt'") if ($match_hdr !~ /m_rcpt/); X+} X+ X+sub settings_p_d { X+ my (%domain_settings,%seen,$scanners_array,$scanners_rcpt,$domain_settings); X+ X+ &debug("s_p_d: reading from $settings_per_domain.db"); X+ tie (%domain_settings,'DB_File',"$settings_per_domain.db",O_RDONLY, 0600, $DB_HASH) || &error_condition("cannot open $settings_per_domain.db - $!"); X+ X+ # Check if we have a match within the database X+ # Check order: X+ # 1) return-path X+ # 2) domain-return-path X+ # 3) for each recipient: recipient, domain-recipient X+ if ((exists $domain_settings{$returnpath}) && $QS_RELAYCLIENT) { X+ &settings_pd ("return-path",$returnpath,$domain_settings{$returnpath}); X+ } X+ elsif ((exists $domain_settings{$domain_returnpath}) && $QS_RELAYCLIENT) { X+ &settings_pd ("domain-return-path",$domain_returnpath,$domain_settings{$domain_returnpath}); X+ } X+ elsif ($one_recip && (exists $domain_settings{$one_recip})) { X+ &settings_pd ("rcpt",$one_recip,$domain_settings{$one_recip}); X+ } X+ elsif ($one_recip && (exists $domain_settings{$domain_one_recip})) { X+ &settings_pd ("domain_rcpt",$domain_one_recip,$domain_settings{$domain_one_recip}); X+ } X+ elsif (!$one_recip) { X+ &debug("s_p_d: we have multiple recipient, checking each of them"); X+ &minidebug("s_p_d: we have multiple recipient, checking each of them"); X+ my @mrecips=split(',',$recips); X+ my $mrcpt=''; X+ my $domain_mrcpt=''; X+ my %m_rcpt; X+ foreach $mrcpt(@mrecips) { X+ $mrcpt=tolower($mrcpt); X+ $domain_mrcpt=$mrcpt; X+ $domain_mrcpt=~ s/^(.*)\@(.*)$/$2/; X+ if (exists $domain_settings{$mrcpt}) { X+ &settings_pd ("m_rcpt",$mrcpt,$domain_settings{$mrcpt}); X+ } X+ elsif (exists $domain_settings{$domain_mrcpt}) { X+ &settings_pd ("domain-m_rcpt",$domain_mrcpt,$domain_settings{$domain_mrcpt}); X+ } else { X+ @scanner_array=@scanners_default; X+ &sa_defaults; X+ } X+ @scanner_array=&check_scanners(@scanner_array); X+ $scanners_rcpt=join(',',@scanner_array); X+ $domain_settings="$scanners_rcpt'$sa_subject'$sa_quarantine'$sa_delta'$sa_delete'$sa_reject'$sa_forward'$sa_fwd_verbose'$sa_hdr_report'$smaildir"; X+ $m_rcpt{$mrcpt}=$domain_settings; X+ } X+ untie %domain_settings; X+ while( ($one_recip,$scanners_array)=each %m_rcpt) { X+ &settings_pd ("rcpt",$one_recip,$scanners_array); X+ &start_scanners($env_returnpath,"T$one_recip\0\0","$scandir/$wmaildir/new/$file_id"); X+ # st: maybe I had to change this if I will ever do 'sa' per user config... X+ # if an user on a multiples recipients mail has a very low sa_delete... It could X+ # be rare, but it could be. What to do? X+ # If sa_hits doesn't exist, the mail has a virus marked to delete, X+ # but if the mail was rejected this check won't be reached... X+ last if ($del_message == 1); X+ } X+ return; X+ } else { X+ @scanner_array=@scanners_default; X+ &sa_defaults; X+ &debug("s_p_d: no match, default sa_settings '$sa_quarantine,$sa_delta,$sa_delete,$sa_reject,$sa_forward,$sa_fwd_verbose,$sa_hdr_report,$smaildir'"); X+ &debug("s_p_d: no match, falling to settings_default"); X+ &minidebug("s_p_d: no match, falling to settings_default"); X+ } X+ # if no multiples recipients X+ untie %domain_settings; X+ @scanner_array=&check_scanners(@scanner_array); X+ &start_scanners($env_returnpath,$env_recips,"$scandir/$wmaildir/new/$file_id"); X+} X+ X+sub generate_spd { X+ my ($line,$count,%domain_settings,$match_rcpt,$scanners_rcpt,@scanners_rcpt_array,%seen); X+ my ($domain_settings,$sa_subject_ignore); X+ X+ print "\n Generating $settings_per_domain.db\n\n"; X+ X+ unlink ("$settings_per_domain.db.tmp"); X+ tie (%domain_settings,'DB_File',"$settings_per_domain.db.tmp",O_CREAT|O_RDWR,0640,$DB_HASH) || &error_condition("cannot open for write $settings_per_domain.db.tmp - $!"); X+ X+ open(SPD, "<$settings_per_domain.txt") || &error_condition("cannot read $settings_per_domain.txt - $!"); X+ X+ while () { X+ $line++; X+ next if (/^\#|^\s.*$/); # Ignore lines starting with # or spaces X+ next if (!(/:/)); # Ignore lines doesn't contain a ':' X+ if (/\;|\!/) { X+ print "d_w: line $line contains an invalid char, SKIP\n"; X+ next; X+ } X+ chomp; X+ # sa_subject could has spaces ... (from P-O Yliniemi) X+ $sa_subject = (split(/'/,$_))[1]; X+ s/\s|\t//g; X+ ($match_rcpt,$domain_settings)=split(/:/,$_); X+ $match_rcpt=tolower("$match_rcpt"); X+ $domain_settings=tolower("$domain_settings"); X+ ($scanners_rcpt,$sa_subject_ignore,$sa_quarantine,$sa_delta,$sa_delete,$sa_reject,$sa_forward,$sa_fwd_verbose,$sa_hdr_report,$smaildir)=split(/'/,$domain_settings); X+ X+ if (exists $domain_settings{$match_rcpt}) { X+ print " d_w: duplicated value '$match_rcpt' at line $line, SKIP \n"; X+ next; X+ } X+ X+ $sa_subject=$sa_subject_site if (!$sa_subject); X+ $sa_quarantine=$sa_quarantine_site if (!$sa_quarantine && $sa_quarantine ne "0"); X+ $sa_delta=$sa_delta_site if (!$sa_delta && $sa_delta ne "0"); X+ $sa_delete=$sa_delete_site if (!$sa_delete && $sa_delete ne "0"); X+ $sa_reject=$sa_reject_site if (!$sa_reject && $sa_reject ne "0"); X+ $sa_forward=$sa_forward_site if (!$sa_forward); X+ $sa_fwd_verbose=$sa_fwd_verbose_site if (!$sa_fwd_verbose && $sa_fwd_verbose ne "0"); X+ $sa_hdr_report=$sa_hdr_report_site if (!$sa_hdr_report && $sa_hdr_report ne "0"); X+ $smaildir=$smaildir_site if (!$smaildir); X+ X+ # Control the values of sa_delete and sa_quarantine X+ if ($sa_delete && ($sa_quarantine>$sa_delete)) { X+ print " d_w: WARNING, sa_delete lower than sa_quarantine, for address '$match_rcpt' at line $line\n"; X+ print " resetting sa_delete to '0', spam could be quarantined, but not deleted for this address\n"; X+ $sa_delete='0'; X+ } X+ X+ # Let check if the scanner are really installed, X+ # change 'sa' and 'ps' for the correct name, and X+ # add _scanner to the AVs scanners X+ X+ @scanners_rcpt_array=split(/,/,$scanners_rcpt); X+ foreach (@scanners_rcpt_array) { X+ s/^sa$/spamassassin/; X+ s/^ps$/perlscan/; X+ s/^perlscanner$/perlscan/; X+ s/^(.*)$/$1_scanner/ if((!/spamassassin/) && (!/_scanner/) && (!/^none$/)); X+ } X+ X+ # Check if the scanners are installed X+ @scanners_rcpt_array=&check_scanners(@scanners_rcpt_array); X+ X+ $scanners_rcpt = join(',',@scanners_rcpt_array); X+ X+ # Check if at least we have one valid scanner X+ X+ if (@scanners_rcpt_array==0) { X+ print " d_w: There are no valid scanners for address '$match_rcpt' at line $line, SKIP\n"; X+ next; X+ } X+ $count++; X+ X+ $domain_settings="$scanners_rcpt'$sa_subject'$sa_quarantine'$sa_delta'$sa_delete'$sa_reject'$sa_forward'$sa_fwd_verbose'$sa_hdr_report'$smaildir"; X+ X+ $domain_settings{$match_rcpt}=$domain_settings; X+ } X+ close(SPD); X+ untie %domain_settings; X+ rename( "$settings_per_domain.db.tmp", "$settings_per_domain.db" ); X+ print "\n Read $line lines, got $count entries\n\n"; X+} X+ X+sub read_spd { X+ # st: display the database sorted by domains. X+ X+ my ($count,%domain_settings,$scanners_rcpt); X+ my (%sorted,$userpart,$domainpart,$last_domain); X+ $count=0; X+ X+ print "\n# Reading from $settings_per_domain.db\n#\n"; X+ print "# Read the documetation at:\n"; X+ print "# http://toribio.apollinare.org/qmail-scanner/settings_per_domain.html\n"; X+ X+ tie (%domain_settings,'DB_File',"$settings_per_domain.db",O_RDONLY, 0600, $DB_HASH) || &error_condition("cannot open for write $settings_per_domain.db - $!");; X+ X+ # st: let sort the match_rpt X+ foreach (keys %domain_settings) { X+ if ( $_ =~ /\@/) { X+ ($userpart,$domainpart) = split (/\@/,$_); X+ $sorted{"$domainpart.$userpart"} = $_; X+ } else { X+ $sorted{$_} = $_; X+ } X+ } X+ X+ foreach(sort keys %sorted) { X+ $count++; X+ ($userpart,$domainpart) = split (/\@/,$sorted{$_}); X+ if ( $sorted{$_} !~ /\@/ ) { X+ print "\n######### DOMAIN\t'$sorted{$_}'\n" ; X+ $last_domain=$domainpart=$sorted{$_}; X+ } X+ print "\n######### DOMAIN\t'$domainpart'\n" if ( $domainpart ne $last_domain ); X+ $last_domain=$domainpart; X+ ($scanners_rcpt,$sa_subject,$sa_quarantine,$sa_delta,$sa_delete,$sa_reject,$sa_forward,$sa_fwd_verbose,$sa_hdr_report,$smaildir)=split(/'/,$domain_settings{$sorted{$_}}); X+ print "\n## $count. Settings for\t'$sorted{$_}'\n"; X+ print "$sorted{$_} : $domain_settings{$sorted{$_}}\n\n"; X+ print "# scanners = $scanners_rcpt\n"; X+ print "# sa_subject = '$sa_subject'\n"; X+ print "# sa_quarantine = $sa_quarantine\tsa_delta = $sa_delta\n"; X+ print "# sa_delete = $sa_delete\tsa_reject = $sa_reject\n"; X+ print "# sa_forward = $sa_forward\tsa_fwd_verbose = $sa_fwd_verbose\n"; X+ print "# sa_hdr_report = $sa_hdr_report\tsmaildir = $smaildir\n"; X+ } X+ X+ print "\n\n######### WIDE SITE SETTINGS\n"; X+ print "# scanners_installed = @scanners_installed\n"; X+ print "# scanners_default = @scanners_default\n"; X+ print "# sa_subject_site = '$sa_subject_site'\n"; X+ print "# sa_quarantine_site = $sa_quarantine_site \tsa_delta_site = $sa_delta_site\n"; X+ print "# sa_delete_site = $sa_delete_site \tsa_reject_site = $sa_reject_site\n"; X+ print "# sa_forward_site = $sa_forward_site \tsa_fwd_verbose_site = $sa_fwd_verbose_site\n"; X+ print "# sa_hdr_report_site = $sa_hdr_report_site \tsmaildir_site = $smaildir_site\n"; X+ print "\n# Run '/var/qmail/bin/qmail-scanner-queue.pl -p' to generate the db\n"; X+ print "# If you have redirect the output of this command to settings_per_domain.txt\n"; X+ print "\n# d_w: total of $count entries found\n\n\n"; X+ X+ untie %domain_settings; X+} X+ X+ X+sub check_scanners { X+ # Check against the installed scanners X+ my @scanners_to_check=@_; X+ return @scanners_to_check if ($scanners_to_check[0] eq "none"); X+ my %seen=(); X+ foreach (@scanners_installed) { X+ $seen{$_}=1; X+ } X+ X+ @scanners_to_check=grep($seen{$_},@scanners_to_check); X+ return @scanners_to_check; X+} X+ X+sub untaint { X+ # st: suggested by P-O Yliniemi X+ my($var) = @_; X+ if ($var =~ /^(.*)$/) { X+ $var = $1; X+ } X+ return $var; X+} X+ X+################################################# X+# END of subroutines added by ST X+################################################# X+ END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-patch-st.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-ravlin.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-ravlin.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-ravlin.pl' X--- sub-ravlin.pl.orig Mon Sep 29 07:17:22 2003 X+++ sub-ravlin.pl Tue Jun 20 07:56:14 2006 X@@ -21,18 +21,22 @@ X if ($DD =~ ?$scandir.* Infected: (.*)$?m) { X $quarantine_description=$1; X &debug("ravlin_scanner: There be a virus! ($quarantine_description)"); X+ &minidebug("ravlin_scanner: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="RAV:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---ravlin results ---\n$DD"; X } else { X &debug("ravlin_scanner: Whoops! Found a virus - but no description!"); X+ &minidebug("ravlin_scanner: Whoops! Found a virus - but no description!"); X &error_condition("unknown Ravlin scanner virus found but not described - exit status $ravlin_status"); X } X } else { X &debug("ravlin_scanner: Whoops! Something went wrong - requeue"); X+ &minidebug("ravlin_scanner: Whoops! Something went wrong - requeue"); X &error_condition("corrupt or unknown Ravlin scanner error or memory/resource/perms problem - exit status $ravlin_status"); X } X $stop_ravlin_time=[gettimeofday]; X $ravlin_time = tv_interval ($start_ravlin_time, $stop_ravlin_time); X &debug("ravlin_scanner: finished scan of dir \"$ENV{'TMPDIR'}\" in $ravlin_time secs"); X+ &minidebug("ravlin_scanner: finished scan in $ravlin_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-ravlin.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-sophie.template sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-sophie.template << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-sophie.template' X--- sub-sophie.template.orig Tue Jan 31 16:05:30 2006 X+++ sub-sophie.template Tue Jun 20 07:56:14 2006 X@@ -13,6 +13,7 @@ X X if(!(socket(\*ssock, AF_UNIX, SOCK_STREAM, 0))) { X &debug("Couldn\'t create sophie socket SSOCKET \($!\)\n"); X+ &minidebug("Couldn\'t create sophie socket SSOCKET \($!\)\n"); X &error_condition("Couldn\'t create sophie socket SSOCKET \($!\)\n"); X } X X@@ -21,6 +22,7 @@ X sleep(5); X if(!(connect(\*ssock, pack_sockaddr_un "SSOCKET"))) { X &debug("Couldn\'t connect\(\) to the sophie socket SSOCKET \($!\)\n"); X+ &minidebug("Couldn\'t connect\(\) to the sophie socket SSOCKET \($!\)\n"); X &error_condition("Couldn\'t connect\(\) to the sophie socket SSOCKET \($!\)\n"); X } X } X@@ -41,6 +43,7 @@ X } X X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("sophie: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="SOPHIE:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---sophie results ---\n"; X@@ -54,4 +57,5 @@ X $stop_sophie_time=[gettimeofday]; X $sophie_time = tv_interval ($start_sophie_time, $stop_sophie_time); X &debug("sophie: finished scan of dir \"$ENV{'TMPDIR'}\" in $sophie_time secs"); X+ &minidebug("sophie: finished scan in $sophie_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-sophie.template echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-spamassassin.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-spamassassin.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-spamassassin.pl' X--- sub-spamassassin.pl.orig Wed Jan 25 10:42:43 2006 X+++ sub-spamassassin.pl Tue Jun 20 07:56:14 2006 X@@ -1,37 +1,51 @@ X+ X sub spamassassin { X- #Don't bother if this is going to be quarantined X- return if ($quarantine_event); X+ my($scanned)=@_ ; X+ X+ $scanned='0' if ( $scanned != 1 ); X X #Only run SA if mail is from a "remote" SMTP client, or QS_SPAMASSASSIN X #is defined via tcpserver... X- if ($QS_RELAYCLIENT && !$ENV{'QS_SPAMASSASSIN'}) { X+ if ($QS_RELAYCLIENT && !defined($ENV{'QS_SPAMASSASSIN'})) { X &debug("spamassassin: don't scan as RELAYCLIENT implies this was sent by a local user"); X+ &minidebug("SA: don't scan as RELAYCLIENT implies this was sent by a local user") if (!$scanned); X return; X } X+ if ( $SA_SKIP_MD ne "0" && $returnpath eq "" && $headers{'from'} =~ /mailer-daemon|postmaster|bounce/i ) { X+ &debug("SA: skipping message from MAILER-DAEMON"); X+ &minidebug("SA: skipping message from MAILER-DAEMON") if (!$scanned); X+ return; X+ } X+ X #SpamAssassin client scanner X- my ($spamassassin_found,$spamassassin_status); X+ #my ($spamassassin_found,$spamassassin_status); X+ my ($spamassassin_status); X my ($start_spamassassin_time)=[gettimeofday]; X- my ($sa_tag,$DD,$stop_spamassassin_time,$spamassassin_time,$cmdline_recip,$sa_fast); X+ my ($sa_tag,$DD,$stop_spamassassin_time,$spamassassin_time,$cmdline_recip,$spamc_options); X my ($sa_status)=0; X my ($sa_score)=0; my ($sa_required_hits)=0; X- X- $sa_fast=1 if ($spamc_options =~ / \-c /); X+ ($sa_comment,$sa_level)=('',''); X X if ($msg_size > 250000) { X &debug("spamassassin: message too big - skip it"); X- $sa_score=$sa_required_hits="?"; X- $tag_score .= "SA:0($sa_score/$sa_required_hits):"; X- $sa_comment = "No, score=$sa_score required=$sa_required_hits" if ($sa_fast); X+ &minidebug("SA: message too big ($msg_size) - skip it"); X+ $sa_score=$required_hits="?"; X+ $tag_sa_score = "SA:0($sa_score/$required_hits):"; X+ $sa_comment = "No, hits=$sa_score required=$required_hits"; X return; X } X X- #Cleanup $one_recip so it's usable from the commandline... X- #any char that isn't supported to changed into an '_' X- ($cmdline_recip=$one_recip)=~s/[^0-9a-z\.\_\-\=\+\@]/_/gi; X- $cmdline_recip=~/^([0-9a-z\.\_\-\=\+\@]+)$/i; X- $cmdline_recip=tolower($1); X+ $spamc_options=' -c ' if ($sa_fast); X+ X+ if ($sa_sql) { X+ #Cleanup $one_recip so it's usable from the commandline... X+ #any char that isn't supported to changed into an '_' X+ ($cmdline_recip=$one_recip)=~s/[^0-9a-z\.\_\-\=\+\@]/_/gi; X+ $cmdline_recip=~/^([0-9a-z\.\_\-\=\+\@]+)$/i; X+ $cmdline_recip=tolower($1); X+ $spamc_options="$spamc_options -u \"$cmdline_recip\"" if ($cmdline_recip ne ""); X+ } X X- $spamc_options="$spamc_options -u \"$cmdline_recip\"" if ($cmdline_recip ne ""); X &debug("SA: run $spamc_binary $spamc_options < $scandir/$wmaildir/new/$file_id"); X open(SIN,"<$scandir/$wmaildir/new/$file_id")||&error_condition("cannot open $scandir/$wmaildir/new/$file_id - $!"); X open(SOUT,"|$spamc_binary $spamc_options > $scandir/$wmaildir/new/$file_id.spamc")||&error_condition("cannot open for write $scandir/$wmaildir/new/$file_id.spamc - $!"); X@@ -48,60 +62,241 @@ X while () { X if ($sa_fast) { X chomp; X- ($sa_score,$sa_required_hits)=split(/\//,$_,2); X+ ($sa_score,$required_hits)=split(/\//,$_,2); X $sa_tag++; X last; X } else { X #X-Spam-Status: No, score=2.8 required=5.0 X if (/^X-Spam-Status: (Yes|No), (hits|score)=(-?[\d\.]*) required=([\d\.]*)/) { X- $sa_tag++; X- $sa_status=1 if ($1 eq "Yes"); X- $sa_score=$3;$sa_required_hits=$4; X+ $sa_tag++; X+ $sa_status=1 if ($1 eq "Yes"); X+ $sa_score=$3;$required_hits=$4; X } X } X } X close SA ; X X- $sa_score='?' if (!$sa_score); X- $sa_required_hits='?' if (!$sa_required_hits); X- X if (!$sa_fast && -s "$scandir/$wmaildir/new/$file_id.spamc" && $spamassassin_status == 0) { X &debug("SA: overwriting $scandir/$wmaildir/new/$file_id with $scandir/$wmaildir/new/$file_id.spamc"); X rename ("$scandir/$wmaildir/new/$file_id.spamc","$scandir/$wmaildir/new/$file_id"); X } else { X unlink("$scandir/$wmaildir/new/$file_id.spamc"); X } X- if ($sa_required_hits > $sa_score || ($sa_score == 0)) { X- $tag_score .= "SA:0($sa_score/$sa_required_hits):"; X- $sa_comment = "No, score=$sa_score required=$sa_required_hits" if ($sa_fast); X+ X+ # st: new routine to avoid duplicate code, so a shorter code... X+ &check_sa_score($sa_score,$start_spamassassin_time,$scanned); X+} X+ X+################################################# X+# Spamassassin subroutine added by ST X+################################################# X+ X+sub spamassassin_alt { X+ # st: Alternative routine for spamassassin, lighter and can logs the report... X+ my($scanned)=@_ ; X+ X+ $scanned='0' if ( $scanned != 1 ); X+ X+ #Only run SA if mail is from a "remote" SMTP client, or QS_SPAMASSASSIN X+ #is defined via tcpserver... X+ if ($QS_RELAYCLIENT && !defined($ENV{'QS_SPAMASSASSIN'})) { X+ &debug("spamassassin: don't scan as RELAYCLIENT implies this was sent by a local user"); X+ &minidebug("SA: don't scan as RELAYCLIENT implies this was sent by a local user") if (!$scanned); X+ return; X+ } X+ if ( $SA_SKIP_MD ne "0" && $returnpath eq "" && $headers{'from'} =~ /mailer-daemon|postmaster|bounce/i ) { X+ &debug("SA: skipping message from MAILER-DAEMON"); X+ &minidebug("SA: skipping message from MAILER-DAEMON") if (!$scanned); X+ return; X+ } X+ X+ #SpamAssassin client scanner X+ my ($start_spamassassin_time)=[gettimeofday]; X+ my ($spamc_options,$sa_tag,$spamassassin_status,$sa_score,$stop_spamassassin_time,$spamassassin_time); X+ my ($sa_status)=0; X+ ($sa_score,$required_hits)=('0','0'); X+ ($sa_comment,$sa_level)=('',''); X+ $sa_report=''; X+ $sa_fast=1; X+ X+ if ($msg_size > 250000) { X+ &debug("spamassassin: message too big - skip it"); X+ &minidebug("SA: message too big - skip it"); X+ $sa_score=$required_hits="?"; X+ $tag_sa_score = "SA:0($sa_score/$required_hits):"; X+ $sa_comment = "No, hits=$sa_score required=$required_hits"; X+ return; X+ } X+ X+ if ( $sa_debug eq "1" ) { X+ $spamc_options=" -R "; X } else { X- $tag_score .= "SA:1($sa_score/$sa_required_hits):"; X- $sa_comment = "Yes, score=$sa_score required=$sa_required_hits" if ($sa_fast); X- &debug("SA: yup, this smells like SPAM (score=$sa_score required=$sa_required_hits)"); X- } X+ $spamc_options=" -c "; X+ } X+ X+ if ($sa_sql) { X+ my ($cmdline_recip); X+ ($cmdline_recip=$one_recip)=~s/[^0-9a-z\.\_\-\=\+\@]/_/gi; X+ $cmdline_recip=~/^([0-9a-z\.\_\-\=\+\@]+)$/i; X+ $cmdline_recip=tolower($1); X+ $spamc_options="$spamc_options -u \"$cmdline_recip\"" if ($cmdline_recip ne ""); X+ } X+ X+ open(SA,"$spamc_binary $spamc_options < $scandir/$wmaildir/new/$file_id|")||&error_condition("cannot run $spamc_binary < $scandir/$wmaildir/new/$file_id - $!"); X+ while () { X+ if (!$sa_tag) { X+ chomp; X+ ($sa_score,$required_hits)=split(/\//,$_,2); X+ # Clean some invalid returns from SA v.2.5x X+ $required_hits =~ s/\r//g; X+ chomp $required_hits; X+ $sa_tag=1; X+ next; X+ } X+ X+ if ( $sa_tag<2 ) { X+ $sa_tag=2 if (/^---- ---------------------- --------------------------------------------------$/); X+ next; X+ } X+ X+ $sa_report .= " $_" if ( !/^$/ || !/^\s$/ ); X+ } X+ X+ # Clean some invalid returns from SA v.2.5x X+ $sa_report =~ s/\r/\n/g; X+ chomp $sa_report; X+ $sa_report = '' if ($sa_report =~ /\n\n/ ); X+ X+ $spamassassin_status=($? >> 8); X+ $sa_status=$spamassassin_status if ($sa_fast); X+ X+ close SA ; X+ X+ # st: new routine to avoid duplicate code, so a shorter code... X+ &check_sa_score($sa_score,$start_spamassassin_time,$scanned); X+} X+ X+sub check_sa_score { X+ my ($sa_score,$start_spamassassin_time,$scanned)=@_ ; X+ my ($stop_spamassassin_time,$spamassassin_time); X+ X+ $sa_score='?' if (!$sa_score); X+ $required_hits='?' if (!$required_hits); X+ $sa_hits=$sa_score; X+ X+ &debug("SA: REPORT hits = $sa_score/$required_hits\n$sa_report") if ( $sa_debug && $sa_report ); X+ &minidebug("SA: REPORT hits = $sa_score/$required_hits\n$sa_report") if ( $sa_debug && $sa_report && !$scanned); X+ X+ # st: what about SA sql per user, could be differents $required_hits... X+ if ($required_hits > $sa_score || ($sa_score == 0) || ($sa_score eq "\?")) { X+ $tag_sa_score = "SA:0($sa_score/$required_hits):"; X+ $sa_comment = "No, hits=$sa_score required=$required_hits"; X+ } else { X+ $tag_sa_score = "SA:1($sa_score/$required_hits):"; X+ $sa_comment = "Yes, hits=$sa_score required=$required_hits" if ($sa_fast); X+ X+ # If sa_quarantine/sa_delete are set, then compare them to the current score and X+ # quarantine/delete it if necessary, X+ # otherwise tag the message as spam. X+ X+ # Control the values of sa_delete and sa_quarantine X+ if ($sa_delete && ($sa_quarantine>$sa_delete)) { X+ &debug("SA: WARNING, sa_delete is lower than sa_quarantine, spam could be quarantined, but not deleted"); X+ &minidebug("SA: WARNING, sa_delete is lower than sa_quarantine, spam could be quarantined, but not deleted"); X+ $sa_delete='0'; X+ } X+ X+ my $sa_threshold='0'; X+ X+ if ( $sa_delete && (($sa_delete+$required_hits)<$sa_score)) { X+ $sa_threshold=$sa_delete+$required_hits; X+ if ( $sa_reject && (($sa_delete_site+$required_hits)<$sa_score || $one_recip eq $recips )) { X+ &log_sa_action($scanned,$sa_threshold,"rejected"); X+ $stop_spamassassin_time=[gettimeofday]; X+ $spamassassin_time = tv_interval ($start_spamassassin_time, $stop_spamassassin_time); X+ &debug("SA: finished scan of dir \"$ENV{'TMPDIR'}\" in $spamassassin_time secs"); X+ &minidebug("SA: finished scan in $spamassassin_time secs - hits=$sa_score/$required_hits"); X+ &reject_email("We have reasons to believe this mail is SPAM",31); X+ } else { X+ # st: mark the message to delete it, if it isn't already marked as virus to delete X+ # actually it is not possible that a marke message reach this point. I think.. X+ $del_message='2' if ($del_message ne "1"); X+ # st: maybe these three lines are useful for those who wants the 'log_details'... X+ # But if the message is rejected nothing remains X+ $destring="SPAM"; X+ $quarantine_description="SPAM exceeds \"delete\" threshold - hits=$sa_score/$required_hits"; X+ $quarantine_event="SA:SPAM-DELETED"; X+ &log_sa_action($scanned,$sa_threshold,"deleted"); X+ $description .= "\n---spamassassin results ---\n$destring '$quarantine_description'\n found in message $ENV{'TMPDIR'}"; X+ } X+ } else { X+ if ( $sa_quarantine && (($sa_quarantine+$required_hits)<$sa_score)) { X+ $sa_threshold=$sa_quarantine+$required_hits; X+ $destring="SPAM"; X+ $quarantine_description="SPAM exceeds \"quarantine\" threshold - hits=$sa_score/$required_hits"; X+ $quarantine_event="SA:SPAM-QUARANTINED"; X+ $quarantine_spam="SA:SPAM-QUARANTINED"; X+ &log_sa_action($scanned,$sa_threshold,"quarantined"); X+ $description .= "\n---spamassassin results ---\n$destring '$quarantine_description'\n found in message $ENV{'TMPDIR'}"; X+ } else { X+ #st: if $spamc_subject and $sa_delta are set, add in the subject the spam-level X+ if ($sa_subject ne "" && $sa_delta) { X+ if ($sa_score < ($required_hits+$sa_delta)) { X+ $sa_subject .= " LOW * "; X+ } elsif ($sa_score > ($required_hits+(2 * $sa_delta))) { X+ $sa_subject .= " HIGH * "; X+ } else { X+ $sa_subject .= " MEDIUM * "; X+ } X+ } X+ &log_sa_action($scanned,$required_hits,"tagged"); X+ } X+ } X+ } X+ X if ($sa_score > 0) { X- my ($sa_clean_score)=int($sa_score); X+ $sa_score=int($sa_score); X #Keep it RFC compliant X- $sa_clean_score=100 if ($sa_clean_score > 100); X+ $sa_score=100 if ($sa_score > 100); X my $si=0; X- if ($sa_fast) { X- while ($si < $sa_clean_score) { X- $si++; X- $sa_level .= $sa_symbol; X+ $sa_level=''; X+ if ($sa_fast || $sa_alt) { X+ while ($si < $sa_score) { X+ $si++; X+ $sa_level .= $sa_symbol; X } X } X } X- if ($sa_quarantine_over > 0 && ($sa_score - $sa_required_hits) >= $sa_quarantine_over) { X- &debug("SA: seriously spammy - quarantine and don't deliver"); X- $destring="SPAM"; X- $quarantine_description="SPAM content refused by this network ($sa_score/$sa_required_hits)"; X- $quarantine_spam="SA:SPAM-QUARANTINED"; X- $description .= "\n---spamassassin results ---\n$destring '$quarantine_description'\n ($sa_comment) found in message $ENV{'TMPDIR'}"; X X+ &debug("SA: required_hits $required_hits / sa_quarantine +$sa_quarantine / sa_delete +$sa_delete") if ($sa_quarantine || $sa_delete); X+ X+ if ($start_spamassassin_time) { X+ $stop_spamassassin_time=[gettimeofday]; X+ $spamassassin_time = tv_interval ($start_spamassassin_time, $stop_spamassassin_time); X+ X+ if ($scanned) { X+ &debug("SA: finished scan for $one_recip in $spamassassin_time secs - hits=$sa_hits/$required_hits"); X+ &minidebug("SA: finished scan for $one_recip in $spamassassin_time secs - hits=$sa_hits/$required_hits"); X+ } else { X+ &debug("SA: finished scan of dir \"$ENV{'TMPDIR'}\" in $spamassassin_time secs - hits=$sa_hits/$required_hits"); X+ &minidebug("SA: finished scan in $spamassassin_time secs - hits=$sa_hits/$required_hits"); X+ } X+ } X+} X+ X+sub log_sa_action { X+ # st: maybe I will need this routine for multiples recipients X+ my ($scanned,$sa_threshold,$sa_action)=@_; X+ if ( $scanned && $sa_action ne "rejected" ) { X+ &debug("SA: yup, this smells like SPAM - hits=$sa_hits/$required_hits/$sa_threshold - message $sa_action for $one_recip"); X+ &minidebug("SA: yup, this smells like SPAM - hits=$sa_hits/$required_hits/$sa_threshold - message $sa_action for $one_recip"); X+ } else { X+ &debug("SA: yup, this smells like SPAM - hits=$sa_hits/$required_hits/$sa_threshold - message $sa_action ..."); X+ &minidebug("SA: yup, this smells like SPAM - hits=$sa_hits/$required_hits/$sa_threshold - message $sa_action ..."); X } X- $stop_spamassassin_time=[gettimeofday]; X- $spamassassin_time = tv_interval ($start_spamassassin_time, $stop_spamassassin_time); X- &debug("spamassassin: finished scan of dir \"$ENV{'TMPDIR'}\" in $spamassassin_time secs"); X } X X+################################################# X+# END of Spamassassin subroutines added by ST X+################################################# X END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-spamassassin.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-sweep.template sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-sweep.template << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-sweep.template' X--- sub-sweep.template.orig Tue Apr 20 10:55:13 2004 X+++ sub-sweep.template Tue Jun 20 07:56:14 2006 X@@ -21,6 +21,7 @@ X $quarantine_description=$2; X } X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("sweep: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="SWEEP:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---sweep results ---\n$DD"; X@@ -38,4 +39,5 @@ X $stop_sweep_time=[gettimeofday]; X $sweep_time = tv_interval ($start_sweep_time, $stop_sweep_time); X &debug("sweep: finished scan of dir \"$ENV{'TMPDIR'}\" in $sweep_time secs"); X+ &minidebug("sweep: finished scan in $sweep_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-sweep.template echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-trophie.template sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-trophie.template << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-trophie.template' X--- sub-trophie.template.orig Tue May 4 08:22:15 2004 X+++ sub-trophie.template Tue Jun 20 07:56:14 2006 X@@ -10,6 +10,7 @@ X X if(!(socket(\*tsock, AF_UNIX, SOCK_STREAM, 0))) { X &debug("Couldn\'t create trophie socket TSOCKET \($!\)\n"); X+ &minidebug("Couldn\'t create trophie socket TSOCKET \($!\)\n"); X &error_condition("Couldn\'t create trophie socket TSOCKET \($!\)\n"); X } X X@@ -18,6 +19,7 @@ X sleep(5); X if(!(connect(\*tsock, pack_sockaddr_un "TSOCKET"))) { X &debug("Couldn\'t connect\(\) to the trophie socket TSOCKET \($!\)\n"); X+ &minidebug("Couldn\'t connect\(\) to the trophie socket TSOCKET \($!\)\n"); X &error_condition("Couldn\'t connect\(\) to the trophie socket TSOCKET \($!\)\n"); X } X } X@@ -38,6 +40,7 @@ X } X X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("trophie: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="TROPHIE:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---trophie results ---\n"; X@@ -51,4 +54,5 @@ X $stop_trophie_time=[gettimeofday]; X $trophie_time = tv_interval ($start_trophie_time, $stop_trophie_time); X &debug("trophie: finished scan of dir \"$ENV{'TMPDIR'}\" in $trophie_time secs"); X+ &minidebug("trophie: finished scan in $trophie_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-trophie.template echo x - /usr/ports/mail/qmail-scanner2/files/patch-sub-uvscan.pl sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-sub-uvscan.pl << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-uvscan.pl' X--- sub-uvscan.pl.orig Fri Jan 28 17:46:16 2005 X+++ sub-uvscan.pl Tue Jun 20 07:56:14 2006 X@@ -15,6 +15,7 @@ X if ($DD =~ /^\s+Found(.*)$/m) { X $quarantine_description=$1; X &debug("There be a virus! ($quarantine_description)"); X+ &minidebug("uvscan: there be a virus! ($quarantine_description)"); X ($quarantine_event=$quarantine_description)=~s/\s/_/g; X $quarantine_event="UVSCAN:".substr($quarantine_event,0,$QE_LEN); X $description .= "\n---uvscan results ---\n$DD"; X@@ -34,4 +35,5 @@ X $stop_uvscan_time=[gettimeofday]; X $uvscan_time = tv_interval ($start_uvscan_time, $stop_uvscan_time); X &debug("uvscan: finished scan of dir \"$ENV{'TMPDIR'}\" in $uvscan_time secs"); X+ &minidebug("uvscan: finished scan in $uvscan_time secs"); X } END-of-/usr/ports/mail/qmail-scanner2/files/patch-sub-uvscan.pl echo x - /usr/ports/mail/qmail-scanner2/files/patch-aab.js sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-aab.js << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-aab.js' X--- aab.js.orig Tue Jun 20 07:56:13 2006 X+++ aab.js Tue Jun 20 07:56:13 2006 X@@ -0,0 +1,8 @@ X+// JavaScript Document. X+ function mailaddr (name,dom1,dom2) { X+ // Anti-spam address builder; X+ // From an idea of Steve Linford, by Salvatore Toribio; X+ document.write ("" + name + "@" + dom1 + "." + dom2 + ""); X+ } X+ //--> END-of-/usr/ports/mail/qmail-scanner2/files/patch-aab.js echo x - /usr/ports/mail/qmail-scanner2/files/patch-qmail-scanner-queue.template sed 's/^X//' >/usr/ports/mail/qmail-scanner2/files/patch-qmail-scanner-queue.template << 'END-of-/usr/ports/mail/qmail-scanner2/files/patch-qmail-scanner-queue.template' X--- qmail-scanner-queue.template.orig Tue Apr 4 09:00:17 2006 X+++ qmail-scanner-queue.template Mon Jun 26 10:11:08 2006 X@@ -1,9 +1,16 @@ X #!SUIDPERL -T X # X # File: qmail-scanner-queue.pl X-# Version: 2.01 X+# Version: JH_VERSION - st - patch - ST_VERSION X # X-# Author: Jason L. Haar X+# Author: Jason L. Haar X+# X+# Patch by: Salvatore Toribio X+# X+# See the file README-st-patch for information about the patch X+# This version deletes/rejects spam based in Chris Hine's patch for v1.16 X+# X+# Each user could has his own scanners and sa_settings. X # X # This file was auto-generated by: X # X@@ -14,7 +21,7 @@ X # SMTP-received Email message, checking for viruses and blocked filenames, X # only allowing the message to continue if it passes the tests. X # X-# Copyright (C) 1999,2000,2001 the people mentioned above X+# Copyright (C) 1999,2000,2001-2006 the people mentioned above X # X # This program is free software; you can redistribute it and/or modify X # it under the terms of the GNU General Public License as published by X@@ -81,12 +88,14 @@ X setlogsock('unix'); X X my $VERSION="2.01"; X+my $st_version="20060423"; X+$VERSION.='st'; X X #Mail header to add to each scanned message to report stuff in... X #Default is to not generate them ($descriptive_hdrs = 0) - as that X #info is also in the Received: headers... X my $descriptive_hdrs=DESCRIPTIVE_HEADERS; X-my $V_HEADER="X-Qmail-Scanner"; X+my $V_HEADER="DESCR_HEADERS_TEXT"; X my($qsmsgid); X $qsmsgid=tolower("$V_HEADER-message-id"); X X@@ -106,9 +115,12 @@ X # Array of virus that we don't want to inform the sender of. X my @silent_viruses_array=(SILENT_VIRUSES_ARRAY); X X- X-#Array of virus scanners used must point to subroutines X-my @scanner_array=(SCANNER_ARRAY); X+# st: Virus that will be deleted without notifying anyone, X+# you can add other viruses in the form "virus1|virus2|virus3". X+# Most of the viruses in the 'silent_viruses_array' could be X+# added to this list safely. X+# i.e. "mydoom|worm.sco|novarg|tanx|bagle|netsky|somefool|roca|agobot|dumaru|sober|lovgate|klez|rox|zafi|(PIF|SCR|CPL) files|mybot|mabutu" X+my $virus_to_delete="VIRUS_TO_DELETE"; X X #Array of virtual headers used within perlscanner X my @virtualheaders_array=("MAILFROM","RCPTTO","REMOTEIPADDR","ZIPPASSWORDPROTECTED","ISSENSITIVEANDNOCRYPTO","CRYPTODETAILS","FILELENGTHTOOLONG","FILEDOUBLEBARRELED","FILECLSID"); X@@ -149,7 +161,8 @@ X X #What maildir folder to store high-scoring SPAM in (instead of passing it on) X #NOTE: this only gets used if SA_QUARANTINE set X-my $smaildir='spam'; X+# st: see below '$smaildir_site' X+#my $smaildir='spam'; X X #What maildir folder to archive received Email in instead of deleting X my $archiveit='ARCHIVEIT'; X@@ -185,6 +198,130 @@ X #bypass all AV/Spam scanning - but still do perlscan checks X my $SKIP_SCANNING=0; X X+# st: If $sa_subject is defined and fast_spamassassin mode is selected, X+# a tag will be added to the subject indicating how the message is to X+# be considered as spam, in this way: X+# LOW: required_hits < score < required_hits + sa_delta X+# MEDIUM: required_hits + sa_delta < score < required_hits + 2 * sa_delta X+# HIGH: required_hits + 2 * sa_delta < score X+# Be aware, 2*sa_delta must be lower than sa_quarantine. X+# 'required_hits' is the value set in the SpamAssassin configuration file. X+my $sa_delta_site='SA_DELTA'; X+ X+# st: Spam messages with a score higher than X+# (required_hits + sa_quarantine) should be quarantined. X+# Only relevant if SpamAssassin is used. X+# Score of 0 means deliver all messages. Defaults to 0. X+my $sa_quarantine_site='SA_QUARANTINE'; X+ X+# st: Some people wants to quarantine spam in a different X+# maildir folder than viruses, maybe to run sa-learn. X+# The default is: X+# my $smaildir_site='SPAM_MAILDIR'; X+# You can set it per user/domain in the file 'settings_per_domain.txt' X+# WARNING: if $smaildir it is not in the same 'file system' (partition) X+# than $wmaildir, you have to change the routine 'sub email_quarantine_report' X+# you will find the code commented in that routine. X+# (in the official version 2.00 this setting has been added) X+my $smaildir_site='SPAM_MAILDIR'; X+ X+# st: address to send a copy of the mails 'quarantined' X+# as spam for admin puropose (I thought), almost unmodifyed. X+# Enable $sa_fwd_verbose if you want the X-Spam headers in X+# the forwarded message. X+my $sa_forward_site='SA_FORWARD'; X+my $sa_fwd_verbose_site='SA_FWD_VERBOSE'; X+ X+# st: Spam messages with a score higher than X+# (required_hits + sa_delete) should be deleted (or rejected). X+# Only relevant if SpamAssassin is used. Score of 0 X+# means deliver all messages. Defaults to 0. X+# If sa-quarantine is set, sa-delete must be greater. X+my $sa_delete_site='SA_DELETE'; X+ X+# st: If you enable sa-reject and sa-delete is properly set, X+# messages with a score higher than (required_hits + sa_delete) X+# will be rejected before the smtp session is closed. X+# Otherwise they are just dropped silently. (1/0) X+my $sa_reject_site='SA_REJECT'; X+ X+# st: Use the alternative subroutine for spamassassin, it runs X+# ALWAYS in *fast_spamassassin* mode and doesn't pass the '-u' option X+# to spamc. So if you want to run in *verbose_spamassasin* mode or you X+# want to use the sql per user preferences for spamassassin, you have X+# to disable this option and run the standard spamassassin routine. X+# It also allows to log the spamassassin report. (1/0) X+my $sa_alt='SA_ALT'; X+ X+# st: If sa_alt is enabled an you enable this option, you will X+# have a beautiful log with the tests and the scores of X+# spamassassin in the file qmail-queue.log, and you X+# can add the X-Spam-Report header enabling the X+# option below. (1/0) X+my $sa_debug='SA_DEBUG'; X+ X+# st: If sa_alt and sa_debug are enabled, *qmail-scanner* will X+# add the X-Spam-Report header to the messages if you X+# enable this option. (1/0) X+my $sa_hdr_report_site='SA_HDR_REPORT'; X+ X+# st: Enable this option to do not pass to spamassassin messages X+# from MAILER-DAEMON, see READMEpatched for details. (1/0) X+my $SA_SKIP_MD='0'; X+ X+############################################## X+# st: SETTINGS PER DOMAIN X+############################################## X+ X+# st: Enable or diasable scanner per domain (1/0) X+my $settings_pd='SETTINGS_P_D'; X+ X+# Array of virus scanners used must point to subroutines X+my @scanner_array=(); X+ X+# st: @scanners_installed is the array with all scanners installed X+# in the computer, if you disable $settings_pd qmail-scanner will fall to X+# this array. Don't modify it unless you really know what you do. X+my @scanners_installed=(SCANNER_ARRAY"perlscan_scanner"); X+ X+# st: @scanners_default if $settings_pd is enabled qmail-scanner will X+# use this array for the users/domains that don't have a custom X+# scanner_array set in the $settings_per_domain.txt file. X+# You can set it to "none" to skip all the scanners, even perlscan. X+# If you want to skip the scanners only for a particular user/domain X+# set his scanners list to "none" in the $settings_per_domain.txt file. X+my @scanners_default=(SCANNER_ARRAY"perlscan_scanner"); X+ X+# st: DB file (without extension) where per domain/user scanners X+# are saved, edit $settings_per_domain.txt and run X+# "qmail-scanner-queue.pl -p" to generate $settings_per_domain.db X+my $settings_per_domain="$scandir/settings_per_domain"; X+ X+# st: if spamassassin has sql user settings, then run spamassassin X+# per each recipient. Again verbose_spamassassin is a pain, so sa_alt will X+# be run after the first recipient. (1/0) X+my $sa_sql='SA_SQL'; X+ X+# The following variable MUST NOT be modified, qmail-scanner will set X+# them by its own for each recipient. X+my $domain_returnpath=''; X+my $domain_one_recip=''; X+my $sa_rcpt='0'; X+my (%found_event); X+# X+my $sa_subject=''; X+my $sa_quarantine=''; X+my $sa_delta=''; X+my $sa_delete=''; X+my $sa_reject=''; X+my $sa_forward=''; X+my $sa_fwd_verbose=''; X+my $sa_hdr_report=''; X+my $smaildir=''; X+ X+ X+############################################## X+ X #Full path to file in which virus-scanner versioning info is kept X my $versionfile="$logdir/qmail-scanner-queue-version.txt"; X X@@ -192,8 +329,10 @@ X # You edit $db_filename.txt, and "qmail-scanner-queue.pl -g" generates $db_filename.db X my $db_filename="$configdir/quarantine-events"; X X-my $MAX_NUM_UNPACKED_FILES=10000; #10,000 is stupidly high. This rule exists but is never X- #expected to trigger normally X+# st: configurable in st-patch X+# This rule exists but is never X+# expected to trigger normally (defaults 10,000, is stupidly high). X+my $MAX_NUM_UNPACKED_FILES='MAX_UNPACKED_FILES'; X X #What locale is used on this system X #$sys_locale="LOCALE"; X@@ -236,14 +375,27 @@ X my $clamscan_options="-r -m --unzip --unrar --unzoo --lha --disable-summary --max-recursion=10 --max-space=100000"; X my $clamdscan_binary='CLAMDSCAN'; X my $clamdscan_options="--no-summary"; X+ X+# st: I have returned to my own way to set the SPAMD_SOCKET (1.25st) X my $spamc_binary='SPAMC_BINARY'; X-my $spamc_options='SPAMC_OPTIONS'; X-my $spamc_subject='SPAMC_SUBJECT'; X-my $spamassassin_binary='SPAMASSASSIN_BINARY'; X-my $sa_quarantine_over='SA_QUARANTINE'; X+ X+# st: whether or not to run spamassassin in fast or verbose mod X+# remember that the routine sa_alt always set sa_fast to 1, by her own. X+# Please run in fast mode, you can break the verbose mode with your personal X+# local.cf, so better run in fast mode (If you like SA REPORT read the docs). X+#my $spamc_options='SPAMC_OPTIONS'; X+my $sa_fast='SA_FAST'; X+ X+my $sa_subject_site="SPAMC_SUBJECT"; # st: if fast_spamassassin mode is selected X+my $spamassassin_binary='SPAMASSASSIN_BINARY SA_HN'; X+ X+# st: If somebody is using spamassassin with unix socket... X+my $spamd_socket='SPAMD_SOCKET'; X+$spamc_binary.=" -U $spamd_socket" if ($spamd_socket ne ""); X+ X my ($sa_comment,$sa_level); X my $sa_symbol='+'; X-my ($tag_score)=""; X+my ($tag_score,$tag_sa_score); X my $SNEAKY_WINDOWS_EXTENSIONS="exe|w[pm][szd]|vcf|nws|cmd|bat|pif|sc[rt]|dll|ocx|do[ct]|xl[swt]|p[po]t|pps|vb[se]?|hta|p[lm]|sh[bs]|hlp|chm|eml|ws[cfh]|ad[ep]|jse?|md[abew]|ms[ip]|reg|as[dfx]|cil|cpl"; X my $VALID_WINDOWS_EXTENSIONS="rtf|pdf|sav|htm|html|pst|ost|txt|gif|jpeg|mpeg|jpg|png|mny|wav|tif|$SNEAKY_WINDOWS_EXTENSIONS"; X my $passwd_protected_zip; X@@ -289,6 +441,11 @@ X #Want debugging? Enable this and read $logdir/qmail-queue.log X my $DEBUG='DEBUG_LEVEL'; X X+# st: Minimal debug only works if $DEBUG=0 X+# If set to 2, the parent pid is written to the logs, and also X+# the message size X+my $MINIDEBUG='MINI_DEBUG'; X+ X my @uufile_list = (); X my @attachment_list = (); X my @zipfile_list = (); X@@ -297,13 +454,13 @@ X use Time::HiRes qw( usleep ualarm gettimeofday tv_interval ); X use POSIX; X X-use vars qw/ $opt_v $opt_h $opt_g $opt_r $opt_z/; X+use vars qw/ $opt_v $opt_h $opt_g $opt_r $opt_z $opt_p $opt_d $opt_s/; X X use Getopt::Std; X X #my ($opt_v,$opt_h,$opt_g,$opt_r,$opt_z); X X-getopts('vhgrz'); X+getopts('vhgrzpds'); X X my ($start_time,$last_time); X $start_time = $last_time = [gettimeofday]; X@@ -313,7 +470,7 @@ X if ( $opt_h ) { X print " X X-$prog X+ $prog $VERSION-$st_version X X -h - This help X -v - show details about this install. X@@ -321,21 +478,34 @@ X -z - gather virus scanner/DAT versions X and cleanup old temp files X -g - generate perlscanner database X- -r - read from perlscanner database\n"; X+ -r - read from perlscanner database X+ X+ -p - generate settings per domain database X+ -d - display settings per domain database X+ -s - sort the text file $settings_per_domain.txt X+ (not yet implemented, but you can redirect the output of '-d')\n\n"; X exit; X } X X X if ( $opt_g || $opt_r) { X &generate_quarantine_db; X- exit 0; X-} X- X-if ( $opt_v ) { X+ exit 0; X+} elsif ($opt_p) { X+ &generate_spd; X+ exit 0; X+} elsif ($opt_d) { X+ &read_spd; X+ exit 0; X+} elsif ($opt_s) { X+ print "\n Option not yet implemented\n\n"; X+ exit 0; X+} elsif ( $opt_v ) { X &show_version; X exit 0; X } X X+ X chdir($scandir); X umask(0007); X X@@ -365,19 +535,56 @@ X #Get current timestamp for logs X my ($sec,$min,$hour,$mday,$mon,$year,$nowtime); X ($sec,$min,$hour,$mday,$mon,$year) = localtime(time); X-#my $nowtime = sprintf "%02d/%02d/%02d %02d:%02d:%02d", $mday, $mon+1, $year+1900, $hour, $min, $sec; X-#my $nowtime = strftime("%a, %d %b %Y %H:%M:%S %Z", localtime(time)); X my ($smtp_sender,$remote_smtp_ip,$remote_smtp_auth,$real_uid,$effective_uid); X X $real_uid=$<; X $effective_uid=$>; X X-if ($DEBUG ) { X+# st: I will need the process number, and other variables, later X+my $nprocess=$$; X+my $nppid=getppid; X+if ($nppid == 1) { X+ # The parent pid is dead, maybe a message with BLFs X+ warn "$V_HEADER-$VERSION: Process $nprocess closed, parent process died\n" if ($MINIDEBUG < 3); X+ warn "$nprocess QS-$VERSION: Process $nprocess closed, parent process died\n" if ($MINIDEBUG >= 3); X+ exit 111; X+} X+$nprocess.="/$nppid" if ($MINIDEBUG >= 2); X+my $sa_report=''; X+my ($sa_hits,$required_hits)=('0','0'); X+# st: Flag to delete message X+my $del_message='0'; X+ X+if ($DEBUG || $MINIDEBUG ) { X open(LOG,">>$logdir/$debuglog"); X select(LOG);$|=1; X- &debug("+++ starting debugging for process $$ by uid=$real_uid"); X+ &debug("+++ starting debugging for process $$ (ppid=$nppid) by uid=$real_uid"); X+ &minidebug("+++ starting debugging for process $$ (ppid=$nppid) by uid=$real_uid"); X+} X+ X+# st: if sa_alt or sa_debug are '0', sa_hdr_report_site must be 0 X+$sa_hdr_report_site='0' if ( !$sa_alt || !$sa_debug ); X+ X+# st: if the variable SA_ONLYDELETE_HOST is set in the tcpserver X+# don't reject messages coming from those IPs, just delete them X+# You should set this variable for your secondary mail server. X+if (defined($ENV{'SA_ONLYDELETE_HOST'}) || defined($ENV{'SA_WHITELIST'})) { X+ $sa_reject="0"; X+ &debug("WL: The server is a SA_ONLYDELETE_HOST, don't reject"); X+ &minidebug("WL: The server is a SA_ONLYDELETE_HOST, don't reject"); X+} X+ X+# st: if the variable BMC_WHITELIST is set in the tcpserver X+# don't search for 'bad mime characters' in the headers of messages X+# coming from those IPs. X+# It would be hard to mantain this whitelist... X+if (defined($ENV{'BMC_WHITELIST'})) { X+ $BAD_MIME_CHECKS='0'; X+ &debug("WL: The server is in the BMC_WHITELIST, don't check BMC"); X+ &minidebug("WL: The server is in the BMC_WHITELIST, don't check BMC"); X } X X+ X &debug("setting UID to EUID so subprocesses can access files generated by this script"); X $< = $>; # set real to effective uid X $( = $); # set real to effective gid X@@ -406,6 +613,10 @@ X X &working_copy; X X+ # st: working_copy could be high due to an slow connection X+ &minidebug("w_c: message size $msg_size bytes") if ($MINIDEBUG >= 2); X+ my $elapsed_1=tv_interval ($start_time, [gettimeofday]); X+ &minidebug("w_c: elapsed time from start $elapsed_1 secs"); X X #We will set our own value here as it allows us to unset X #it later without changing how Qmail actually interprets X@@ -423,6 +634,8 @@ X $tag_score="RC:1($remote_smtp_ip):" if ($QS_RELAYCLIENT); X &debug("incoming SMTP connection from $smtp_sender"); X #system("/usr/bin/printenv > /tmp/qmail-scanner.env"); X+ # st: do not reject mails from localhost useful for fetchmail X+ $sa_reject="0" if ($remote_smtp_ip eq "127.0.0.1"); X } else { X $smtp_sender="via local process $$"; X $remote_smtp_ip='127.0.0.1'; X@@ -430,6 +643,8 @@ X $QS_RELAYCLIENT=1; X $tag_score="RC:1($remote_smtp_ip):"; #Always would be relayed X &debug("incoming pipe connection from $smtp_sender"); X+ # st: do not reject mails from localhost useful for fetchmail X+ $sa_reject="0"; X } X $tag_score="RC:0($remote_smtp_ip):" if ($tag_score !~ /^RC:1/); X X@@ -452,6 +667,17 @@ X #This SMTP session is incomplete until we see dem envelope headers! X &grab_envelope_hdrs; X &debug("from=$headers{'from'},subj=$headers{'subject'}, $qsmsgid=$headers{$qsmsgid} $smtp_sender"); X+ &minidebug("from='$headers{'from'}', subj='$headers{'subject'}', $smtp_sender"); X+ X+ ##### st: variables for settings per domain X+ $returnpath=tolower($returnpath); X+ $domain_returnpath=$returnpath; X+ $domain_returnpath=~ s/^(.*)\@(.*)$/$2/; X+ # X+ $one_recip=tolower($one_recip); X+ $domain_one_recip=$one_recip; X+ $domain_one_recip=~ s/^(.*)\@(.*)$/$2/ if ($one_recip); X+ ###### X X #Add envelope details to headers array so that they can be matched within X #perlscanner. X@@ -466,6 +692,7 @@ X #Hmm, doesn't look nice, but it feels better to make this a separate check for some reason X if ($skip_text_msgs && ($indicates_attachments < 2) && !@uufile_list && !@attachment_list) { X &debug("This is a PLAIN text message (because it's either not mime, or is text/plain), skip virus scanners - but not antispam scanners"); X+ &minidebug("This is a PLAIN text message, skip virus scanners - but not SA"); X $plain_text_msg=1; X } X } X@@ -473,31 +700,29 @@ X &debug("This is a bounce message - better assume there's an attachment in it"); X $plain_text_msg=0; X } X- X X- &init_scanners; X- X- if ($quarantine_event || $quarantine_spam) { X- &debug("unsetting TCPREMOTEIP env var"); X- delete $ENV{'TCPREMOTEIP'}; X- #Reset locale back to original X- $ENV{'LC_ALL'}=$orig_locale; X- X- #is this a greylist event? X- if ($quarantine_event=~/gr[ae]ylist/i ) { X- #This text will only be seen by those using the "custom-error" X- #patch. Others will just get a general "qq" temp failure msg. X- &log_event; X- print STDERR "Z$quarantine_event"; X- &cleanup; X- exit 82; X- }else{ X- &email_quarantine_report; X- } X+############################################## X+# st: SETTINGS PER DOMAIN X+############################################## X+ X+ $quarantine_event_tmp=$quarantine_event; X+ X+ if ($settings_pd && ( ! -f "$settings_per_domain.db")) { X+ &debug("s_p_d: $settings_per_domain.db doesn't exist falling to installed scanners"); X+ &minidebug("s_p_d: $settings_per_domain.db doesn't exist falling to installed scanners"); X+ $settings_pd='0'; X+ } X+ X+ if ($settings_pd) { X+ &settings_p_d; X } else { X- &qmail_parent_check; X- &qmail_requeue($env_returnpath,$env_recips,"$scandir/$wmaildir/new/$file_id"); X+ @scanner_array=@scanners_installed; X+ &sa_defaults; X+ &start_scanners($env_returnpath,$env_recips,"$scandir/$wmaildir/new/$file_id"); X } X+ X+############################################## X+ X alarm 0; X }; X X@@ -510,6 +735,7 @@ X } X } X X+ X #Msg has been delivered now, so don't want hangs in this part X #to affect delivery X X@@ -517,18 +743,19 @@ X X &cleanup; X X-($sec,$min,$hour,$mday,$mon,$year) = localtime(time); X-#$nowtime = sprintf "%02d/%02d/%02d %02d:%02d:%02d", $mday, $mon+1, $year+1900, $hour, $min, $sec; X- X-&debug("all finished. Total of ",tv_interval ($start_time, [gettimeofday])," secs"); X- X+# st: I don't think that st-patch will reach this point, for a SPAM mail.. X+# X # This is commented out as I'm concerned for people running Q-S behind edge gateways. X #Those boxes would then generate a bounce (as they are not the actual spamming SMTP client) X #if ($destring =~ /SPAM/) { X # &debug("exit with permanent error as this is high-scored SPAM"); X+# &minidebug("SA: exit with permanent error as this is high-scored SPAM"); X+# &close_log; X # exit 111; X #} X X+# st: write to the log the end of the process X+&close_log; X exit 0; X X ############################################################################ X@@ -543,6 +770,7 @@ X X sub log_event { X if ($log_details) { X+ $tag_score .= "$tag_sa_score" if ($tag_sa_score); X $tag_score .= "$CRYPTO_TYPE:" if ($log_crypto && $CRYPTO_TYPE ne ""); X $tag_score .= "$DOMKEYS:" if ($log_crypto && $DOMKEYS ne ""); X #$virtualheader{'CRYPTODETAILS'}="$CRYPTO_TYPE:$DOMKEYS"; X@@ -574,14 +802,15 @@ X } X #$nowtime = sprintf "%02d/%02d/%02d %02d:%02d:%02d", $mday, $mon+1, $year+1900, $hour, $min, $sec; X &debug("error_condition: $V_HEADER-$VERSION: $string"); X- close(LOG); X+ &minidebug("error_condition: $V_HEADER-$VERSION: $string"); X &cleanup; X+ &close_log; X exit $errcode; X } X X sub debug { X my $dnowtime = strftime("%a, %d %b %Y %H:%M:%S %Z", localtime(time)); X- print LOG "$dnowtime:$$: ",@_,"\n" if ($DEBUG); X+ print LOG "$dnowtime:$nprocess: ",@_,"\n" if ($DEBUG); X } X X sub working_copy { X@@ -608,6 +837,7 @@ X if ($BAD_MIME_CHECKS && !$IGNORE_EOL_CHECK && /\r|\0/) { X $illegal_mime=1; X &debug("w_c: found CRL/NULL in header - invalid if this is a MIME message"); X+ &minidebug("w_c: found CRL/NULL in header - invalid if this is a MIME message"); X } X #Put headers into array X if (/^\s+(.*)$/ && $last_hdr) { X@@ -623,6 +853,7 @@ X $quarantine_event="Policy:Bad_MIME_Break"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in message"; X &debug("w_c: disallowed breakage found in header name ($_) - not valid email"); X+ &minidebug("w_c: disallowed breakage found in header name ($_) - not valid email"); X #next; X } else { X /^([^\s]+):(.*)$/; X@@ -639,6 +870,7 @@ X $quarantine_event="Policy:Bad_MIME_Comment"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in message"; X &debug("w_c: $quarantine_description"); X+ &minidebug("w_c: $quarantine_description"); X } X $num_of_headers++; X } X@@ -721,6 +953,7 @@ X $illegal_mime=1; X $quarantine_description="Disallowed MIME Content-Type found - not valid email"; X &debug($quarantine_description); X+ &minidebug("w_c: $quarantine_description"); X $quarantine_event="Policy:Bad_MIME_Type"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in message"; X } X@@ -785,10 +1018,12 @@ X if ($cd_attachment_filename ne "" && $ct_attachment_filename ne "" && $ct_attachment_filename ne $cd_attachment_filename) { X if (!$quarantine_event && $BAD_MIME_CHECKS > 1) { X &debug("w_c: Disallowed MIME filename manipulation - potential virus"); X+ &minidebug("w_c: Disallowed MIME filename manipulation - potential virus"); X $illegal_mime=1; X $destring="LOCALE_destring_problem"; X $quarantine_description='Disallowed MIME filename manipulation - not valid email'; X &debug($quarantine_description); X+ &minidebug("w_c: $quarantine_description"); X $quarantine_event="Policy:Bad_MIME_Manipulation"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in message attachment: \"$ct_attachment_filename\" != \"$cd_attachment_filename\""; X } X@@ -833,19 +1068,23 @@ X $illegal_mime=1; X $quarantine_description="Disallowed MIME boundary length found (".length($BOUNDARY{$attachment_counter}).") - not valid email"; X &debug($quarantine_description); X+ &minidebug("w_c: $quarantine_description"); X $quarantine_event="Policy:Bad_MIME_Boundary"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in message"; X } X if ( !$quarantine_event && $headers{'mime-version'} ne "" && $BAD_MIME_CHECKS > 1 && $BOUNDARY{$attachment_counter} =~ /^($BOUNDARY_REGEX)$/i) { X &debug("w_c: hmm, a new boundary defintion that has already being set. Sounds like a trojan"); X+ &minidebug("w_c: hmm, a new boundary defintion that has already being set. Sounds like a trojan"); X &debug("w_c: broken attachment MIME details - block it!"); X+ &minidebug("w_c: broken attachment MIME details - block it!"); X $illegal_mime=1; X $destring="LOCALE_destring_problem"; X $quarantine_description='Disallowed MIME boundary found in attachment - not valid email'; X &debug($quarantine_description); X+ &minidebug("w_c: $quarantine_description"); X $quarantine_event="Policy:Bad_MIME_Boundary"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in message"; X- } X+ } X if ($BOUNDARY_REGEX ne "") { X $BOUNDARY_REGEX.="|".$BOUNDARY{$attachment_counter}; X } else { X@@ -863,9 +1102,11 @@ X if ($attachment_filename =~ /\.(scr|pif|vbs|exe)$/i && $content_type{$attachment_counter} !~ /^(message|text|application|binary)/i) { X $quarantine_description="Disallowed file ($attachment_filename) assosiated with unrelated MIME type ($content_type{$attachment_counter}) - forged attachments blocked"; X &debug("w_c: $quarantine_description"); X+ &minidebug("w_c: $quarantine_description"); X $illegal_mime=1; X $destring='LOCALE_destring_problem'; X &debug($quarantine_description); X+ &minidebug("w_c: $quarantine_description"); X $quarantine_event="Policy:Forged_Attachment"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in attachment $attachment_filename"; X } X@@ -904,10 +1145,12 @@ X #we must allow such "hacks" to slip through X if (!$quarantine_event && $BAD_MIME_CHECKS > 1 && ($BOUNDARY_REGEX ne "" && $still_attachment !~ /^\-\-($BOUNDARY_REGEX)\-\-$/) ) { X &debug("w_c: broken attachment MIME details (still_attachment=$still_attachment, but BOUNDARY_REGEX=\"$BOUNDARY_REGEX\")- block it!"); X+ &minidebug("w_c: broken attachment MIME details (still_attachment=$still_attachment, but BOUNDARY_REGEX=\"$BOUNDARY_REGEX\")- block it!"); X $illegal_mime=1; X $destring="LOCALE_destring_problem"; X $quarantine_description='Disallowed content found in MIME attachment - not valid email'; X &debug($quarantine_description); X+ &minidebug("w_c: $quarantine_description"); X $quarantine_event="Policy:Bad_MIME_Header"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in message"; X } X@@ -924,10 +1167,10 @@ X $illegal_mime=1; X $destring="LOCALE_destring_problem"; X $quarantine_description="Disallowed executable attachment associated with \"$content_type{$attachment_counter}\" MIME type - forged attachment"; X- &debug($quarantine_description); X $quarantine_event="Policy:Forged_Attachment"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in attachment \"$attachment_filename\""; X &debug("w_c: $quarantine_description"); X+ &minidebug("w_c: $quarantine_description"); X } X } X if ($_ =~ /^(UEsDB[AB]|UEswMFBL)/) { X@@ -937,10 +1180,10 @@ X $illegal_mime=1; X $destring="LOCALE_destring_problem"; X $quarantine_description="Disallowed zip attachment when not associated with a .zip filename - forged attachment"; X- &debug($quarantine_description); X $quarantine_event="Policy:Forged_Attachment"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in attachment \"$attachment_filename\""; X &debug("w_c: $quarantine_description"); X+ &minidebug("w_c: $quarantine_description"); X } X } X } X@@ -964,6 +1207,7 @@ X $CRYPTO_TYPE="CR:PGP(old-signed)" if (/^(\-\-\-\-\-BEGIN PGP SIGNATURE\-\-\-\-\-|LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0)/); X $CRYPTO_TYPE="CR:PGP(old-encrypted)" if (/^(\-\-\-\-\-BEGIN PGP MESSAGE\-\-\-\-\-|LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0t)/); X &debug("found old PGP crypto ($CRYPTO_TYPE)") if ($CRYPTO_TYPE ne ""); X+ &minidebug("w_c: found old PGP crypto ($CRYPTO_TYPE)") if ($CRYPTO_TYPE ne ""); X } X &check_and_grab_attachments; X print TMPFILE ; X@@ -978,6 +1222,7 @@ X &debug("w_c: total time between DATA command and \".\" was ",&deltatime," secs"); X &debug("w_c: (this is basically the time it took the client to send the message over the network"); X &debug("w_c: resetting timer so as to measure actual Qmail-Scanner processing time"); X+ &minidebug("w_c: Total time between DATA command and \".\" was ",&deltatime," secs"); X $start_time=[gettimeofday]; X #Not atomic but who cares about the overhead - this is the only app using this area... X link("$scandir/$wmaildir/tmp/$file_id","$scandir/$wmaildir/new/$file_id")||&error_condition("cannot link $scandir/$wmaildir/tmp/$file_id into $scandir/$wmaildir/new/$file_id - $!"); X@@ -1021,10 +1266,15 @@ X #qmail-smtpd must be officially dropping the incoming message for X #some (valid) reason (including the other end dropping the connection). X &debug("g_e_h: no sender and no recips. Probably due to SMTP client dropping connection. Nothing we can do - cleanup and exit. This is not necessarily an error!"); X+ &minidebug("g_e_h: no sender and no recips, from $smtp_sender. Dropping, this isn't a QS error."); X+ warn "$$ QS-$VERSION: no sender and no recips, from $smtp_sender\n" if ($MINIDEBUG >= 3); X+ warn "$V_HEADER-$VERSION: no sender and no recips, from $smtp_sender\n" if ($MINIDEBUG == 2); X &cleanup; X+ &close_log; X exit; X } X &debug("g_e_h: return-path is \"$returnpath\", recips is \"$recips\""); X+ &minidebug("g_e_h: return-path='$returnpath', recips='$recips'"); X } X X X@@ -1039,6 +1289,7 @@ X $MAX_SCAN_SIZE=10000000 if ($MAX_SCAN_SIZE < 10000000); X if ($size > $MAX_SCAN_SIZE) { X &debug("d_m: msg is $size bytes - too large to scan"); X+ &minidebug("d_m: msg is $size bytes - too large to scan"); X $SKIP_SCANNING=1; X } X &debug("d_m: starting $mimeunpacker_binary <$scandir/$wmaildir/new/$file_id [",&deltatime,"]"); X@@ -1071,7 +1322,7 @@ X } X #Who cares if it is or isn't tnef, just scan it! X if ($tnef_binary) { X- $MAYBETNEF=`$tnef_binary --number-backups -d $ENV{'TMPDIR'}/ -f $ENV{'TMPDIR'}/$save_filename 2>&1`; X+ $MAYBETNEF=`$tnef_binary --number-backups -d $ENV{'TMPDIR'}/ -f $ENV{'TMPDIR'}/$save_filename 2>&1`; X $tnef_status=$?; X &debug("d_m: is $ENV{'TMPDIR'}/$save_filename is a TNEF file?: $tnef_status [",&deltatime,"]"); X } X@@ -1104,7 +1355,7 @@ X system $rm_binary,"-f","$ENV{'TMPDIR'}/$save_filename"; X } X } X- X+ X my($decon_time)=tv_interval ($start_decon_time, [gettimeofday]); X &debug("d_m: unpacking message took $decon_time seconds"); X } X@@ -1127,19 +1378,14 @@ X #a virus... The exception to this is if it looks like a DoS attack - then X #don't run the AVs over it - as they may be the ones affected by the DoS... X X- &scanloop("virus") if (!$quarantine_DOS && !$SKIP_SCANNING); X- X- #Only run perlscanner if no reason to quarantine found so far X- &perlscan_scanner if (!$quarantine_event); X+ # st: JLH has changed this part... let see if I can mantain mine compatible with him. X+ &scanloop if (!$quarantine_DOS && !$SKIP_SCANNING); X X- #Finishing with running anti-spam checks (no point in X- #running antispam over quarantined emails!) X- &scanloop("spam") if (!$quarantine_event && !$SKIP_SCANNING); X- X chdir("$scandir"); X X my($decon_time)=tv_interval ($start_init_scanners_time, [gettimeofday]); X &debug("ini_sc: scanning message took $decon_time seconds"); X+ &minidebug("ini_sc: finished scan of \"$ENV{'TMPDIR'}\"..."); X } X X X@@ -1164,6 +1410,8 @@ X $quarantine_description="Disallowed characters found in MIME headers" if (!$quarantine_description); X $quarantine_event="Policy:Bad_MIME"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description'\n found in message"; X+ &debug("p_s: something to block! ($quarantine_description)"); X+ &minidebug("p_s: something to block! ($quarantine_description)"); X } X #check out headers against DB... X X@@ -1192,6 +1440,7 @@ X $quarantine_event=~s/_$//g; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in file $ENV{'TMPDIR'}/$file"; X &debug("p_s: something to block! ($quarantine_description)"); X+ &minidebug("p_s: something to block! ($quarantine_description)"); X last; X } X } else { X@@ -1221,6 +1470,7 @@ X $quarantine_event=~s/_$//g; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in message"; X &debug("p_s: something to block! ($quarantine_description)"); X+ &minidebug("p_s: something to block! ($quarantine_description)"); X } X $CRYPTO_TYPE=~s/\)$/,private\)/; X } X@@ -1232,11 +1482,14 @@ X $quarantine_description=$headers{'CRYPTODETAILS'}; X $quarantine_event="Policy:No_Crypto"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in file $ENV{'TMPDIR'}/$file"; X+ &debug("p_s: something to block! ($quarantine_description)"); X+ &minidebug("p_s: something to block! ($quarantine_description)"); X return; X } X } X if ($#allfiles > $MAX_NUM_UNPACKED_FILES) { X &debug("w_c: more than $MAX_NUM_UNPACKED_FILES files found - quarantine"); X+ &minidebug("w_c: more than $MAX_NUM_UNPACKED_FILES files found - quarantine"); X $illegal_mime=1; X $destring='LOCALE_destring_problem'; X $quarantine_description="Too many file components found (".$#allfiles.") - potential DoS"; X@@ -1244,6 +1497,8 @@ X $quarantine_DOS=$quarantine_event; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in file $ENV{'TMPDIR'}/$file"; X $file_desc .= "too_many:$msg_size\t" if ($file_desc !~ /\Q$file\E:$size\t/); X+ &debug("p_s: something to block! ($quarantine_description)"); X+ &minidebug("p_s: something to block! ($quarantine_description)"); X return; X } X foreach $filepath (@allfiles,@uufile_list,@zipfile_list,@attachment_list) { X@@ -1265,13 +1520,16 @@ X } X X if (!$ps_skipfile && $virtualheader{'FILELENGTHTOOLONG'} ne "" && !$quarantine_event && length($file) > 256 && $BAD_MIME_CHECKS > 1 ) { X- #&debug("w_c: majorly long attachment filename found - block it"); X+ &debug("w_c: majorly long attachment filename found - block it"); X+ &minidebug("w_c: majorly long attachment filename found - block it"); X $quarantine_description=$headers{'FILELENGTHTOOLONG'}; X $illegal_mime=1; X $destring='LOCALE_destring_problem'; X $quarantine_event="Policy:Attach_Length"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in file $ENV{'TMPDIR'}/$file"; X $file_desc .= "$file:$msg_size\t" if ($file_desc !~ /\Q$file\E:$size\t/); X+ &debug("p_s: something to block! ($quarantine_description)"); X+ &minidebug("p_s: something to block! ($quarantine_description)"); X return; X } X X@@ -1281,13 +1539,15 @@ X #The VALID_WINDOWS_EXTENSIONS is based on double-barrel virii caught in a years worth of Qmail-Scanner X #logs (gotta love those logs!). Notice that I expressly allow "file.exe.exe" through - as the double-extension X #doesn't hide anything [just implies a user made a mistake] X- if ($virtualheader{'FILEDOUBLEBARRELED'} ne "" && !$quarantine_event && ($file =~ /(^.*)\.($VALID_WINDOWS_EXTENSIONS)\s*\.($SNEAKY_WINDOWS_EXTENSIONS)$/i) && $file !~ /(\.[a-z0-9]{3})\1|\.pp.\.pp.$/i) { X+ if ($virtualheader{'FILEDOUBLEBARRELED'} ne "" && !$quarantine_event && ($file =~ /(^.*)\.($VALID_WINDOWS_EXTENSIONS)\s*\.($SNEAKY_WINDOWS_EXTENSIONS)$/i) && $file !~ /(\.[a-z0-9]{3})\1$|\.pp.\.pp.$/i) { X $quarantine_description=$headers{'FILEDOUBLEBARRELED'}; X $illegal_mime=1; X $destring='LOCALE_destring_problem'; X $quarantine_event="Policy:Win_Ext"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in file $ENV{'TMPDIR'}/$file"; X $file_desc .= "$file:$msg_size\t" if ($file_desc !~ /\Q$file\E:$size\t/); X+ &debug("p_s: something to block! ($quarantine_description)"); X+ &minidebug("p_s: something to block! ($quarantine_description)"); X return; X } X if ($virtualheader{'FILECLSID'} ne "" && !$quarantine_event && $file =~ /\{[0-9a-f]{8}\-[0-9a-f]{4}\-[0-9a-f]{4}\-[0-9a-f]{4}\-[0-9a-f]{12}\}$/i) { X@@ -1296,6 +1556,8 @@ X $quarantine_event="Policy:Win_CLSID"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in file $ENV{'TMPDIR'}/$file"; X $file_desc .= "$file:$msg_size\t" if ($file_desc !~ /\Q$file\E:$size\t/); X+ &debug("p_s: something to block! ($quarantine_description)"); X+ &minidebug("p_s: something to block! ($quarantine_description)"); X return; X } X } X@@ -1335,7 +1597,6 @@ X } X $fsize=~s/^SIZE=//; X if (!$ps_skipfile && $quarantine_description && !$quarantine_event && ($size eq $fsize || $fsize =~ /^-1$/i) ) { X- &debug("p_s: Quarantine $file! ($quarantine_description)"); X ($quarantine_event=$quarantine_description) =~ s/\s/_/g; X if ($quarantine_event=~/gr[ea]ylist/i) { X $quarantine_event="Perlscan:Greylisted"; X@@ -1345,6 +1606,8 @@ X $quarantine_event=~s/_$//g; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in file $ENV{'TMPDIR'}/$file"; X $section=$apptype=$save_filename=$filename=""; X+ &debug("p_s: something to block! ($quarantine_description)"); X+ &minidebug("p_s: something to block! ($quarantine_description)"); X # return; X } X } X@@ -1354,63 +1617,127 @@ X if ($CRYPTO_TYPE=~/CR:ZIP/ && $virtualheader{'ZIPPASSWORDPROTECTED'} ne "" && !$quarantine_event) { X $quarantine_description=$headers{'ZIPPASSWORDPROTECTED'}; X &debug("u_f: $quarantine_description"); X+ &minidebug("u_f: $quarantine_description"); X $destring='LOCALE_destring_problem'; X $quarantine_event="Policy:Encrypted_ZIP"; X $description .= "\n---perlscanner results ---\n$destring '$quarantine_description' found in zip file"; X $file_desc .= "encrypted_zip:$msg_size\t"; X+ &debug("u_f: something to block! ($quarantine_description)"); X+ &minidebug("u_f: something to block! ($quarantine_description)"); X return; X } X X+ # st: cosmetic, if the messages is spam don't call it a virus. X+ if ($quarantine_description =~ /spam/i) { X+ $destring='LOCALE_destring_problem'; X+ } X+ X chdir("$scandir/"); X my($stop_perlscan_time)=[gettimeofday]; X $perlscan_time = tv_interval ($start_perlscan_time, $stop_perlscan_time); X &debug("p_s: finished scan of dir \"$ENV{'TMPDIR'}\" in $perlscan_time secs"); X+ &minidebug("p_s: finished scan in $perlscan_time secs"); X } X X X sub scanloop { X- my($scanType)=@_; X- &debug("scanloop($scanType): starting scan of directory \"$ENV{'TMPDIR'}\"..."); X- X+ #my($scanType)=@_; X+ #&debug("scanloop($scanType): starting scan of directory \"$ENV{'TMPDIR'}\"..."); X+ &debug("scanloop: starting scan of directory \"$ENV{'TMPDIR'}\"..."); X+ X my ($scanner); X #Remember any policy blocks that have already occurred, but reset X #$quarantine_event so that if a virus is found, that "wins" X- $quarantine_event_tmp=$quarantine_event; X+ #$quarantine_event_tmp=$quarantine_event; # st: done above. X $quarantine_event='0'; X foreach $scanner (@scanner_array) { X+ # st: if this recipient has spamassassin in his array we will add the X-Spam headers. X+ $sa_rcpt='1' if ( $scanner =~ /spam/ ); X+ X+ # st: s_p_d, if we have multiples recipients (a lot) run each scanner just once... (except SA) X+ if (exists $found_event{$scanner}) { X+ ($destring,$quarantine_event,$quarantine_description,$description)=split(/\t/,$found_event{$scanner}); X+ $scanner =~ s/^(.*)_scanner$/$1/; X+ $scanner =~ s/^perlscan$/p_s/; X+ X+ # st: spamassassin and multiple recipients... X+ if ($scanner =~ /spam/i) { X+ if ($msg_size > 250000) { X+ &debug("SA: message too big - skip it"); X+ &minidebug("SA: message too big - skip it"); X+ next; X+ } X+ if ($sa_sql) { X+ # st: rerun SA, each user could have his own required_hits... X+ # but we cannot run again verbose_spamassassin, then run sa_alt and add sa_report X+ # It is better forget verbose_spamassassin for ever... X+ if (!$sa_fast) { X+ $sa_alt='1'; X+ $sa_debug='1'; X+ $sa_hdr_report='1'; X+ } X+ $scanner = "spamassassin_alt" if ($sa_alt); X+ &{$scanner} (1); X+ next; X+ } else { X+ &check_sa_score ($sa_hits,0,1) if ($sa_hits && ($sa_hits ne "\?")); X+ if ($sa_hits < $required_hits || ($sa_hits eq "\?")) { X+ &debug("SA: finished scan for $one_recip - hits=$sa_hits/$required_hits"); X+ &minidebug("SA: finished scan for $one_recip - hits=$sa_hits/$required_hits"); X+ } X+ } X+ next; X+ } X+ X+ if ($quarantine_description ne "") { X+ &debug("$scanner: $destring found $quarantine_description"); X+ &minidebug("$scanner: $destring found $quarantine_description"); X+ last; X+ } else { X+ &debug("$scanner: already checked and clear, skip"); X+ &minidebug("$scanner: already checked and clear, skip"); X+ next; X+ } X+ } X+ X #Any scanner errors caused by broken zip files/etc will be ignored X # - not sure how that should be handled... X+ &debug("scanloop: scanner=$scanner,plain_text_msg=$plain_text_msg"); X+ X+ # st: call spamassassin_alt if sa_alt is enabled X+ $scanner = "spamassassin_alt" if ( $scanner =~ /spam/i && $sa_alt ); X+ X+ # st: I am not sure if this is correct X+ if ($scanner =~ /perl/i) { X+ $quarantine_event=$quarantine_event_tmp; X+ } X X #Just run virus scanners over mail that isn't plain text X if ($plain_text_msg) { X- #If it's plain text - just run anti-spam checks X- if ($scanType eq "spam" && $scanner =~ /(^spam)/i) { X- &debug("scanloop: scanner=$scanner,plain_text_msg=$plain_text_msg"); X- &{$scanner}; X- } X- }else { X- if ($scanType ne "spam") { X- if ($scanner !~ /(^spam)/i) { X- &debug("scanloop: scanner=$scanner,plain_text_msg=$plain_text_msg"); X- &{$scanner}; X- } X- }else{ X- if ($scanner =~ /(^spam)/i) { X- &debug("scanloop: scanner=$scanner,plain_text_msg=$plain_text_msg"); X- &{$scanner}; X- } X- } X+ #If it's plain text - just run anti-spam checks and perl_scanner X+ &{$scanner} if ($scanner =~ /spam|perl/i); X+ } else { X+ &{$scanner}; X } X+ X+ $scanner = "spamassassin" if ($scanner eq "spamassassin_alt"); X if ($quarantine_event) { X- #If one scanner finds a virus - why run the rest over it? X #Make sure this is set correctly X- $destring="LOCALE_destring_virus" if (!$destring); X+ $destring="LOCALE_destring_virus" if ($quarantine_event !~ /spam/i && $scanner !~ /perl/i ); X+ $found_event{$scanner}="$destring\t$quarantine_event\t$quarantine_description\t$description"; X+ # st: mark the viruses we don't want to quarantine, but delete them X+ if (($virus_to_delete ne "") && ($quarantine_description=~/($virus_to_delete)/i)) { X+ $del_message='1'; X+ &debug("v_t_d: Virus ($quarantine_description), dropping"); X+ &minidebug("v_t_d: Virus ($quarantine_description), dropping"); X+ } X+ #If one scanner finds a virus - why run the rest over it? X last; X } X+ # st: per user settings... I have to think about... X+ $found_event{$scanner}="\t\t\t"; X } X &debug("scanloop: finished scan of \"$ENV{'TMPDIR'}\"..."); X- #Reset back the state if these scanners haven't overridden it X- $quarantine_event=$quarantine_event_tmp if (!$quarantine_event); X } X X sub qmail_requeue { X@@ -1455,30 +1782,33 @@ X $findate = POSIX::strftime( "%d %b ",$sec,$min,$hour,$mday,$mon,$year); X $findate .= sprintf "%02d %02d:%02d:%02d -0000", $year+1900, $hour, $min, $sec; X print QMQ "Received: from $remote_smtp_ip$remote_smtp_auth by $hostname (envelope-from <$returnpath>, uid $real_uid) with qmail-scanner-$VERSION \n"; X- print QMQ " ($SCANINFO \n Clear:$tag_score. \n"; X- print QMQ " Processed in $elapsed_time secs); $findate\n"; X- if ($sa_comment ne "") { X- print QMQ "X-Spam-Status: $sa_comment\n"; X- print QMQ "X-Spam-Level: $sa_level\n"; X- } X- #Only add these headers for Internet-incoming X- if ( $descriptive_hdrs && !$QS_RELAYCLIENT) { X- print QMQ "${V_HEADER}-Mail-From: $returnpath via $hostname\n"; X- print QMQ "${V_HEADER}-Rcpt-To: $recips\n" if ($descriptive_hdrs eq "2"); X- print QMQ "$V_HEADER: $VERSION (Clear:$tag_score. Processed in $elapsed_time secs)\n"; X+ if ($scanner_array[0] ne "none") { X+ print QMQ " ($SCANINFO \n Clear:$tag_score$tag_sa_score. \n"; X+ print QMQ " Processed in $elapsed_time secs); $findate\n"; X+ if ($sa_comment ne "" && $sa_rcpt) { X+ print QMQ "X-Spam-Status: $sa_comment\n"; X+ print QMQ "X-Spam-Level: $sa_level\n" if ($sa_level ne ""); X+ print QMQ "X-Spam-Report: SA TESTS\n$sa_report\n" if ($sa_report && $sa_hdr_report); X+ } X+ #Only add these headers for Internet-incoming X+ if ( $descriptive_hdrs && !$QS_RELAYCLIENT) { X+ print QMQ "${V_HEADER}-Mail-From: $returnpath via $hostname\n"; X+ print QMQ "${V_HEADER}-Rcpt-To: $recips\n" if ($descriptive_hdrs eq "2"); X+ print QMQ "$V_HEADER: $VERSION (Clear:$tag_score$tag_sa_score. Processed in $elapsed_time secs Process $nprocess)\n"; X+ } X } X my $still_headers=1; X my $seen_env=0; X while () { X- if ($still_headers && $spamc_options =~ / \-c /) { X+ if ($still_headers && $sa_fast) { X #break any X-Spam-Status/Level IFF we've set a SA value ourselves. Easier than removing - and it leaves X #them around for diagnosis... X- if ($sa_comment ne "" && /^(X-Spam-Status|X-Spam-Flag|X-Spam-Level):/i) { X- s/^(X-Spam-Status|X-Spam-Flag|X-Spam-Level):/${V_HEADER}-MOVED-$1:/i; X+ if ($sa_comment ne "" && $sa_rcpt && /^(X-Spam-Status|X-Spam-Flag|X-Spam-Level|X-Spam-Report):/i) { X+ s/^(X-Spam-Status|X-Spam-Flag|X-Spam-Level|X-Spam-Report):/${V_HEADER}-MOVED-$1:/i; X } X- if ($sa_comment =~ /^yes/i && $spamc_subject ne "" && !/^Subject: \Q$spamc_subject\E/i && /^(Subject):(\s?)([^\n]+)\n/i ) { X- $altered_subject="$1: $spamc_subject $3"; X- if ($altered_subject !~ /^: \Q$spamc_subject\E/) { X+ if ($sa_comment =~ /^yes/i && $sa_subject ne "" && !/^Subject: \Q$sa_subject\E/i && /^(Subject):(\s?)([^\n]+)\n/i && $sa_rcpt) { X+ $altered_subject="$1: $sa_subject $3"; X+ if ($altered_subject !~ /^: \Q$sa_subject\E/) { X &debug("altering subject line to $altered_subject"); X print QMQ "$altered_subject\n"; X next; X@@ -1486,7 +1816,7 @@ X } X $still_headers=0 if (/^(\r|\r\n|\n)$/); X #Insert Subject: line if e-mail dosn't contain one but must be tagged X- print QMQ "Subject: $spamc_subject\n" if ((!$still_headers) && ($sa_comment =~ /^yes/i) && (!$altered_subject) && $spamc_subject ne "" ); X+ print QMQ "Subject: $sa_subject\n" if ((!$still_headers) && ($sa_comment =~ /^yes/i) && (!$altered_subject) && $sa_subject ne "" && $sa_rcpt); X X } X print QMQ; X@@ -1532,6 +1862,7 @@ X #&debug("v_v_t_r: does $virus_type contain $virus?"); X if ($virus_type =~ /$virus/i) { X &debug("v_v_t_r: $virus_type contain $virus - so don't notify the sender"); X+ &minidebug("v_v_t_r: Description contain \"$virus\" - so don't notify the sender"); X return 0; X } X } X@@ -1591,6 +1922,14 @@ X sub email_quarantine_report { X my($start_email_time)=[gettimeofday]; X if ($quarantine_spam) { X+ # st: now spam is quarantined in a separated directory, but also it is X+ # possible to set a directory per user, so I must check the directory... X+ if (! -d "$scandir/quarantine/$smaildir") { X+ mkdir("$scandir/quarantine/$smaildir",0750) || &error_condition("cannot create $scandir/quarantine/$smaildir - $!"); X+ mkdir("$scandir/quarantine/$smaildir/new",0750) || &error_condition("cannot create $scandir/quarantine/$smaildir/new - $!"); X+ mkdir("$scandir/quarantine/$smaildir/cur",0750) || &error_condition("cannot create $scandir/quarantine/$smaildir/cur - $!"); X+ mkdir("$scandir/quarantine/$smaildir/tmp",0750) || &error_condition("cannot create $scandir/quarantine/$smaildir/tmp - $!"); X+ } X #Use a different maildir for SPAM X $vmaildir=$smaildir; X $quarantine_event=$quarantine_spam; X@@ -1599,16 +1938,28 @@ X #Use a different maildir for Policy-blocks X $vmaildir=$pmaildir; X } X+ X+ # st: if we have multiple recipient quarantine the file once, unless we have differents smaildir... X+ return if ( -f "$scandir/quarantine/$vmaildir/new/$file_id"); X+ X if ($vmaildir ne "none") { X &debug("e_v_r: quarantine msg to $scandir/quarantine/$vmaildir/new/$file_id"); X+ ### st: if your '$smaildir' resides in a different file system (partition) than X+ ### '$wmaildir' comment the next line and uncomment the two following lines. X link("$scandir/$wmaildir/new/$file_id","$scandir/quarantine/$vmaildir/new/$file_id")||&error_condition("cannot link $scandir/$wmaildir/new/$file_id into $scandir/quarantine/$vmaildir/new/ - $!"); X+ # use File::Copy X+ # copy("$scandir/$wmaildir/new/$file_id","$scandir/quarantine/$vmaildir/new/$file_id")||&error_condition("cannot copy $scandir/$wmaildir/new/$file_id into $scandir/quarantine/$vmaildir/new/ - $!"); X } X+ X open(QTINE,">>$scandir/quarantine/$vmaildir/new/$file_id"); X print QTINE "\n*** Qmail-Scanner Quarantine Envelope Details Begin ***\n"; X print QTINE "${V_HEADER}-Mail-From: \"$returnpath\" via $hostname\n"; X print QTINE "${V_HEADER}-Rcpt-To: \"$recips\"\n"; X- print QTINE "$V_HEADER: $VERSION ($SCANINFO $destring Found. Processed in ",tv_interval($start_time,[gettimeofday])," secs)\n"; X+ print QTINE "$V_HEADER: $VERSION ($SCANINFO $destring Found. Processed in ",tv_interval($start_time,[gettimeofday])," secs) process $nprocess \n"; X print QTINE "Quarantine-Description: $quarantine_description\n"; X+ if (($quarantine_description =~ /spam/i) && $sa_report) { X+ print QTINE "SA_REPORT hits = $sa_hits/$required_hits\n$sa_report\n"; X+ } X print QTINE "*** Qmail-Scanner Envelope Details End ***\n"; X close QTINE; X X@@ -1622,7 +1973,6 @@ X } else { X &email_recips($recips); X } X- } else { X #This is almost 100% certainly SPAM - no point in notifying anyone X } X &write_quarantine_report; X@@ -1651,6 +2001,7 @@ X } X if ( -f "$scandir/$wmaildir/new/$file_id" ) { X &debug("cleanup: archiving into $scandir/$archivedir/new/"); X+ &minidebug("cleanup: archiving into $scandir/$archivedir/new/"); X rename("$scandir/$wmaildir/new/$file_id","$scandir/$archivedir/new/$file_id"); X #This will do for now. Not pretty - but very cheap! X #We need to append this information, otherwise how do you know who this message X@@ -1660,7 +2011,10 @@ X print ARCHIVE "\n*** Qmail-Scanner Envelope Details Begin ***\n"; X print ARCHIVE "${V_HEADER}-Mail-From: \"$returnpath\" via $hostname\n"; X print ARCHIVE "${V_HEADER}-Rcpt-To: \"$recips\"\n"; X- print ARCHIVE "$V_HEADER: $VERSION ($SCANINFO Clear:$tag_score. Processed in ",tv_interval($start_time,[gettimeofday])," secs)\n"; X+ print ARCHIVE "$V_HEADER: $VERSION ($SCANINFO Clear:$tag_score$tag_sa_score. Processed in ",tv_interval($start_time,[gettimeofday])," secs)\n"; X+ if (($quarantine_description =~ /spam/i) && $sa_report) { X+ print ARCHIVE "SA_REPORT hits = $sa_hits/$required_hits\n$sa_report\n"; X+ } X print ARCHIVE "*** Qmail-Scanner Envelope Details End ***\n"; X close ARCHIVE; X } X@@ -1680,7 +2034,8 @@ X X chdir($scandir); X &debug("s_q: re-create the quarantine version file"); X- foreach $scanner (@scanner_array) { X+ &minidebug("s_q: re-create the quarantine version file"); X+ foreach $scanner (@scanners_installed) { X $scanner =~ s/_scanner//; X &debug("s_q: detecting version of $scanner"); X if ($scanner eq "uvscan") { X@@ -1742,16 +2097,17 @@ X } elsif (/sign2.def version ([0-9\.]+-[0-9\.]+-[0-9\.]+)/) { X $SCANINFO .= "$1. "; X } elsif (/F-PROT database version (.*)$/) { X- $SCANINFO .= "fprot($1)/"; X- } elsif (/AVP FPI Engine database version (.*)$/) { X- $SCANINFO .= "avp($1). "; X- } elsif (/Libra database version ([0-9\.]+-[0-9\.]+-[0-9\.]+)/) { X- $SCANINFO .= "libra database $1/"; X- } elsif (/Orion database version ([0-9\.]+-[0-9\.]+-[0-9\.]+)/) { X- $SCANINFO .= "orion database $1/"; X- } elsif (/AVP FPI Engine database version ([0-9\.]+-[0-9\.]+-[0-9\.]+)/) { X- $SCANINFO .= "avp fpi database $1. "; X- } X+ $SCANINFO .= "fprot($1)/"; X+ # Patch for version F-Secure 4.52 by Jyri X+ } elsif (/AVP FPI Engine database version (.*)$/) { X+ $SCANINFO .= "avp($1). "; X+ } elsif (/Libra database version ([0-9\.]+-[0-9\.]+-[0-9\.]+)/) { X+ $SCANINFO .= "libra database $1 / "; X+ } elsif (/Orion database version ([0-9\.]+-[0-9\.]+-[0-9\.]+)/) { X+ $SCANINFO .= "orion database $1 / "; X+ } elsif (/AVP FPI Engine database version ([0-9\.]+-[0-9\.]+-[0-9\.]+)/) { X+ $SCANINFO .= "avp fpi database $1. "; X+ } X } X close(FS); X $SCANINFO .= ". " if ($SCANINFO !~ /\. $/); X@@ -1900,6 +2256,8 @@ X } X close(SPAS); X $SCANINFO .= "spamassassin: $spamassassin_eng. "; X+ } elsif ($scanner eq "perlscan") { X+ $SCANINFO .="perlscan: $VERSION. "; X } else { X #Catch-all for other ones X $SCANINFO .= "$scanner: ???. "; X@@ -1911,8 +2269,10 @@ X close(VER); X rename("$versionfile.tmp","$versionfile"); X &debug("s_q: cleaning up files older than 2 days via $find_binary $scandir/tmp -mtime +2 -exec $rm_binary -rf {} \;"); X+ &minidebug("s_q: cleaning up files older than 2 days via $find_binary $scandir/tmp -mtime +2 -exec $rm_binary -rf {} \;"); X my ($OLDFILES)=`$find_binary $scandir/tmp -mtime +2 -exec $rm_binary -rf {} \\; 2>/dev/null`; X &debug("s_q: cleaning up quarantined mail older than 14 days via $find_binary $scandir/quarantine -type f -mtime +14 -exec $rm_binary -rf {} \;"); X+ &minidebug("s_q: cleaning up quarantined mail older than 14 days via $find_binary $scandir/quarantine -type f -mtime +14 -exec $rm_binary -rf {} \;"); X $OLDFILES=`$find_binary $scandir/quarantine/ -type f -mtime +14 -exec $rm_binary -f {} \\; 2>/dev/null`; X } X X@@ -2024,13 +2384,13 @@ X X $prog X X-Version: $VERSION X+Version: $VERSION ($st_version) X X Perl: PERLRELEASE_DETAILS X X-Scanners: perlscanner"; X- foreach $scanner (@scanner_array) { X- print ", $scanner"; X+Scanners: "; X+ foreach $scanner (@scanners_installed) { X+ print " $scanner, "; X } X X print "\n\nScanner versioning: $SCANINFO\n"; X@@ -2061,9 +2421,10 @@ X } else { X &debug("e_s: don't notify sender"); X } X- }elsif ($addr_type eq "psender") { X+ } elsif ($addr_type eq "psender") { X if (!&is_unreplyable_email('sender') && ¬ify_addr('sender') && ($quarantine_event =~ /^(policy|perlscan)/i && $quarantine_event !~ /(gr[ae]ylist|virus)/i)) { X &debug("e_s: sending policy quarantine report via: $qmailinject to psender address ($returnpath)"); X+ &minidebug("e_s: sending policy quarantine report via: $qmailinject to psender address ($returnpath)"); X print SM "To: $returnpath\n"; X $tmpsndrs = "$returnpath"; X } else { X@@ -2073,7 +2434,9 @@ X return; X } X } else { X- if (¬ify_addr('admin') || (¬ify_addr('nmladm') && !&is_unreplyable_email('sender')) || (¬ify_addr('nmlvadm') && ($quarantine_event =~ /^(policy|perlscan)/i && $quarantine_event !~ /(gr[ae]ylist|virus)/i) && !&is_unreplyable_email('sender'))) { X+ # st: if the mail is local and is set nmladm or nmlvadm, X+ # always notify admin (maybe it is not good or a big site) X+ if ( ¬ify_addr('admin') || ( ¬ify_addr('nmladm') && (!&is_unreplyable_email('sender') || $QS_RELAYCLIENT) ) || ( ¬ify_addr('nmlvadm') && (($quarantine_event =~ /^(policy|perlscan)/i && $quarantine_event !~ /(gr[ae]ylist|virus)/i && !&is_unreplyable_email('sender')) || $QS_RELAYCLIENT) ) ) { X &debug("e_s: sending $polstring quarantine report via: $qmailinject to admin address ($QUARANTINE_CC)"); X print SM "To: $QUARANTINE_CC\n"; X $tmpsndrs .= "$QUARANTINE_CC"; X@@ -2083,7 +2446,11 @@ X } X $tmpsubj="$destring LOCALE_sender_subject \"$headers{'subject'}\""; X $tmpsubj =~ s/(\r|\0|\n)/ /g; X- print SM "Subject: $tmpsubj\n"; X+ if ($QS_RELAYCLIENT) { X+ print SM "Subject: LOCAL USER - $tmpsubj\n"; X+ } else { X+ print SM "Subject: $tmpsubj\n"; X+ } X print SM "Message-ID: <".&uniq_id."\@$hostname>\n"; X print SM "Auto-Submitted: auto-replied\n"; X if ($headers{'message-id'} ne "") { X@@ -2109,6 +2476,9 @@ X print SM "LOCALE_attention: $returnpath\n"; X } X print SM "\nLOCALE_sender_explanation\n"; X+ if (($addr_type !~ /sender/) && ($quarantine_description =~ /spam/i) && $sa_report) { X+ print SM "\nSA_REPORT hits = $sa_hits/$required_hits\n$sa_report\n\n"; X+ } X if ($destring eq "virus") { X print SM "\nLOCALE_sender_virus_content\n"; X } else { X@@ -2187,7 +2557,7 @@ X #print SM "\nLxOCALE_recips_quarantine\n"; X close(SM); X if ($log_details) { X- &log_msg("qmail-scanner","Clear:$tag_score",$elapsed_time,1100,$V_FROM,$recip,$tmpsubj,$tmpmsgid,"quarantine-event.txt:1000"); X+ &log_msg("qmail-scanner","Clear:$tag_score$tag_sa_score",$elapsed_time,1100,$V_FROM,$recip,$tmpsubj,$tmpmsgid,"quarantine-event.txt:1000"); X } X } X X@@ -2216,6 +2586,7 @@ X &debug ("u_f: it is a zip file"); X if ($MAYBEZIP =~ /skipping:.*password/) { X &debug ("u_f: it is a password-protected zip file"); X+ &minidebug ("u_f: it is a password-protected zip file"); X $CRYPTO_TYPE="CR:ZIP(encrypted)"; X } X if ($force_unzip) { X@@ -2231,6 +2602,7 @@ X if ($max_zip_size > 0 && $max_zip_size < $zip_file_size) { X $quarantine_description="Disallowed zip file ($zipfile) - content exceeds maximum allowed size"; X &debug("u_f: $quarantine_description"); X+ &minidebug("u_f: $quarantine_description"); X $destring='LOCALE_destring_problem'; X $quarantine_event="Policy:Oversized_ZIP"; X $quarantine_DOS=$quarantine_event; X@@ -2293,9 +2665,11 @@ X #&debug("q_s_c: PPID=$ppid"); X if ($ppid == 1) { X &debug("q_s_c: Whoa! parent process is dead! (ppid=$ppid) Better die too..."); X- close(LOG); X+ &minidebug("q_s_c: Whoa! parent process is dead! (ppid=$ppid) Better die too..."); X &cleanup; X+ &close_log; X #Exit with temp error anyway - just to be real anal... X exit 111; X } X } X+ END-of-/usr/ports/mail/qmail-scanner2/files/patch-qmail-scanner-queue.template echo x - /usr/ports/mail/qmail-scanner2/Makefile sed 's/^X//' >/usr/ports/mail/qmail-scanner2/Makefile << 'END-of-/usr/ports/mail/qmail-scanner2/Makefile' X# New ports collection makefile for: qmail-scanner2 with st patch X# Date created: 2006-06-06 X# Whom: Polnsutee Thanesniratsai X# Thanks: Lersak Limwiwatkul X# X# $FreeBSD: ports/mail/qmail-scanner/Makefile,v 1.0 2006/06/06 $ X# X XPORTNAME= qmail-scanner XPORTVERSION= 2.01 XPORTREVISION= 1 XCATEGORIES= mail security XMASTER_SITES= ${MASTER_SITE_SOURCEFORGE} XMASTER_SITE_SUBDIR= ${PORTNAME} XDISTNAME= ${PORTNAME}-${PORTVERSION:S/.r/rc/} XEXTRACT_SUFX= .tgz X#PATCHFILES= q-s-2.01st-20060423.patch.gz X#PATCH_SITES= http://toribio.apollinare.org/qmail-scanner/download/ X XMAINTAINER= polnsutee@thaicert.org XCOMMENT= Content/Anti-virus Scanner for qmail X XBUILD_DEPENDS= ${QMAIL_QUEUE}:${PORTSDIR}/mail/qmail \ X reformime:${PORTSDIR}/mail/maildrop \ X ${SITE_PERL}/${PERL_ARCH}/Time/HiRes.pm:${PORTSDIR}/devel/p5-Time-HiRes X X# A normal qmail installation puts everything into /var/qmail/. X# Must match your qmail installation XQMAIL_DIR?= /var/qmail XQMAIL_QUEUE= ${QMAIL_DIR}/bin/qmail-queue X XUSE_PERL5= yes XNO_BUILD= yes X X# Barely optionnal X.if !defined(WITHOUT_TNEF) XBUILD_DEPENDS+= ${LOCALBASE}/bin/tnef:${PORTSDIR}/converters/tnef X.endif X XQS_USER= qscand X# Options XQMAILSCAN_ADMIN?= root X.if defined(QMAILSCAN_ADMINREALNAME) XCONFIGURE_ARGS+= --admin-realname "${QMAILSCAN_ADMINREALNAME}" X.endif X.if defined(QMAILSCAN_ARCHIVE) XCONFIGURE_ARGS+= --archive yes X.endif XQMAILSCAN_NOTIFY?= psender,precips X.if defined(QMAILSCAN_LANG) XCONFIGURE_ARGS+= --lang "${QMAILSCAN_LANG}" X.endif X.if defined(QMAILSCAN_LOCALDOMAINS) && !empty(QMAILSCAN_LOCALDOMAINS) XCONFIGURE_ARGS+= --local-domains "${QMAILSCAN_LOCALDOMAINS}" X.endif X.if defined(QMAILSCAN_LOGCRYPTO) XCONFIGURE_ARGS+= --log-crypto yes X.endif X.if defined(QMAILSCAN_NOTUNZIP) XCONFIGURE_ARGS+= --unzip no X.else XCONFIGURE_ARGS+= --unzip yes X.if defined(QMAILSCAN_MAXZIPSIZE) XCONFIGURE_ARGS+= --max-zip-size "${QMAILSCAN_MAXZIPSIZE}" X.endif X.if !defined(QMAILSCAN_NOTBLKZIPPW) XBUILD_DEPENDS+= unzip:${PORTSDIR}/archivers/unzip X#CONFIGURE_ARGS+= --block-password-protected yes X.endif X.endif X.if defined(QMAILSCAN_SCANNERS) XCONFIGURE_ARGS+= --scanners "${QMAILSCAN_SCANNERS}" X.else XCONFIGURE_ARGS+= --scanners auto X.endif XQMAILSCAN_SILENTVIRUSES?= auto X.if defined(QMAILSCAN_SPAMSREDIRECT) XCONFIGURE_ARGS+= --spams-redirect "${QMAILSCAN_SPAMSREDIRECT}" X.endif X.if defined(QMAILSCAN_SPAMSTOSUFFIX) XCONFIGURE_ARGS+= --spams-tosuffix "${QMAILSCAN_SPAMSTOSUFFIX}" X.endif X XRUN_DEPENDS= ${BUILD_DEPENDS} X XSPOOLDIR= /var/spool/qmailscan XPLIST_SUB+= SPOOLDIR=${SPOOLDIR} XSPOOLDIR2= /var/spool/qmammm XPLIST_SUB+= SPOOLDIR2="${SPOOLDIR2:S,${PREFIX}/,,}" XLOGDIR= /var/spool/qscan XPLIST_SUB+= LOGDIR=${LOGDIR} X XHAS_CONFIGURE= yes XCONFIGURE_ARGS+= \ X --qmaildir "${QMAIL_DIR}" --spooldir "${SPOOLDIR}" \ X --bindir "${PREFIX}/bin" \ X --admin "${QMAILSCAN_ADMIN}" --notify "${QMAILSCAN_NOTIFY}" \ X --silent-viruses "${QMAILSCAN_SILENTVIRUSES}" \ X --redundant yes \ X --add-dscr-hdrs yes \ X --log-details syslog --debug yes \ X --batch X Xpre-configure: X @${ECHO_MSG} "" X @${ECHO_MSG} "----------------------------------------" X @${ECHO_MSG} "You may use the following build options:" X @${ECHO_MSG} "" X @${ECHO_MSG} "QMAILSCAN_ADMIN email adress of qmail-scanner admin for alerts" X @${ECHO_MSG} "QMAILSCAN_ADMINREALNAME* name to use when sending alerts" X @${ECHO_MSG} "QMAILSCAN_LANG specify languages for QS mails (notify, etc..)" X @${ECHO_MSG} " supported languages are: af_ZA, cs_CZ, da_DK, de_DE," X @${ECHO_MSG} " en_GB, en_PL, enlt_LT, enlt_LT_short, es_ES, fr_FR," X @${ECHO_MSG} " it_IT, ja_JP.EUC, nl_NL, no_NO, pl_PL, pt_BR, pt_PT," X @${ECHO_MSG} " sk_SK, sv_SE, tr_TR, tr_TR_ascii and tw_BIG5" X @${ECHO_MSG} " default depends on your LANG variable" X @${ECHO_MSG} " (en_GB if LANG is not set)" X @${ECHO_MSG} "QMAILSCAN_LOCALDOMAINS domains classified as local domains preventing alerts" X @${ECHO_MSG} " of externals users (and mailing-lists...)" X @${ECHO_MSG} "QMAILSCAN_LOGCRYPTO simply notes in the log record if the message" X @${ECHO_MSG} " contained any form of digital signing or encryption" X @${ECHO_MSG} " (S/MIME, PGP and password protected files)" X @${ECHO_MSG} " default is disabled" X @${ECHO_MSG} "QMAILSCAN_MAXZIPSIZE zip that would have unpacked into more diskspace" X @${ECHO_MSG} " than this value will be blocked (prevent DoS)" X @${ECHO_MSG} " default is 1000000000" X @${ECHO_MSG} "QMAILSCAN_NOTBLKZIPPW zip password protected are blocked by default" X @${ECHO_MSG} " setting this variable to disable this function" X @${ECHO_MSG} "QMAILSCAN_NOTIFY who has to be notify of viruses/spams" X @${ECHO_MSG} " defaults to 'psender,precips'" X @${ECHO_MSG} "QMAILSCAN_SCANNERS list of installed content scanner" X @${ECHO_MSG} " default is automatic, so you do not need to set this" X @${ECHO_MSG} "QMAILSCAN_SILENTVIRUSES viruses that qs shoud not notify about" X @${ECHO_MSG} "QMAILSCAN_SPAMSREDIRECT* set this if you want to redirect all spams to a" X @${ECHO_MSG} " specific email address" X @${ECHO_MSG} "QMAILSCAN_SPAMSTOSUFFIX* suffix to alter spams recipients with" X @${ECHO_MSG} "" X @${ECHO_MSG} "When you set the last option to 'spam', a detected spam will be delivered to" X @${ECHO_MSG} "'user-spam@domain' instead of 'user@domain'." X @${ECHO_MSG} "" X @${ECHO_MSG} "* Please note these options are only available with FreeBSD ports " X @${ECHO_MSG} "So please, do not report relatives bugs to qmail-scanner team, but maintainer." X @${ECHO_MSG} "----------------------------------------" X @${ECHO_MSG} "" X @PKG_PREFIX=${PREFIX} ${SH} ${PKGDIR}/pkg-install ${PKGNAME} PRE-INSTALL X @if ! ${TEST} -f ${QMAIL_QUEUE}; then \ X ${ECHO_MSG} "Unable to found qmail-queue binary trying '${QMAIL_QUEUE}'."; \ X ${ECHO_MSG} "Please set QMAIL_DIR to your qmail installation directory !"; \ X exit 1; \ X fi X Xpost-configure: X ${TEST} -f ${WRKSRC}/qmail-scanner-queue.pl X Xdo-install: X -${TEST} -f ${PREFIX}/bin/qmail-scanner-queue.pl && \ X ${MV} ${PREFIX}/bin/qmail-scanner-queue.pl \ X ${PREFIX}/bin/qmail-scanner-queue.pl.old X ${INSTALL_SCRIPT} ${WRKSRC}/qmail-scanner-queue.pl ${PREFIX}/bin X @${CHOWN} ${QS_USER}:${QS_USER} ${PREFIX}/bin/qmail-scanner-queue.pl X @${CHMOD} 6755 ${PREFIX}/bin/qmail-scanner-queue.pl X @${MKDIR} ${LOGDIR} X @${TOUCH} ${LOGDIR}/quarantine.log X @${MKDIR} ${SPOOLDIR} X @${MKDIR} ${SPOOLDIR}/viruses X @${MKDIR} ${SPOOLDIR}/quarantine/viruses/cur X @${MKDIR} ${SPOOLDIR}/quarantine/viruses/new X @${MKDIR} ${SPOOLDIR}/quarantine/viruses/tmp X @${MKDIR} ${SPOOLDIR}/quarantine/spam/cur X @${MKDIR} ${SPOOLDIR}/quarantine/spam/new X @${MKDIR} ${SPOOLDIR}/quarantine/spam/tmp X @${MKDIR} ${SPOOLDIR}/quarantine/policy/cur X @${MKDIR} ${SPOOLDIR}/quarantine/policy/new X @${MKDIR} ${SPOOLDIR}/quarantine/policy/tmp X @${MKDIR} ${SPOOLDIR}/working/cur X @${MKDIR} ${SPOOLDIR}/working/new X @${MKDIR} ${SPOOLDIR}/working/tmp X @${CHOWN} -R ${QS_USER}:${QS_USER} ${SPOOLDIR} X @${CHOWN} -R ${QS_USER}:${QS_USER} ${LOGDIR} X ${INSTALL_DATA} ${WRKSRC}/quarantine-events.txt ${LOGDIR}/quarantine-events.txt X ${INSTALL_SCRIPT} ${WRKSRC}/log-report.sh ${LOGDIR}/log-report.sh X @PKG_PREFIX=${PREFIX} ${SH} ${PKGDIR}/pkg-install ${PKGNAME} POST-INSTALL X @${CAT} ${PKGMESSAGE} X Xpost-deinstall: X @${ECHO_MSG} X @${ECHO_MSG} "If you're not updating this port, you can delete directory '${SPOOLDIR}' and '${LOGDIR}'." X @${ECHO_MSG} "" X Xtest: X @${WRKSRC}/contrib/test_installation.sh -doit X X.include END-of-/usr/ports/mail/qmail-scanner2/Makefile echo x - /usr/ports/mail/qmail-scanner2/distinfo sed 's/^X//' >/usr/ports/mail/qmail-scanner2/distinfo << 'END-of-/usr/ports/mail/qmail-scanner2/distinfo' XMD5 (qmail-scanner-2.01.tgz) = 3fa95fb2e6bcea5adf450b6f1497ff5e XSIZE (qmail-scanner-2.01.tgz) = 226699 END-of-/usr/ports/mail/qmail-scanner2/distinfo echo x - /usr/ports/mail/qmail-scanner2/pkg-install sed 's/^X//' >/usr/ports/mail/qmail-scanner2/pkg-install << 'END-of-/usr/ports/mail/qmail-scanner2/pkg-install' X#!/bin/sh X XCHMOD=/bin/chmod XCHOWN=/usr/sbin/chown XMKDIR=/bin/mkdir XPW=/usr/sbin/pw X XGU_ID=98 XGU_NAME=qscand X XPREFIX=${PKG_PREFIX} XSPOOLDIR=${PREFIX}/qmailscan X Xcase "$2" in XPRE-INSTALL) X # User and group X ${PW} groupshow -n ${GU_NAME} >/dev/null 2>&1 \ X || ${PW} groupadd -n ${GU_NAME} -g ${GU_ID} X ${PW} usershow -n ${GU_NAME} >/dev/null 2>&1 \ X || ${PW} useradd ${GU_NAME} -g ${GU_NAME} -u ${GU_ID} -s /sbin/nologin X ${MKDIR} -p ${SPOOLDIR} X ${MKDIR} -p ${PREFIX}/share/examples/qs2mrtg X ;; XPOST-INSTALL) X # Directories X for i in quarantine working archives; do X for j in tmp cur new; do X ${MKDIR} -p ${SPOOLDIR}/$i/$j X done X done X ${MKDIR} -p ${SPOOLDIR}/tmp X X # Mod and owner X ${CHOWN} -R ${GU_NAME}:${GU_NAME} ${SPOOLDIR} X ${CHOWN} ${GU_NAME}:${GU_NAME} ${PREFIX}/bin/qmail-scanner-queue.pl X ${CHMOD} 4755 ${PREFIX}/bin/qmail-scanner-queue.pl X X # Initialize X ${PREFIX}/bin/qmail-scanner-queue.pl -z X ${PREFIX}/bin/qmail-scanner-queue.pl -g X X # Mod and owner (final) X ${CHOWN} -R ${GU_NAME}:${GU_NAME} ${SPOOLDIR} X ;; Xesac END-of-/usr/ports/mail/qmail-scanner2/pkg-install echo x - /usr/ports/mail/qmail-scanner2/pkg-message sed 's/^X//' >/usr/ports/mail/qmail-scanner2/pkg-message << 'END-of-/usr/ports/mail/qmail-scanner2/pkg-message' X**************************************************** XNOTES: X - You have to configure your anti-virus and anti-spams products! X - You HAVE to reinstall this port each time you add or remove one! X XNow, you have to modify your qmail startup files to call qmail-scanner. XIn most case, you just need to add: X export QMAILQUEUE="${PREFIX}/bin/qmail-scanner-queue.pl" Xto your tcpserver startup file. X XYou can test installation by running 'make test' in port dir. X**************************************************** END-of-/usr/ports/mail/qmail-scanner2/pkg-message echo x - /usr/ports/mail/qmail-scanner2/pkg-plist sed 's/^X//' >/usr/ports/mail/qmail-scanner2/pkg-plist << 'END-of-/usr/ports/mail/qmail-scanner2/pkg-plist' X@comment $FreeBSD: ports/mail/qmail-scanner/pkg-plist Xbin/qmail-scanner-queue.pl X@unexec echo "If you are permanently removing qmail-scanner, you should also remove spool directory by default: ``rm -Rf /var/spool/qscan'' and ``rm -Rf /var/spool/qmailscan''" END-of-/usr/ports/mail/qmail-scanner2/pkg-plist echo x - /usr/ports/mail/qmail-scanner2/pkg-descr sed 's/^X//' >/usr/ports/mail/qmail-scanner2/pkg-descr << 'END-of-/usr/ports/mail/qmail-scanner2/pkg-descr' Xqmail-scanner2 with st patch is e-mail content scanner that enables a qmail server to Xscan all messages it receives for certain characteristics (normally viruses), Xand react accordingly. X XIf you have a commercial virus scanner (eg, Sophos sweep, McAfee Xuvscan, etc) installed when you build qmail-scanner, qmail-scanner Xwill configure itself to use that. Otherwise, it will only use its Xinternal content filter which only allows you to block mail based Xon text in the subject/body, general types of attachments, etc. X XWWW: http://qmail-scanner.sourceforge.net/ X Xand all decription about st patch is on http://toribio.apollinare.org/qmail-scanner/ END-of-/usr/ports/mail/qmail-scanner2/pkg-descr exit >Release-Note: >Audit-Trail: >Unformatted: