On Sun, Jun 18, 2006 at 05:33:32AM -0700, Loren M. Lang wrote: > Attached is a patch which add a command-line option to tell > clamav-milter to insert X-Virus-* headers to the top of the > e-mail just above the received line added by the MTA scanning > e-mail. The problem with adding the headers to the bottom > of the header list is that it breaks domainkeys which relies > on a signature of the e-mail starting just below the > domainkeys signature header. I thought the most suitable > place to put the headers was just above the received line as > this groups it with the appropriate MTA as well. I've tested > this patch with 0.88.1 and 0.88.2 with no known side-effects.
Actually, it appears that inserting it there breaks sending domainkeys while it fixes receiving. I had to change the index from 0 to 1 to support both sending and receiving domainkeys. Currently I have both working using a modified patch. > -- > Loren M. Lang > [EMAIL PROTECTED] > http://www.north-winds.org/ > > > Public Key: ftp://ftp.north-winds.org/pub/lorenl_pubkey.asc > Fingerprint: CEE1 AAE2 F66C 59B5 34CA C415 6D35 E847 0118 A3D2 > > diff -ruN clamav-0.88.2/clamav-milter/clamav-milter.c > clamav-0.88.2-mod/clamav-milter/clamav-milter.c > --- clamav-0.88.2/clamav-milter/clamav-milter.c 2006-04-29 > 12:14:28.000000000 -0700 > +++ clamav-0.88.2-mod/clamav-milter/clamav-milter.c 2006-06-17 > 18:11:52.000000000 -0700 > @@ -339,6 +339,10 @@ > * Send a 550 rejection when a virus is > * found > */ > +static int insertheaders = 0; /* > + * Insert X-Virus-Status/X-Virus-Scanned > + * headers at the top of the e-mail > + */ > static int hflag = 0; /* > * Include original message headers in > * report > @@ -484,6 +488,7 @@ > puts(_("\t--outgoing\t\t-o\tScan outgoing messages from this > machine.")); > puts(_("\t--noreject\t\t-N\tDon't reject viruses, silently throw them > away.")); > puts(_("\t--noxheader\t\t-n\tSuppress X-Virus-Scanned/X-Virus-Status > headers.")); > + puts(_("\t--insert\t\t-I\tInsert headers at the top of the e-mail.")); > puts(_("\t--pidfile=FILE\t\t-i FILE\tLocation of pidfile.")); > puts(_("\t--postmaster\t\t-p EMAIL\tPostmaster address > [default=postmaster].")); > puts(_("\t--postmaster-only\t-P\tSend warnings only to the > postmaster.")); > @@ -567,9 +572,9 @@ > for(;;) { > int opt_index = 0; > #ifdef CL_DEBUG > - const char *args = > "a:AbB:c:CdDefF:lLm:nNop:PqQ:hHs:St:T:U:VwW:x:0:"; > + const char *args = > "a:AbB:c:CdDefF:lLm:nNIop:PqQ:hHs:St:T:U:VwW:x:0:"; > #else > - const char *args = > "a:AbB:c:CdDefF:lLm:nNop:PqQ:hHs:St:T:U:VwW:0:"; > + const char *args = > "a:AbB:c:CdDefF:lLm:nNIop:PqQ:hHs:St:T:U:VwW:0:"; > #endif > > static struct option long_options[] = { > @@ -628,6 +633,9 @@ > "noxheader", 0, NULL, 'n' > }, > { > + "insert", 0, NULL, 'I' > + }, > + { > "outgoing", 0, NULL, 'o' > }, > { > @@ -752,6 +760,9 @@ > case 'N': /* Do we reject mail or silently drop > it */ > rejectmail = 0; > break; > + case 'I': /* insert header at top */ > + insertheaders = 1; > + break; > case 'o': /* scan outgoing mail */ > oflag++; > break; > @@ -2505,7 +2516,9 @@ > syslog(LOG_NOTICE, _("%s: Message more than > StreamMaxLength (%ld) bytes - not scanned"), > sendmailId, streamMaxLength); > } > - if(!nflag) > + if(!nflag && insertheaders) > + smfi_insheader(ctx, 0, "X-Virus-Status", _("Not > Scanned - StreamMaxLength exceeded")); > + else if(!nflag) > smfi_addheader(ctx, "X-Virus-Status", _("Not > Scanned - StreamMaxLength exceeded")); > > return SMFIS_ACCEPT; /* clamfi_close will be called > */ > @@ -2801,7 +2814,10 @@ > /* sanity check failed - should issue warning */ > strcpy(buf, _("Error determining host")); > } > - smfi_addheader(ctx, "X-Virus-Scanned", buf); > + if(insertheaders) > + smfi_insheader(ctx, 0, "X-Virus-Scanned", buf); > + else > + smfi_addheader(ctx, "X-Virus-Scanned", buf); > } > > if(strstr(mess, "ERROR") != NULL) { > @@ -2812,12 +2828,16 @@ > if(use_syslog) > syslog(LOG_NOTICE, _("%s: Message more than > StreamMaxLength (%ld) bytes - not scanned"), > sendmailId, streamMaxLength); > - if(!nflag) > + if(!nflag && insertheaders) > + smfi_insheader(ctx, 0, "X-Virus-Status", _("Not > Scanned - StreamMaxLength exceeded")); > + else if(!nflag) > smfi_addheader(ctx, "X-Virus-Status", _("Not > Scanned - StreamMaxLength exceeded")); > clamfi_cleanup(ctx); /* not needed, but just to be > safe */ > return SMFIS_ACCEPT; > } > - if(!nflag) > + if(!nflag && insertheaders) > + smfi_insheader(ctx,0,"X-Virus-Status",_("Not Scanned")); > + else if(!nflag) > smfi_addheader(ctx, "X-Virus-Status", _("Not Scanned")); > > cli_warnmsg("%s: %s\n", sendmailId, mess); > @@ -2848,7 +2868,10 @@ > char buf[129]; > > snprintf(buf, sizeof(buf) - 1, "%s %s", _("Infected > with"), virusname); > - smfi_addheader(ctx, "X-Virus-Status", buf); > + if(insertheaders) > + smfi_insheader(ctx, 0, "X-Virus-Status", buf); > + else > + smfi_addheader(ctx, "X-Virus-Status", buf); > } > > if(quarantine_dir) > @@ -3071,7 +3094,9 @@ > smfi_setreply(ctx, (char *)privdata->rejectCode, "5.7.1", > reject); > broadcast(mess); > } else if(strstr(mess, "OK") == NULL) { > - if(!nflag) > + if(!nflag && insertheaders) > + smfi_insheader(ctx, 0, "X-Virus-Status", _("Unknown")); > + else if(!nflag) > smfi_addheader(ctx, "X-Virus-Status", _("Unknown")); > if(use_syslog) > syslog(LOG_ERR, _("%s: incorrect message \"%s\" from > clamd"), > @@ -3079,7 +3104,9 @@ > mess); > rc = cl_error; > } else { > - if(!nflag) > + if(!nflag && insertheaders) > + smfi_insheader(ctx, 0, "X-Virus-Status", _("Clean")); > + else if(!nflag) > smfi_addheader(ctx, "X-Virus-Status", _("Clean")); > > if(use_syslog && logClean) > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQBElUY9bTXoRwEYo9IRAkBUAJ9LUbkp/4fPerSe06fv3mO557K6yQCeIG8C > 4EpEFT8m19+tWnNg/dBdZMI= > =FUvf > -----END PGP SIGNATURE----- > _______________________________________________ > http://lurker.clamav.net/list/clamav-devel.html -- Loren M. Lang [EMAIL PROTECTED] http://www.north-winds.org/ Public Key: ftp://ftp.north-winds.org/pub/lorenl_pubkey.asc Fingerprint: CEE1 AAE2 F66C 59B5 34CA C415 6D35 E847 0118 A3D2
pgpGtVr20c81R.pgp
Description: PGP signature
_______________________________________________ http://lurker.clamav.net/list/clamav-devel.html
