On Thu, 28 Oct 1999, Gordon Smith wrote:
> If anyone has had any success with Amavis, I'd be interested to see how you did
> it. With the latest (pre6) qmail passes the message to the script, which checks
> the message for viruses, but the script never passes the message back. Aargh! I
> get a "no local delivery program available" error.
> I think that basename is not returning the calling program id correctly, but
> I'm not sure. If anyone has already fixed this, please let me know. Otherwise
> I'll post a fix here once I figure out whats going on :-)
The default qmail setup for amavis was slightly horked. You'll need to
apply the attached patch & configure it with: --enable-qmail
--enable-x-header=no. Once you have it installed, do:
cd /var/qmail/bin
mv qmail-remote qmail-remote-real
mv qmail-local qmail-local-real
ln -s /usr/sbin/scanmails qmail-remote
ln -s /usr/sbin/scanmails qmail-local
This will allow you to scan all incoming and outgoing mail for viruses.
If you do not feel comfortable moving the binaries around, you can just
add:
| /usr/sbin/scanmails $SENDER $RECEIPIENT
to /var/qmail/defaultdelivery/rc .
The attached patch fixes the following problems:
1. Should check $sender & $receiver against $SENDER & $RECEIPIENT instead
of $2 & $7.
2. Do not attempt to log to the logfile if $do_log != 'yes'.
3. Since qmail doesn't use the default $deliver program, do not check for
$deliver when attempting to pass on the mail.
I'm not sure why using formail to add the X-AntiVirus: header doesn't
work so always I disabled it. I think the proper step may be to reinvoke
qmail-inject but I'm not sure how that would work.
- cls
--- amavis-0.2.0-pre6/src/scanmails/scanmails.in.cls Tue Jul 20 12:28:52 1999
+++ amavis-0.2.0-pre6/src/scanmails/scanmails.in Mon Oct 25 13:16:01 1999
@@ -103,6 +103,7 @@
# - if "do_log" is set to "yes" #
################################################
var_log=@var_log@
+systemlogdir=${var_log}/scanmails/
do_log=@do_log@
do_syslog=@do_syslog@
syslog_level=@syslog_level@
@@ -242,11 +243,11 @@
receiver=`echo ${RECEIPIENT} | ${sed} -e "s/[\\\`\\\\\$\(\)]//g"`
sender=`echo ${SENDER} | ${sed} -e "s/[\\\`\\\\\$\(\)]//g"`
-if [ "$sender" != "$2" -o "$receiver" != "$7" ] ; then
+if [ "$sender" != "${SENDER}" -o "$receiver" != "${RECEIPIENT}" ] ; then
cat <<EOF | ${mail} -s "AMaViS Intrusion???" ${mailto}
############################################################
- $7 or $2 is not a valid Email address
+ ${RECEIPIENT} or ${SENDER} is not a valid Email address
(changed to $receiver and $sender)!
############################################################
@@ -840,8 +841,10 @@
echo The attached mail has been found to contain a virus >${tmpdir}/virusmail
echo Originally $0 "$@" >>${tmpdir}/virusmail
echo The mail has been stored as ${virusmailsdir}/virus$$ >> ${tmpdir}/virusmail
- mkdir -p ${var_log}/${scanscriptname}
- cat ${tmpdir}/logfile >>${var_log}/${scanscriptname}/logfile
+ if [ "x${do_log}" = "xyes" ]; then
+ mkdir -p ${systemlogdir}
+ cat ${tmpdir}/logfile >>${systemlogdir}/logfile
+ fi
cat ${tmpdir}/virusmail ${tmpdir}/logfile | ${mail} -s "FOUND VIRUS IN MAIL $*"
${mailto}
################### send a mail back to sender ######################
@@ -897,33 +900,27 @@
else
echo No virus found - good >> ${tmpdir}/logfile
- if [ "x${deliver}" != "x" ] && [ -x ${deliver} ] ; then
+ if [ "x${usingqmail}" != "x" ]; then
if [ "x$x_header" = "xyes" ] && [ "x${formail}" != "x" ] && [ -x ${formail} ] ;
then
- if [ "x${usingqmail}" != "x" ]; then
- # If invoked as anything other than "scanmails", invoke the real
- # program else fall thru to exit
- if [ "${scanscriptname}" != "scanmails" ] ; then
- cat ${tmpdir}/receivedmail |\
- ${formail} -f \
- -A "${X_Header_String}" \
- | ${scanscriptname}-real "$@"
- fi
- else
- cat ${tmpdir}/receivedmail |\
- ${formail} -f \
- -A "${X_Header_String}" \
- | ${deliver} "$@"
+ if [ "${scanscriptname}" != "scanmails" ] ; then
+ cat ${tmpdir}/receivedmail |\
+ ${formail} -f \
+ -A "${X_Header_String}" \
+ | ${scanscriptname}-real "$@"
+ fi
+ else
+ if [ "${scanscriptname}" != "scanmails" ] ; then
+ ${scanscriptname}-real "$@" < ${tmpdir}/receivedmail
fi
+ fi
+ elif [ "x${deliver}" != "x" ] && [ -x ${deliver} ] ; then
+ if [ "x$x_header" = "xyes" ] && [ "x${formail}" != "x" ] && [ -x ${formail} ] ;
+then
+ cat ${tmpdir}/receivedmail |\
+ ${formail} -f \
+ -A "${X_Header_String}" \
+ | ${deliver} "$@"
else
- if [ "x${usingqmail}" != "x" ]; then
- # If invoked as anything other than "scanmails", invoke the real
- # program else fall thru to exit
- if [ "${scanscriptname}" != "scanmails" ] ; then
- ${scanscriptname}-real "$@" < ${tmpdir}/receivedmail
- fi
- else
- ${deliver} "$@" <${tmpdir}/receivedmail
- fi
+ ${deliver} "$@" <${tmpdir}/receivedmail
fi
else
pid=$$
@@ -937,8 +934,8 @@
if [ "x${do_log}" = "xyes" ]
then
- mkdir -p ${var_log}/${scanscriptname}
- cat ${tmpdir}/logfile >> ${var_log}/${scanscriptname}/logfile
+ mkdir -p ${systemlogdir}
+ cat ${tmpdir}/logfile >> ${systemlogdir}/logfile
fi
fi
