Hi I changed the code a little.
- there is a config-file with extensions that will be rejected.
- there are som logging of debug-info.
I also attach my config-file.
I'm not very good at perl, but I think this is correct.
Do you know where to find documentation on how to write plugins? What I
did now was to look at the other plugins that I have.....
(I cc this to the mailinglist).
On Tue, 2004-07-13 at 12:03, R Wahyudi wrote:
> I have this on my system, I think this will be use full for to filter file
> based on file name.
>
> #!/usr/bin/perl -w
>
> sub register {
> my $self = shift;
> $self->register_hook('data_post', 'check_for_virus_attach');
> }
>
> sub check_for_virus_attach {
> my ($self, $transaction) = @_;
>
> # make sure we read from the beginning;
> $transaction->body_resetpos;
>
> my $line_number = 0;
> my $seen_file = 0;
> my $ct_filename = '';
> my $cd_filename = '';
>
> while ($_ = $transaction->body_getline) {
> last if $line_number++ > 400;
> # look for zip files
>
> if (/name="(.*)\.exe"/) {
> my $myname = $1;
> $self->log(5, "Found exe file name $myname");
> return (DENY, "Unsafe exe attachment ($myname.exe) not
> accepted");
> }
> if (/name="(.*)\.scr"/) {
> my $myname = $1;
> $self->log(5, "Found scr file name $myname");
> return (DENY, "Unsafe scr attachment ($myname.scr) not
> accepted");
> }
> if (/name="(.*)\.pif"/) {
> my $myname = $1;
> $self->log(5, "Found pif file name $myname");
> return (DENY, "Unsafe pif attachment ($myname.pif) not
> accepted");
> }
> if (/name="(.*)\.cmd"/) {
> my $myname = $1;
> $self->log(5, "Found cmd file name $myname");
> return (DENY, "Unsafe cmd attachment ($myname.cmd) not
> accepted");
> }
> if (/name="(.*)\.bat"/) {
> my $myname = $1;
> $self->log(5, "Found bat file name $myname");
> return (DENY, "Unsafe bat attachment ($myname.bat) not
> accepted");
> }
> }
> return DECLINED;
> }
>
> Cheers,
> Rio
>
>
>
> ----- Original Message -----
> From: "Hans Sandsdalen" <[EMAIL PROTECTED]>
> To: "Robin Bowes" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Tuesday, July 13, 2004 5:05 PM
> Subject: Re: qmail-smtpd-viruscan ?
--
/ hans - System Manager, Kongsberg Spacetec
/ http://www.spacetec.no
/ http://www.sandsdalen.net
/---------------------------------------------
/ HANS = High Availability No Superman
#!/usr/bin/perl -w
#
# plugin to filter out executable attachments based on extension (filename)
#
# original from R Wahyudi <[EMAIL PROTECTED]>
# changed by Hans Sandsdalen <[EMAIL PROTECTED]>
#
sub register {
my $self = shift;
$self->register_hook('data_post', 'check_for_virus_attach');
}
sub check_for_virus_attach {
my ($self, $transaction) = @_;
# make sure we read from the beginning;
$transaction->body_resetpos;
my $line_number = 0;
my $seen_file = 0;
my $ct_filename = '';
my $cd_filename = '';
# extensions to search for
# one on each line in configfile
my @extensions = ($self->qp->config('check_for_virus_attach'));
if ( scalar(@extensions) == 0 ) {
$self->log(LOGDEBUG, "No extensions to check for...?");
return DECLINED;
}
#foreach $extension (@extensions) {
# $self->log(LOGDEBUG, "Checking for $extension extension");
#}
$self->log(LOGDEBUG, "Will check for these extensions: @extensions");
while ($_ = $transaction->body_getline) {
last if $line_number++ > 400;
my $line = $_;
my $extension = "";
foreach $extension (@extensions) {
if ($line =~ /name="(.*)\.$extension"(;|$)/ || $line =~/name=(.*)\.$extension(;|$)/) {
my $myname = $1;
$self->log(LOGERROR, "Found $extension file name $myname");
return (DENY, "Unsafe $extension attachment ($myname.$extension) not accepted");
}
}
}
$self->log(LOGDEBUG,"Looks fine...");
return DECLINED;
}
# extensions that will be rejected # one on each line ade asx bat chm cmd com cpl crt exe hlp hta inf ins isp js jse lnk mdc msi msp mst nsc pcd pif reg scr sct shs vb vbe vbs wsc wsf wsh
signature.asc
Description: This is a digitally signed message part
