HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Feature Requests (http://www.howtoforge.com/forums/forumdisplay.php?f=17)
-   -   ading av - x-header to incoming emails (http://www.howtoforge.com/forums/showthread.php?t=752)

Ovidiu 5th October 2005 01:32

ading av - x-header to incoming emails
 
hi guys,

can anyone explain how I add a x-header to incoming mails to indicate they have been scanned? I already noticed the kludge portion inside the trashscan file but I would like to (if possible) include some special x-header that also states the version of clamav/date of the virus signatures ...

at the moment I have had severall viri inside my inbox and I doubt that they all got past clamav, I suppose somehow these mailswere not scanned so this header would also be an indicator if mails are correctly processed...

falko 5th October 2005 09:58

You could include a line like this:

Code:

${FORMAIL} -I "X-Virus-Scanner: `/home/admispconfig/ispconfig/tools/clamav/usr/bin/clamscan -V` on `date`" < ${MSGDIR}/rec.msg | ${PROCMAIL}
But make sure to comment out this line:
Code:

${FORMAIL} -I "$VKLUDGE Scanned by $TSCV running on $HOSTNAME" < ${MSGDIR}/rec.msg | ${PROCMAIL}

Ovidiu 5th October 2005 10:15

do you mean there should be a line present inside each mail saying it was scanned by TSCV running on $HOSTNAME ? I don't see this in any email... seems the mails are not scanned..

Ovidiu 6th October 2005 23:39

ok, seems the problem is solved: the virus I was hit by was a mytob variant. it seems like the signatures are not yet included in clamav. while searching in their database I found the mytob signatures were included in the daily.cvd while signatures for older viruses were included in main.cvd file ... I do not know what this means exactly

I did a freshclam but I already had the latest definition files, I thought about restarting clamav or clamd and there was no such process running, is that right? does the process get started when an email is scanned or is there something wrong with my install?

falko 7th October 2005 03:38

Quote:

Originally Posted by Tenaka
I did a freshclam but I already had the latest definition files, I thought about restarting clamav or clamd and there was no such process running, is that right? does the process get started when an email is scanned or is there something wrong with my install?

Emails are scanned by clamscan, this is no daemon that's running all the time. clamscan is called whenever an email arrives. There's nothing wrong with your install. :)

Ovidiu 12th October 2005 10:36

now I have one more question towards spamassassin. other solutions beside ispconfig seemed to be using spamc or spamd running as daemon. ispconfig doesn't.

I want to use a plugin for a wordpress installation. its details can be found here: http://www.ioerror.us/software/wp-spamassassin/
this plugin uses spamassassin to filter comments in the blog. it seems to expect spamassassin running as daemon. here is a config file excerpt:

Quote:

// If you want to use a spamd server running on the same machine, uncomment
// the next line, changing the name of the UNIX domain socket if necessary,
// and comment out the two lines after it.
// $wp_spamd_socket = "/tmp/spamd.socket";
$wp_spamd_server = "localhost";
$wp_spamd_port = 783;
how can I get spamassassin running as daemon, where do I find its socket fiel and will it interfere with ispconfig??? any ideas?

till 12th October 2005 12:09

You can install a second spamassassin beside the one that comes with ISPConfig.

Ovidiu 19th October 2005 08:34

does anyone know hot to change the subject of mails filtered as virus to reflect the name of the virus in the subject? like the ***SPAM*** with spammails that gets prepended to spam messages?
so that my virus filtered mails would look like: *VIRUS:MYTOB* regular subject or something similar

hendry 23rd December 2005 22:06

Quote:

Originally Posted by falko
You could include a line like this:

Code:

${FORMAIL} -I "X-Virus-Scanner: `/home/admispconfig/ispconfig/tools/clamav/usr/bin/clamscan -V` on `date`" < ${MSGDIR}/rec.msg | ${PROCMAIL}
But make sure to comment out this line:
Code:

${FORMAIL} -I "$VKLUDGE Scanned by $TSCV running on $HOSTNAME" < ${MSGDIR}/rec.msg | ${PROCMAIL}

Wich file(s) must be edited to do this?

falko 24th December 2005 13:09

Quote:

Originally Posted by hendry
Wich file(s) must be edited to do this?

/home/admispconfig/ispconfig/tools/clamav/bin/trashscan


All times are GMT +2. The time now is 00:20.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.