Bart Schaefer wrote:
[...]
I'd like to issue a plea to you (and Nikos if he's reading this) who are
writing procmail recipes for public consumption:
Please DON'T assume that shoving the email into quarantine mailboxes is
the way that everyone wants to handle the problem.
After my recent run-in with calling clamav from procmail, I've decided
to write some shell wrapper scripts for various AV programs (clam,
f-prot, bitdefender) to call from my procmailrc. The scripts are
working, but not-quite ready for prime-time yet (tweaking
error-checking). However, I'd like to get some feedback on my general
approach.
The intent is to have these set up for calling from procmail in a
uniform, consistent way, and return uniform, consistent results
regardless of the underpinnings of the AV checker itself. For example,
clamav and f-prot use totally different exit code meanings, whereas bdc
(linux console) doesn't describe ANY in the manpage. I want to hide
these differences in the script, and simply return:
0 = OK, no virus.
1 = Infected.
2 = Error.
I also want to call each with two command-line parameters:
-q = quiet (output nothing)
-v = verbose (output full X-Virus-(Scanner)-Status:
{Clean|Infected|Error} header)
the default will be a simple "Clean" or "Infected." All will return a
meaningful exit code.
The scripts themselves unpack the mime message into a temp directory,
call the AV scanner to check the contents of the directory, and save the
output to a report file (not used yet.)
I'm thinking this approach will simplify doing AV while keeping procmail
complexity to a minimum, and aid maintenance. The return codes and/or
Status messages allow a variety of handling from procmail (and other uses.)
The scripts themselves are straightforward /bin/sh scripts, with calls
to grep or awk being the extent of external dependencies (other than the
actual AV scanner, of course.)
I may extend the approach to spam-catching tools as well (bogofilter,
crm114).
Any thoughts/feedback appreciated.
- Bob
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail