On Tue, Sep 20, 2005 at 12:59:58PM +0000, Andrea Nori wrote:
I use procmail with clamav to check the mail about virus.
Currently I use:
:0fw
| /usr/local/bin/clamassassin
:0:
* ^X-Virus-Status: Yes
/dev/null
It works fine, but I would like to receive a mail with an alert
(eg.: x(_at_)y(_dot_)zzz has sent to you a message with XXXX virus, etc.)
instead of /dev/null. Is it possible with procmail?
Naturally.
You need to use the flags to clamassassin that send to output what the
virus was. I don't have clamassassin, but I have clamscan and can
do this like so:
CLAMOUT = `clamscan --mbox --stdout --no-summary -`
:0 b fw i
* CLAMOUT ?? :\/.* Found
| echo "ClamScan found the following in this message: $MATCH"
Just tested it successfully, with this body now in the test message:
ClamScan found the following in this message: Worm.Mydoom.AT FOUND
--
Dallman
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail