GNU/Linux Desktop Survival Guide
by Graham Williams |
|||||
Viruses |
Debian Packages: clamav clamav-freshclam
The clamav package can be used to check email for viruses. The virus data will be updated automatically if clamav-freshclam is installed.
The clamscan command can also be used used with procmail by using a script (in this case, clamfilter.pl from http://www.everysoft.com/) to run clamscan on each message with a procmail entry like:
:0fw | clamfilter.pl :0: * ^X-Virus-Found: yes clam-`date +%Y-%m` |
The actual script to add the appropriate X-Virus-Found header is:
#!/usr/bin/perl -w # # ClamFilter 1.0 # by Matt Hahnfeld (http://www.everysoft.com/) # Requires perl, clamscan, procmail, and this script. # # Add these lines to your .procmailrc: # # :0fw # | /usr/local/bin/clamfilter.pl # # This script is public domain. # use strict; use File::Temp 'tempfile'; &main(); exit 0; sub main { # Set up a temporary file for the original message my ($tmpfh, $tmpfn) = tempfile( UNLINK => 1 ); -w $tmpfn or die 'Could not open temp file!'; # Pass 1: Write out the temporary file while (<STDIN>) { print $tmpfh $_; } seek($tmpfh, 0, 0); # Pass 2: Scan the message open CLAMSCAN, "/bin/cat $tmpfn | /usr/bin/clamscan --stdout --recursive --mbox - 2>/dev/null |" or die 'Could not open clamscan!'; my $clamstatus = qq|X-Virus-Found: yes X-Virus-Status: ------------------------------------------------------------ Virus Scan Status: ------------------------------------------------------------ |; while (<CLAMSCAN>) { $clamstatus .= ' ' . $_; } close CLAMSCAN; $clamstatus .= qq| ------------------------------------------------------------ |; # Pass 3: Print out the message my $bodyflag = 0; while (<$tmpfh>) { if (! $bodyflag and $_ eq "\n") { if ($?) { print $clamstatus; } else { print "\n"; } $bodyflag = 1; } else { print; } } } |