amavisd-new + clamav + zipy z hasłem

Andrzej Zawadzki zawadaa w wp.pl
Śro, 3 Mar 2004, 17:09:36 CET 

Witam.
Od niedawna clamav posiada sygantury na nowy typ robali, których pełno w 
necie: zip z hasłem,a w treści: To są super zdjęcia - kod do zipa to 
"21345".
I teraz problem.
amavisd-new-20030616-4 nie potrafi przekazać po nieudanym rozzipowaniu 
pliku do clamava.
Koleś napisał patcha:

*** amavisd     Sun Jan  4 17:00:19 2004
--- /usr/local/sbin/amavisd     Tue Mar  2 10:54:52 2004
***************
*** 4785,4790 ****
--- 4785,4791 ----
   use Digest::MD5;
   use Net::Server 0.83;
   use Net::Server::PreForkSimple;
+ use File::Copy;

   BEGIN {
       import Amavis::Conf qw(:platform :confvars :notifyconf :sa);
***************
*** 5305,5310 ****
--- 5306,5312 ----
                     $msginfo->mime_entity(mime_decode($fh,$tempdir));
                     prolong_timer($which_section);
                 }
+               copy("$tempdir/email.txt",
"$tempdir/parts/email.txt");
                 $which_section = "virus_scan";
                 # some virus scanners behave badly if interrupted,
                 # so for now just turn off the timer


i to podobno działa - czy ktoś może to zaaplikować?

I druga sprawa:
Koleś od amavisd-new napisał na liście amavisa, że najnowszy też to 
potrafi (opdowiedź na patcha):

| I've written a two line patch that copies the email.txt file into the
| parts directory so that the mail itself gets scanned and the virus is
| detected.  Here it is, if you want it:

Thanks for a stopgap solution.
Works with clamav, but not with Sophos.

(btw, the password protected zip is already automatically preserved
for virus scanner inspecition, but this does not help in the current
case).


Btw, the snapshot version has the ability to keep the original mail
already built-in. Enabled by @keep_decoded_original_maps, e.g.:

@keep_decoded_original_maps = (new_RE(
   qr'^MAIL$',    # retain full original message for virus checking?
   qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));

The most recent snapshot code is available at:
   http://www.ijs.si/software/amavisd/amavisd-new-20040302.tar.gz
The BerkeleyDB Perl module with libdb version 3.1 or later is needed,
otherwise it should be mostly compatible with existing amavisd.conf files.

I'll see what can be done for the amavisd-new-20030616-p8.

   Mark

I teraz czy to się do Ra nada?

-- 
Andrzej Zawadzki

Więcej informacji o liście dyskusyjnej pld-devel-pl