[exim] proposed fix to clamd content-scanning

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: [exim] proposed fix to clamd content-scanning
Hi,
Noting the existence in the source of an undocumented "local"
option to the clamd variant of scanning, we found it nonoperational.
A little digging gives a nice fix consisting of removing a few lines
(diff attached).

Syntax to use the option is:
av_scanner = clamd:127.0.0.1 3310:local

which results in only the directory name going over the connection,
not the file content.

Cheers,
Jeremy
--- src/malware.c.orig    2006-12-31 13:33:38.000000000 +0000
+++ src/malware.c    2007-01-07 15:26:17.000000000 +0000
@@ -1077,16 +1077,12 @@


         if (strcmpic(clamd_options2,US"local") == 0) {


-      /* Pass the string to ClamAV (7 = "SCAN \n" + \0) */
-
-          (void)string_format(file_name,1024,"SCAN %s/scan/%s\n", spool_directory, message_id);
+      /* clam is running on the local machine
+        Simply needs to be passed the scan command
+        which is performed as the final send for
+        all connection modes
+      */


-          if (send(sock, file_name, Ustrlen(file_name), 0) < 0) {
-            (void)close(sock);
-            log_write(0, LOG_MAIN|LOG_PANIC,"malware acl condition: clamd: unable to write to socket (%s)",
-                  strerror(errno));
-            return DEFER;
-          }
         } else {


       /* Pass the string to ClamAV (7 = "STREAM\n") */