On Wed, 29 Jul 1998 22:21:48 +0100 (BST), you wrote:
>On Wed, 29 Jul 1998, Marc Haber wrote:
>> I am using a virus scanner program that is invoked by a pipe, scans
>> the mail and re-invokes exim to do the delivery. That program does its
>> own logging and I would love to have an option to make exim do entries
>> in its logs. Preferably, these could be invoked with calls to exim
>> with command like parameters, a little bit like logger.
>
>This is very interesting. I am intrigued in what you are doing. Which
>virus scanner program are you invoking with a pipe? is it commercial or
>something youve written?
The pipe is invoking a perl script that tries to unpack and MIME, zip
and other archives and then applies the McAfee scanner on the results.
I am working on different scan programs since McAfee does not scan too
well.
>How did you bolt the scanner program into exim? I ask as I would like to
>do the same thing.
Actually, Sven Paulus did that for me, but it looks like this in exim
config:
|######################################################################
|# TRANPORTS CONFIGURATION #
|######################################################################
|# ORDER DOES NOT MATTER #
|# Only one appropriate transport is called for each delivery. #
|######################################################################
|
|virscan:
| driver = pipe
| bsmtp = all
| batch_max = 32767
| bsmtp_helo = true
| command = "/usr/local/virscan/bin/scanmail $sender_host_address /var/log/exim_virscan 1"
| current_directory = "/tmp"
| from_hack = false
| freeze_exec_fail = false
| group = virscan
| ignore_status = false
| log_defer_output = false
| log_fail_output = false
| log_output = true
| prefix =
| return_output = false
| return_path_add = false
| timeout = 6h
| umask = 022
| use_shell = false
| user = virscan
|
|
|######################################################################
|# DIRECTORS CONFIGURATION #
|# Specifies how local addresses are handled #
|######################################################################
|# ORDER DOES MATTER #
|# A local address is passed to each in turn until it is accepted. #
|######################################################################
|system_aliases:
|jahr2000_aliases:
|majordomo_aliases:
|userforward:
|vircheck:
| condition = "${if or {{eq {$received_protocol}{no-attachment}} \
| {eq {$received_protocol}{local-not-scanned}} \
| {eq {$received_protocol}{scanned-ok}} \
| {match {$sender_host_address}{^192\.168\.10\.}}} \
| {0}{1}}"
| driver = localuser
| transport = virscan
|
|localuser:
|end
|
|######################################################################
|# ROUTERS CONFIGURATION #
|# Specifies how remote addresses are handled #
|######################################################################
|# ORDER DOES MATTER #
|# A remote address is passed to each in turn until it is accepted. #
|######################################################################
|
|vircheck:
| condition = "${if eq {$received_protocol}{scanned-ok} {0}{1}}"
| driver = domainlist
| route_list = "*"
| transport = virscan
|
|smarthost:
|
|end
The virus scanner scans the mail and re-delivers it with exim -oMr
scanned-ok to stop the mail from being scanned a second time.
Note: This will _not_ work with a stock exim-1.92, Phil had to send me
a patch to make this work. It took him actually 38 minutes :-)
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
--
*** Exim information can be found at
http://www.exim.org/ ***
