Hi,
Noting the existence in the source of an undocumented "local"
option to the clamd variant of scanning, we found it nonoperational.
A little digging gives a nice fix consisting of removing a few lines
(diff attached).
Syntax to use the option is:
av_scanner = clamd:127.0.0.1 3310:local
which results in only the directory name going over the connection,
not the file content.
Cheers,
Jeremy
--- src/malware.c.orig 2006-12-31 13:33:38.000000000 +0000
+++ src/malware.c 2007-01-07 15:26:17.000000000 +0000
@@ -1077,16 +1077,12 @@
if (strcmpic(clamd_options2,US"local") == 0) {
- /* Pass the string to ClamAV (7 = "SCAN \n" + \0) */
-
- (void)string_format(file_name,1024,"SCAN %s/scan/%s\n", spool_directory, message_id);
+ /* clam is running on the local machine
+ Simply needs to be passed the scan command
+ which is performed as the final send for
+ all connection modes
+ */
- if (send(sock, file_name, Ustrlen(file_name), 0) < 0) {
- (void)close(sock);
- log_write(0, LOG_MAIN|LOG_PANIC,"malware acl condition: clamd: unable to write to socket (%s)",
- strerror(errno));
- return DEFER;
- }
} else {
/* Pass the string to ClamAV (7 = "STREAM\n") */