[courier-users] [Fwd: Re: Pythonfilter error.]

Enrique Verdes Mon, 11 Jun 2007 07:51:00 -0700

Jérôme Blion escribió:

Gordon Messmer a écrit :
Enrique Verdes wrote:
Gordon Messmer escribió:
clamd probably doesn't have access to the mail spool unless you run iteither as root, or as the same user that Courier uses.
I encourage you to use the clamav.py filter from the distribution. Itwon't have that problem.
clamav.py from the distribution uses pyclamav. In the page of pyclamavthey encourage to use the new pyclamd.
So it does. I'm not sure why... the scanfile() function isn't affected,and still works as it always has.
Also, pyclamav uses clamav andlibclamav 0.88 and I'm running clamav 0.90.3.
You can rebuild pyclamav 0.4.0 with clamav 0.90.3.  It works.
No need...
Jun 8 18:29:42 jupiter courierfilter: File"/usr/lib/python2.4/site-packages/pythonfilter/clamav.py", line 34, indoFilter
Jun  8 18:29:42 jupiter courierfilter: if avresult[0]:
It's not sufficient to just replace pyclamav with pyclamd.pyclamd.scan_file returns a different data type than pyclamav.scanfiledoes. You might check the list archives, someone else was recentlyusing pyclamd.
Here is the clamd.py I use on 2 servers...

Thanks Jerome, I tried your file, only modifying the clamd socket location.
That's what I get:

Jun 11 11:30:35 jupiter courierfilter: Debugging filter invoked:
Jun 11 11:30:35 jupiter courierfilter: PID: 19788
Jun 11 11:30:35 jupiter courierfilter: CWD: /usr/lib/courier
Jun 11 11:30:35 jupiter courierfilter: EUID: 200
Jun 11 11:30:35 jupiter courierfilter: EGID: 200
Jun 11 11:30:35 jupiter courierfilter: UID: 200
Jun 11 11:30:35 jupiter courierfilter: GID: 200
Jun 11 11:30:35 jupiter courierfilter: Additional groups: [200]

Jun 11 11:30:35 jupiter courierfilter: Body:/usr/lib/courier/var/tmp/118157/D3594080Jun 11 11:30:35 jupiter courierfilter: Raw stat: (33200, 3594081L,2304L, 1, 200, 200, 37602L, 1181572234, 1181572235, 1181572235)Jun 11 11:30:35 jupiter courierfilter: Control file:/usr/lib/courier/var/tmp/118157/1181572234.30864.mail.uygroup.com.uyJun 11 11:30:35 jupiter courierfilter: Raw stat: (33200, 3594080L,2304L, 1, 200, 200, 194L, 1181572234, 1181572234, 1181572234)Jun 11 11:30:35 jupiter courierfilter: Uncaught exception in "clamav"doFilter function: ScanError:lstat() failed. ERRORJun 11 11:30:35 jupiter courierfilter: File"/usr/lib/courier/etc/filters/active/pythonfilter", line 180, inprocessMessageJun 11 11:30:35 jupiter courierfilter: replyCode = i_filter[1](bodyFile,controlFileList)Jun 11 11:30:35 jupiter courierfilter: File"/usr/lib/python2.4/site-packages/pythonfilter/clamav.py", line 31, indoFilterJun 11 11:30:35 jupiter courierfilter: avresult =pyclamd.contscan_file(bodyFile)Jun 11 11:30:35 jupiter courierfilter: File"/usr/lib/python2.4/pyclamd.py", line 328, in contscan_file

Jun 11 11:30:35 jupiter courierfilter: raise ScanError, virusname

Which user is running your clamd daemon?

HTH.
Jerome Blion.
------------------------------------------------------------------------

#!/usr/bin/python
# clamav -- Courier filter which scans messages with ClamAV
# Copyright (C) 2007  Jerome Blion <[EMAIL PROTECTED]>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

import sys
import pyclamd


# Record in the system log that this filter was initialized.
sys.stderr.write('Initialized the "clamdfilter" python filter\n')


def doFilter(bodyFile, controlFileList):
    # check for viruses
    try:
        pyclamd.init_unix_socket('/tmp/clamd')
        avresult = pyclamd.contscan_file(bodyFile)

    except Exception, e:
        return "554 " + str(e)

    if avresult == None:
        return ''

    if avresult.has_key(bodyFile):
        return "554 %s was detected. Abort!" % avresult[bodyFile]

if __name__ == '__main__':
    # we only work with 1 parameter
    if len(sys.argv) != 2:
        print "Usage: clamd.py <message_body_file>"
        sys.exit(0)
    print doFilter(sys.argv[1], "")

------------------------------------------------------------------------


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
------------------------------------------------------------------------

_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users



--
*/------------------------------------------------------------------------------------------------------------------
   Enrique Verdes/**
UyGroup*/ /Consulting & Technology
*/_
www.uygroup.com.uy <http://www.uygroup.com.uy>_/*/
Av. Gral. Paz 1481 - CP 11400
Montevideo - Uruguay
Phone/Fax: (+598-2) 600-6200 - ext. 223
*/------------------------------------------------------------------------------------------------------------------/*
AVISO DE CONFIDENCIALIDAD:

LA INFORMACIÓN CONTENIDA EN ESTE CORREO ELECTRÓNICO ES PRIVILEGIADA YCONFIDENCIAL Y FUE ENVIADO PARA EL USO EXCLUSIVO DEL DESTINATARIODESIGNADO EN EL MISMO.Si usted no es el destinatario, se prohibe estrictamente lareproducción, distribución, y cualquier otra forma de difusión o uso deesta comunicación.Si usted ha recibido este correo electrónico por error, por favorcontéctese con nosotros inmediatamente al teléfono: (+598-2) 600-62-00 opor el correo electrónico: [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>

*/------------------------------------------------------------------------------------------------------------------/*
CONFIDENTIALITY NOTICE:

THE INFORMATION CONTAINED IN THIS E-MAIL IS PRIVILEGED AND CONFIDENTIALAND IS INTENDED FOR THE EXCLUSIVE USE OF THE ADDRESSEE DESIGNATED ABOVE.If you are not the addressee, any disclosure, reproduction distribution,or other dissemination or use of this communication is strictly prohibited.If you have received this electronic mail by error please contact usimmediately by telephone: (+598-2) 600-62-00 or by e-mail:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>*/------------------------------------------------------------------------------------------------------------------/*/


--
*/------------------------------------------------------------------------------------------------------------------
   Enrique Verdes/**
UyGroup*/ /Consulting & Technology
*/_
www.uygroup.com.uy <http://www.uygroup.com.uy>_/*/
Av. Gral. Paz 1481 - CP 11400
Montevideo - Uruguay
Phone/Fax: (+598-2) 600-6200 - ext. 223
*/------------------------------------------------------------------------------------------------------------------/*
AVISO DE CONFIDENCIALIDAD:

*/------------------------------------------------------------------------------------------------------------------/*
CONFIDENTIALITY NOTICE:

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] [Fwd: Re: Pythonfilter error.]

Reply via email to