Re: courier-imap & vchkpw
Derek Smith wrote: > > I can't seem to get courier-imap to compile using vchkpw as the > authentication method. I had a similar problem a couple of days ago. It seems that my compiler (gcc 2.95.2) doesn't like the way courier-imap is including vchkpw headers. I'm not even sure if vpopmail_config's use of '#include "~vpopmail/include/config.h"' is valid C at all. The attached patch makes vpopmail_config.h a generated file using the vpopmail homedir as detected in configure. After you apply the patch, you'll need to run automake in the topsrcdir & autoconf in authlib. - cls --- courier-imap-0.30/authlib/vpopmail_config.h.in.cls Mon Mar 20 11:45:39 2000 +++ courier-imap-0.30/authlib/vpopmail_config.h.in Mon Mar 20 11:45:50 2000 @@ -0,0 +1 @@ +#include "@vpopmail_home@/include/config.h" --- courier-imap-0.30/authlib/configure.in.cls Mon Feb 28 20:48:49 2000 +++ courier-imap-0.30/authlib/configure.in Mon Mar 20 11:46:23 2000 @@ -564,4 +564,4 @@ AC_SUBST(AUTHMODULES) AC_SUBST(LIBAUTH) -AC_OUTPUT(Makefile html2man.pl authlib.html modulelist configlist) +AC_OUTPUT(Makefile html2man.pl authlib.html modulelist configlist vpopmail_config.h)
Re: Qmail and Email virus protection
On Tue, 14 Dec 1999, Hans Sandsdalen wrote: > Is that a amavis rpm, with qmail patches? If so, where do > I find it? http://www.seawood.org/linux/RedHat-6.x/ - cls
Re: Qmail and Email virus protection
On Tue, 14 Dec 1999, Hans Sandsdalen wrote:
> patching file scanmails.in
> Hunk #4 FAILED at 900.
> 1 out of 5 hunks FAILED -- saving rejects to file scanmails.in.rej
Well, others have mentioned problems with that patch even though I use it
in my rpms. I think the problem is with the line
if [ "x$x_header" = "xyes" ] && [ "x${formail}" != "x" ] && [ -x
${formail} ] ; then
IIRC, that should be all one line even though it's probably copied as two
if you just copy-n-pasted from the archive webpage.
- cls
RE: Question about UCE and also AMAVIS (EICAR ATTACHED)
On Thu, 9 Dec 1999, Dustin Miller wrote: > > Still, however -- the EICAR.COM virus goes right through. I'm attaching the > EICAR.COM virus to this post (it's 69 bytes) to see if it sets any other > alarms off. That's a good way to tell who's using it. :) Strange, it didn't set the alarm off here but when I compared the file you attached versus the eicar file I used for testing, I noticed that you seem to have an extra space but not return carriage. cls@amadeus:~> cat eicar\ 2word.com X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* cls@amadeus:~> cat EICAR.COM X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H +H*cls@amadeus:~ - cls
Re: Question about UCE and also AMAVIS
On Thu, 9 Dec 1999, Dustin Miller wrote: > However, my frustration with Amavis and qmail is running at an all-time > high. If I am to be expected to believe that no one here is using Amavis, I > may actually *shudder* go back to sendmail to enjoy that virus protection. http://www.ornl.gov/its/archives/mailing-lists/qmail/1999/06/msg00169.html http://www.ornl.gov/its/archives/mailing-lists/qmail/1999/10/msg01093.html http://www.ornl.gov/its/archives/mailing-lists/qmail/1999/11/msg01152.html Search the archive using "virus scan" for more info. - cls
Re: Qmail and Email virus protection
On Thu, 28 Oct 1999, Fred Lindberg wrote: > Is it possible to do scanning of outgoing mail at the qmail-queue > level? IIRC, someone mentioned a patch to all you to use an alternate qmail-queue by setting an environment variable. I never found time to play with that method. You'll have to check the list archive for details. - cls
Re: Qmail and Email virus protection
On Thu, 28 Oct 1999, Gordon Smith wrote:
> If anyone has had any success with Amavis, I'd be interested to see how you did
> it. With the latest (pre6) qmail passes the message to the script, which checks
> the message for viruses, but the script never passes the message back. Aargh! I
> get a "no local delivery program available" error.
> I think that basename is not returning the calling program id correctly, but
> I'm not sure. If anyone has already fixed this, please let me know. Otherwise
> I'll post a fix here once I figure out whats going on :-)
The default qmail setup for amavis was slightly horked. You'll need to
apply the attached patch & configure it with: --enable-qmail
--enable-x-header=no. Once you have it installed, do:
cd /var/qmail/bin
mv qmail-remote qmail-remote-real
mv qmail-local qmail-local-real
ln -s /usr/sbin/scanmails qmail-remote
ln -s /usr/sbin/scanmails qmail-local
This will allow you to scan all incoming and outgoing mail for viruses.
If you do not feel comfortable moving the binaries around, you can just
add:
| /usr/sbin/scanmails $SENDER $RECEIPIENT
to /var/qmail/defaultdelivery/rc .
The attached patch fixes the following problems:
1. Should check $sender & $receiver against $SENDER & $RECEIPIENT instead
of $2 & $7.
2. Do not attempt to log to the logfile if $do_log != 'yes'.
3. Since qmail doesn't use the default $deliver program, do not check for
$deliver when attempting to pass on the mail.
I'm not sure why using formail to add the X-AntiVirus: header doesn't
work so always I disabled it. I think the proper step may be to reinvoke
qmail-inject but I'm not sure how that would work.
- cls
--- amavis-0.2.0-pre6/src/scanmails/scanmails.in.clsTue Jul 20 12:28:52 1999
+++ amavis-0.2.0-pre6/src/scanmails/scanmails.inMon Oct 25 13:16:01 1999
@@ -103,6 +103,7 @@
# - if "do_log" is set to "yes"#
var_log=@var_log@
+systemlogdir=${var_log}/scanmails/
do_log=@do_log@
do_syslog=@do_syslog@
syslog_level=@syslog_level@
@@ -242,11 +243,11 @@
receiver=`echo ${RECEIPIENT} | ${sed} -e "s/[\\\`\$\(\)]//g"`
sender=`echo ${SENDER} | ${sed} -e "s/[\\\`\$\(\)]//g"`
-if [ "$sender" != "$2" -o "$receiver" != "$7" ] ; then
+if [ "$sender" != "${SENDER}" -o "$receiver" != "${RECEIPIENT}" ] ; then
cat <${tmpdir}/virusmail
echo Originally $0 "$@" >>${tmpdir}/virusmail
echo The mail has been stored as ${virusmailsdir}/virus$$ >> ${tmpdir}/virusmail
- mkdir -p ${var_log}/${scanscriptname}
- cat ${tmpdir}/logfile >>${var_log}/${scanscriptname}/logfile
+ if [ "x${do_log}" = "xyes" ]; then
+ mkdir -p ${systemlogdir}
+ cat ${tmpdir}/logfile >>${systemlogdir}/logfile
+ fi
cat ${tmpdir}/virusmail ${tmpdir}/logfile | ${mail} -s "FOUND VIRUS IN MAIL $*"
${mailto}
### send a mail back to sender ##
@@ -897,33 +900,27 @@
else
echo No virus found - good >> ${tmpdir}/logfile
- if [ "x${deliver}" != "x" ] && [ -x ${deliver} ] ; then
+ if [ "x${usingqmail}" != "x" ]; then
if [ "x$x_header" = "xyes" ] && [ "x${formail}" != "x" ] && [ -x ${formail} ] ;
then
- if [ "x${usingqmail}" != "x" ]; then
-# If invoked as anything other than "scanmails", invoke the real
- # program else fall thru to exit
- if [ "${scanscriptname}" != "scanmails" ] ; then
- cat ${tmpdir}/receivedmail |\
- ${formail} -f \
- -A "${X_Header_String}" \
- | ${scanscriptname}-real "$@"
- fi
- else
-cat ${tmpdir}/receivedmail |\
-${formail} -f \
- -A "${X_Header_String}" \
-| ${deliver} "$@"
+ if [ "${scanscriptname}" != "scanmails" ] ; then
+ cat ${tmpdir}/receivedmail |\
+ ${formail} -f \
+-A "${X_Header_String}" \
+ | ${scanscriptname}-real "$@"
+ fi
+else
+ if [ "${scanscriptname}" != "scanmails" ] ; then
+${scanscriptname}-real "$@" < ${tmpdir}/receivedmail
fi
+fi
+ elif [ "x${deliver}" != "x" ] && [ -x ${deliver} ] ; then
+if [ "x$x_header" = "xyes" ] && [ "x${formail}" != "x" ] && [ -x ${formail} ] ;
+then
+ cat ${tmpdir}/receivedmail |\
+ ${formail} -f \
+ -A "${X_Header_String}" \
+ | ${deliver} "$@"
else
- if [ "x${usingqmail}" != "x" ]; then
-# If invoked as anything other than "scanmails", invoke the real
- # program else fall thru to exit
- if [ "${scanscriptname}" != "scanmails" ] ; then
- ${scanscriptname}-real "$@" < ${tmpdir}/receivedmail
- fi
- else
-${deliver} "$@" <${tmpdir}/receivedmail
- fi
+ ${deliver} "$@" <${tmpdir}/receivedmail
fi
else
pid=$$
@@ -937,8 +934,8 @@
if [ "x${do_log}" = "xy
Re: Virus scanning with qmail+amavis (Take 2)
On Mon, 12 Jul 1999, Troy Morrison wrote: > I'm not claiming that this is better or worse; just pointing out that > there's more than one way to do it. Right. Sorry, I didn't mean to imply that the method I described was better than any of the others mentioned. To the contrary, I am interested in hearing if there are any fundamental problems with this method. Some of our users here complained that mail was being slowed down tremendously (after they were told about the scanner) but in just about every case, the problem turned out be elsewhere. Regards, Christopher - Christopher Seawood That Linux Guy, Aureate Media Corporation
Virus scanning with qmail+amavis (Take 2)
(Excuse me if you get this twice but the first one appears to have triple
bounced on my end..bad timing of installing the amavis rpm. And the first
patch had a single typo to boot. :P)
I skimmed thru the last six months worth of qmail archives and I did not
see any good method for using a virus checker with qmail. Well, there
was mention of the Star Screening System but all I could find was a white
paper and I haven't bothered converting it from .doc format.
Sven Lankes showed how you can use amavis to scan mails by adding it to
your defaultdelivery/rc file. Unfortunately, that method only checks
locally delivered mail and only works for users who do not have their own
.qmail files.
I've attached the changees I made to amavis-0.2.0-pre4 to allow scanmails
to be qmail-aware. The idea is to have scanmails sit between two qmail
processes to scan each mail that comes across w/o actually hacking on
qmail code. (I got the impression that virus checking specific patches
would be frowned upon.) For simplicity, I choose to replace qmail-remote
& qmail-local with the scanmails script.
Basically, you move qmail-remote to qmail-remote-real and add a link from
scanmails to qmail-remote. When an outgoing message is sent, it will call
scanmails, which will do it's magic and if no virus is found, it will call
qmail-remote-real with the same arguments it was called with. Use the
same procedure with qmail-local to scan all locally delivered mail. If a
virus is found, then the virus will be put into a special virusdir
(specified when configuring amavis) and scanmails will exit without
calling the real qmail program. Amavis will mail the sender, receipient &
local postmaster (also configurable) notifying them of a virus in their
mail. (I did tweak scanmails to not send out mail to the receipient if
invoked as qmail-remote. No need to alarm the recipients if we're not
letting the mail get off of our system.)
Right now, the script assumes that qmail-local-real & qmail-remote-real
are in the path. I was going to just use ${0}-real to invoke the real
qmail programs but qmail-local is called as bin/qmail-local (no idea
why) so that didn't work.
You'll want to make sure that your virusmails directory is mode 1777.
Since qmail calls qmail-local as the uid of the recipient, the infected
mails will be written as that user. Outgoing infected messages are
written by qmailr. Due to this same problem, logging is disabled if you
configure with --enable-qmail.
Regards,
Christopher
--- amavis-0.2.0-pre4/src/scanmails/scanmails.in.clsWed Mar 31 06:43:49 1999
+++ amavis-0.2.0-pre4/src/scanmails/scanmails.inMon Jul 5 17:57:59 1999
@@ -36,7 +36,8 @@
#
#
-scanscriptname="scanmails"
+#scanscriptname="scanmails"
+scanscriptname=`basename $0`
# Path to DrSolomon Antivirus #
@@ -77,6 +78,7 @@
# in #
tmpdir=/var/tmp/${scanscriptname}$$
+usingqmail=@USE_QMAIL@
# "var_log" indicates the path where statistic #
@@ -84,6 +86,7 @@
# - if "do_log" is set to "yes"#
var_log=@var_log@
+systemlogdir=${var_log}/scanmails/
do_log=@do_log@
do_syslog=@do_syslog@
syslog_level=@syslog_level@
@@ -120,7 +123,34 @@
arc=@arc@
unfreeze=@unfreeze@
-deliver=@deliver@
+if [ "x${usingqmail}" = "x" ]; then
+deliver=@deliver@
+else
+deliver=${scanscriptname}-real
+fi
+
+if [ "x${usingqmail}" != "x" ] ; then
+if [ "${scanscriptname}" = "qmail-remote" ] ; then
+ SENDER="$2"
+ RECIPIENT="$3"
+elif [ "${scanscriptname}" = "qmail-local" ] ; then
+ # Sometims qmail-local is called with -- as the first arg
+ # this screws up the arg count so shift everything
+ if [ "$1" = "--" ] ; then
+ RECIPIENT="$4"@"$7"
+ SENDER="$8"
+ else
+ RECIPIENT="$3"@"$6"
+ SENDER="$7"
+ fi
+else
+ SENDER="$1"
+ RECIPIENT="$2"
+fi
+else
+SENDER="$2"
+RECIPIENT="$7"
+fi
#main program #
@@ -171,8 +201,8 @@
echo xx`date`xxx >${tmpdir}/logfile
echo ${scanscriptname} called $* >>${tmpdir}/logfile
-echo FROM: $2 >>/${tmpdir}/logfile
-echo TO: $7 >>/${tmpdir}/logfile
+echo FROM: $SENDER >>/${tmpdir}/logfile
+echo TO: $RECIPIENT >>/${tmpdir}/logfile
${metamail} -r -q -x -w ${tmpdir}/receivedmail > /dev/null 2>&1
@@ -588,19 +618,19 @@
mv ${tmpdir}/receivedmail ${virusmailsdir}/virus$$
chmod 400 ${virusmailsdir}/virus$$
echo The attached mail has been found to contain a virus >${tm
Writing to /dev/null
I've got a user that wants to dump mail sent to a certain address in his domain. I setup the .qmail-user file so that it would write to /dev/null. I'm not sure if it's working correctly though as I'm getting the following errors in my logs now. 925152389.679874 delivery 9924: deferral: Unable_to_write_/dev/null:_invalid_argument._(#4.3.0)/ Occassionally, mail sent to this dummy address will bounce with that error. I'm currently using qmail 1.03 but I thought that technique worked under 1.00 (last used a couple of yrs ago). Is there some other method that should be used to just dump messages sent to this user@domain? I'd just use procmail but this is a virtual acct that's handled by vchkpw. - Christopher Seawood,Aureate Media Corporation System Administrator8777 Purdue Rd Ste 225 (317) 802-6231 Indianapolis, IN 46268
