MailScanner Internals

Steve Freegard steve.freegard at LBSLTD.CO.UK
Fri Apr 16 13:02:58 IST 2004 

Clive Eisen wrote:
> Julian - sorry to ask you directly but I suspect only you
> will know the
> answer :-)
>
> In what combination of circumstances is $message->{virusinfected} set?
>
> I have seen $message->{nameinfected} set and
> $message->{othereinfected}
> set, but never
> $message->{virusinfected}
>
> I'm trying to write a custom function and am a bit puzzled.
>
> TIA

Hi Clive,

Try putting attaching your custom function to the 'Always Looked Up Last'
configuration value - as probably what is happening in your case is that the
configuration value you are using at the moment is being called prior to
when the virus scanning takes place and therefore you don't see anything in
$message->{virusinfected}.

Looking at the code - it looks like the following is done in order:

New batch of messages detected
 . Check for SAVI/ClamAV module updates
 . Copy the message to the archive location (if enabled)
 . MCP Checks (if enabled)
 . Spam Checks (if enabled)
 . Deliver messages (if not virus scanning)
 . Extract the attachments
 . MIME parsing
 . Virus Scanning (if enabled)
 . Strip HTML (if enabled)
 . Combine Reports
 . Quarantine Infections (if enabled)
 . Disinfect messages (if enabled)
 . Encapsulate messages to message/rfc822 (if enabled)
 . Sign uninfected messages (if enabled)
 . Deliver Uninfected messages
 . Delete unwanted cleaned messages (not sure what this does)
 . Silent virus processing (deliver or delete)
 . Deliver cleaned messages
 . Warn senders (if enabled)
 . Send notices (if enabled)
 . Last Lookup (process Always Looked Up Last)
 . FINISH!

So depending on where the value you are attaching the function to is called
depends on what data will be available - e.g. if you are trying to get
variable set by virus checking from 'Spam Checks =' it will always be blank,
likewise if anything is disabled or skipped throughout the processing this
will also affect what is available in the $message object.

A tip would be look at ConfigDefs.pl and work out what internal name is used
for the configuration value you are attaching the function to and grep the
/usr/lib/MailScanner/MailScanner directory for it - to see where it is set
and under what conditions.

Hope this helps.

Kind regards,
Steve.

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.

More information about the MailScanner mailing list