Feature request : Dangerous Content Scanning option
Julian Field
mailscanner at ecs.soton.ac.uk
Thu May 27 18:58:09 IST 2004
This strikes as rather dangerous. You first code patch will disable the
check for partial messages (among other things). Not checking for partial
messages will let viruses through that are present in multi-part messages.
I wouldn't advise anyone to switch off that check.
I think you need to be rather more careful about what checks any option
like this might disable.
At 18:29 27/05/2004, you wrote:
>Hi Julian,
>
>Fantastic work!
>
>Any chance of something along the following lines? (not tested, sorry!)
>
>diff -urN MailScanner-4.31.2/lib/MailScanner/ConfigDefs.pl
>MailScanner-4.31.2.DCscan/lib/MailScanner/ConfigDefs.pl
>--- MailScanner-4.31.2/lib/MailScanner/ConfigDefs.pl 2004-05-22
>13:12:49.000000000 +0100
>+++ MailScanner-4.31.2.DCscan/lib/MailScanner/ConfigDefs.pl 2004-05-26
>20:13:36.000000000 +0100
>@@ -70,6 +70,7 @@
> contentprependsubject = contentmodifysubject
> contentsubjecttext = contentsubjecttext
> criticalqueuesize = maxnormalqueuesize
>+dangerscan = dangerouscontentscanning
> deletedcontentmessage = deletedbadcontentmessagereport
> deletedfilenamemessage = deletedbadfilenamemessagereport
> deletedvirusmessage = deletedvirusmessagereport
>@@ -288,6 +289,7 @@
> DeliverSilent 1 no 0 yes 1
> deliverunparsabletnef 0 no 0 yes 1
> deliverymethod batch batch batch queue queue
>+DangerScan 1 no 0 yes 1
> EnableSpamBounce 0 no 0 yes 1
> findarchivesbycontent 1 no 0 yes 1
> HamActions deliver deliver deliver
> delete delete store store forward
> forward bounce bounce
> striphtml striphtml
> attachment attachment notify
> notify
>diff -urN MailScanner-4.31.2/lib/MailScanner/SweepContent.pm
>MailScanner-4.31.2.DCscan/lib/MailScanner/SweepContent.pm
>--- MailScanner-4.31.2/lib/MailScanner/SweepContent.pm 2004-05-22
>13:12:51.000000000 +0100
>+++ MailScanner-4.31.2.DCscan/lib/MailScanner/SweepContent.pm 2004-05-26
>20:36:07.000000000 +0100
>@@ -81,6 +81,7 @@
>
> while(($id, $message) = each %{$batch->{messages}}) {
> next if $message->{deleted};
>+ next unless MailScanner::Config::Value('dangerscan', $message);
> $ent = $message->{entity};
>
> # Search for multipart/partial messages. This is entity-based as
>diff -urN MailScanner-4.31.2/lib/MailScanner/SweepOther.pm
>MailScanner-4.31.2.DCscan/lib/MailScanner/SweepOther.pm
>--- MailScanner-4.31.2/lib/MailScanner/SweepOther.pm 2004-01-31
>15:11:23.000000000 +0000
>+++ MailScanner-4.31.2.DCscan/lib/MailScanner/SweepOther.pm 2004-05-26
>20:34:52.000000000 +0100
>@@ -106,6 +106,8 @@
>
> next unless defined $message; # Should be a message for all
> .header files
>
>+ unless MailScanner::Config::Value('dangerscan', $message);
>+
> my @headers = <$headerfh>;
>
>
> #print STDERR "Checking for Happy virus in $DirEntry ($id)\n";
>@@ -331,6 +333,9 @@
> while(($id, $attachtypes) = each %$FileOutput) {
> next unless $id;
> $message = $batch->{messages}{$id};
>+
>+ next unless MailScanner::Config::Value('dangerscan', $message);
>+
> $tnefname = $message->{entity2file}{$message->{tnefentity}};
>
> my($i, $MatchFound, $FiletypeRules, $LogTypes);
>
>-------------------------- MailScanner list ----------------------
>To leave, send leave mailscanner to jiscmail at jiscmail.ac.uk
>Before posting, please see the Most Asked Questions at
>http://www.mailscanner.biz/maq/ and the archives at
>http://www.jiscmail.ac.uk/lists/mailscanner.html
--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-------------------------- MailScanner list ----------------------
To leave, send leave mailscanner to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/ and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html
More information about the MailScanner
mailing list