ClamAV and MailScanner Bug

Julian Field MailScanner at ecs.soton.ac.uk
Thu May 5 19:12:01 IST 2005 

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Rick Cooper wrote:

>>-----Original Message-----
>>From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
>>Behalf Of Julian Field
>>Sent: Thursday, May 05, 2005 11:41 AM
>>To: MAILSCANNER at JISCMAIL.AC.UK
>>Subject: Re: ClamAV and MailScanner Bug
>>
>>
>>Desai, Jason wrote:
>>
>>
>>
>>>Julian Field wrote:
>>>
>>>
>>>
>>>
>>>>Please tell me what the line in your /etc/MailScanner/
>>>>virus.scanners.conf says about clamav. Also please check that your
>>>>Incoming Work Directory path has no links in it. This is by far the
>>>>most common error and would explain your symptoms.
>>>>
>>>>
>>>>
>>>>
>>>Julian, I think I've suggested this before, but don't remember
>>>
>>>
>>hearing back
>>>from you about it.  Would it be possible for MailScanner
>>(possibly only once
>>
>>
>>>at startup) to determine the real path of the Incoming Work Directory and
>>>use that, so that symbolic links would be allowed?
>>>
>>>Granted, people are not reading the comments in the config file, and are
>>>misconfiguring their servers.  But to detect and still deliver a virus is
>>>not a good thing.  And I think with some simple code, MailScanner could
>>>reduce the risk of such a misconfigured server.  What do you think?
>>>
>>>
>>>
>>>
>>How would you recommend I do this in a platform-agnostic way? I
>>certainly wouldn't trust `pwd`.
>>
>>--
>>Julian Field
>>
>>
>
>How about:
>
>#!/usr/bin/perl
># Program CheckSymlink.pl
>
>use File::Spec;
>use File::Spec::Link;
>
>my $link = $ARGV[0];
>my $file = $link;
>
>
>print "Checking for $link\n";
>
># Check to be sure symlinks are supported on this platform.
># If they do, use File::Spec::Link->resolve to return the absolute
># path to the file and/or diredctory, if not use the supplied path/filename
>
>$symlink_exists =  eval { symlink("",""); 1 };
>$file = File::Spec::Link->resolve($link) unless !$symlink_exists;
>print "Found $file\n";
>
># end program
>
>
Eek!

Fortunately it is a lot easier than that, due to the helpful info about
the Cwd module. This is a standard supplied module and even the version
that came with Perl 5.00503 has the necessary function in it.

Apply this patch to WorkArea.pm and it should do the trick nicely. If
there are links in the dir, then it complains politely about it but
works properly anyway.

--
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

    [ Part 2, Application/X-GZIP  756bytes. ]
    [ Unable to print this part. ]

More information about the MailScanner mailing list