Wrapper for avast antivirus?

[John Rudd]

> On Tue, Sep 06, 2005 at 03:16:28PM +0100, Julian Field wrote:
>> The wrapper script is the trivial bit. The not-so-trivial bit is
>> writing a reliable and robust parser for it.

I know this would probably require a re-write, so it's probably not 
something to be done anytime soon ... but it seems to me, in an ADT 
type mindset, that the above is backward.

There should be a protocol, of sorts (a standardized interface), 
between MailScanner and the AV wrappers.  Meaning: instead of the 
wrapper returning whatever format the AV program does, the wrapper 
should translate to a standard response.  Something like a multi-line 
output that says:

$NUM_FOUND
$EXPLOIT_1
$EXPLOIT_2
$EXPLOIT_3
...
$EXPLOIT_NUM_FOUND

It doesn't have to be that format, but the point is, the wrapper should 
be the non-trivial bit that contains all AV-engine specific 
information.  The code internal to MS should only need to read that one 
interface format.  This simplifies the MS code, makes each AV-engine 
more modular, and easier to integrate new AV-engines and/or react to 
changes in AV-engine versions (if they change their output) without 
having to update MS itself (because you just update the wrapper 
instead).

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!