failure of all virus scanners
Mark Martinec
Mark.Martinec+amavis at ijs.si
Wed Jun 15 19:35:53 CEST 2011
Ralf,
> I want to catch the case of a virus pattern update gone wrong -- right
> now all the mails pass unchecked, I'd rather tempfail them.
amavisd.conf:
$virus_scanners_failure_is_fatal = 1;
--- amavisd.orig 2011-05-19 03:16:17.000000000 +0200
+++ amavisd 2011-06-15 19:33:26.043489600 +0200
@@ -380,4 +380,5 @@
$smtpd_tls_cert_file $smtpd_tls_key_file
$enforce_smtpd_message_size_limit_64kb_min
+ $virus_scanners_failure_is_fatal
$MAXLEVELS $MAXFILES
$MIN_EXPANSION_QUOTA $MIN_EXPANSION_FACTOR
@@ -12088,5 +12089,6 @@
my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
do_log(-2, "AV: %s", $eval_stat);
- $virus_checking_failed = 1;
+ $virus_checking_failed = $eval_stat;
+ $virus_checking_failed = 1 if !$virus_checking_failed;
};
$elapsed{'TimeElapsedVirusCheck'} = Time::HiRes::time - $t0_sect;
@@ -12103,5 +12105,4 @@
}
- $which_section = "post_virus_scan";
if ($virus_checking_failed) {
$msginfo->add_contents_category(CC_UNCHECKED,0);
@@ -12109,5 +12110,11 @@
$r->add_contents_category(CC_UNCHECKED,0) if !$r->bypass_virus_checks;
}
+ if ($virus_scanners_failure_is_fatal) {
+ $hold = 'AV: ' . $virus_checking_failed;
+ die "$hold\n"; # TEMPFAIL
+ }
}
+
+ $which_section = "post_virus_scan";
if (@virusname) {
my($virus_suppress_reason);
Mark
More information about the amavis-users
mailing list