Date: 8 Feb 2002 09:44:20 -0000 From: Jason Stone <jason-fbsd-ports-qmailscanner@shalott.net> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/34730: new port qmail-scanner - a virus-scanning interface for qmail Message-ID: <20020208094420.65451.qmail@fantastica.shalott.net>
next in thread | raw e-mail | index | archive | help
>Number: 34730
>Category: ports
>Synopsis: new port qmail-scanner - a virus-scanning interface for qmail
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Feb 08 01:50:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Jason Stone <jason-fbsd-ports-qmailscanner@shalott.net>
>Release: FreeBSD 4.5-STABLE i386
>Organization:
>Environment:
System: FreeBSD moonchild.fantastica 4.5-STABLE FreeBSD 4.5-STABLE #0: Tue Feb 5 18:54:24 PST 2002 root@fantastica.shalott.net:/usr/src/sys/compile/JKERN i386
>Description:
qmail-scanner is a virus scanning interface to qmail. It provides a
convenient and standardized way of using any commercial virus scanner
with qmail, as well as a sophisticated content filter which can be used
to provide protection from specific virii even in the absence of a
commercial scanner.
>How-To-Repeat:
>Fix:
--- qmail-scanner.shar begins here ---
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# qmail-scanner
# qmail-scanner/Makefile
# qmail-scanner/distinfo
# qmail-scanner/pkg-descr
# qmail-scanner/pkg-comment
# qmail-scanner/pkg-plist
# qmail-scanner/pkg-message
# qmail-scanner/scripts
# qmail-scanner/scripts/post-patch
# qmail-scanner/files
# qmail-scanner/files/patch-aa
#
echo c - qmail-scanner
mkdir -p qmail-scanner > /dev/null 2>&1
echo x - qmail-scanner/Makefile
sed 's/^X//' >qmail-scanner/Makefile << 'END-of-qmail-scanner/Makefile'
X# New ports collection makefile for: qmail-scanner
X# Date created: 7 Feb 2002
X# Whom: Jason Stone <jason-fbsd-ports-qmailscanner@shalott.net>
X#
X# $FreeBSD$
X#
X
XPORTNAME= qmail-scanner
XPORTVERSION= 1.10
XCATEGORIES= mail
XMASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
XMASTER_SITE_SUBDIR= qmail-scanner
XEXTRACT_SUFX= .tgz
X
XMAINTAINER= jason-fbsd-ports-qmailscanner@shalott.net
X
XUSE_PERL5= yes
XINSTALL_TARGET= all
XPREFIX= /var/qmail
X
XBUILD_DEPENDS= \
X ${QMAIL_DIR}/bin/qmail-send:${PORTSDIR}/mail/qmail \
X ${arch_site_perl}/Time/HiRes.pm:${PORTSDIR}/devel/p5-Time-HiRes \
X ${LOCALBASE}/bin/unzip:${PORTSDIR}/archivers/unzip \
X ${LOCALBASE}/bin/reformime:${PORTSDIR}/mail/maildrop \
X ${LOCALBASE}/bin/tnef:${PORTSDIR}/converters/tnef
XRUN_DEPENDS= \
X ${QMAIL_DIR}/bin/qmail-send:${PORTSDIR}/mail/qmail \
X ${arch_site_perl}/Time/HiRes.pm:${PORTSDIR}/devel/p5-Time-HiRes \
X ${LOCALBASE}/bin/unzip:${PORTSDIR}/archivers/unzip \
X ${LOCALBASE}/bin/reformime:${PORTSDIR}/mail/maildrop \
X ${LOCALBASE}/bin/tnef:${PORTSDIR}/converters/tnef
X
X.if exists(${LOCALBASE}/qmail/bin/qmail-send)
XQMAIL_DIR?= ${LOCALBASE}/qmail
X.else
XQMAIL_DIR?= /var/qmail
X.endif
X
Xarch_site_perl= ${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/${PERL_ARCH}
X
XHAS_CONFIGURE= YES
XCONFIGURE_ARGS= --spooldir ${PREFIX}/qmailscan --domain ${DOMAIN} --redundant yes --add-dscr-hdrs yes --debug no --notify ${NOTIFY} --install
X
Xpre-fetch:
X.if !defined(NOTIFY)
X @${ECHO_MSG} ""
X @${ECHO_MSG} "NOTIFY not defined - defaulting to sender"
X @${ECHO_MSG} " qmail-scanner lets you send notifications to any/all of"
X @${ECHO_MSG} " the sender, the recipient, and the domain postmaster"
X @${ECHO_MSG} " when it processes a virus. If you want to change the"
X @${ECHO_MSG} " default of only notifying the sender, hit Ctrl-C now"
X @${ECHO_MSG} " and define NOTIFY as a comma-seperated list from the"
X @${ECHO_MSG} " set sender,recips,admin,none - e.g.:"
X @${ECHO_MSG} " make NOTIFY=sender,admin"
X @${ECHO_MSG} ""
X.endif
X
X.if !defined(DOMAIN)
X @${ECHO_MSG} ""
X @${ECHO_MSG} "DOMAIN not defined - defaulting to localhost:"
X @${ECHO_MSG} " note that NOTIFY=recip will probablly not work in this case"
X @${ECHO_MSG} " Ctrl-C now and run \"make DOMAIN=my.domain.com\" if you want"
X @${ECHO_MSG} " to use NOTIFY=recip"
X @${ECHO_MSG} ""
X.endif
XDOMAIN?= localhost
XNOTIFY?= sender
X
X.include <bsd.port.mk>
END-of-qmail-scanner/Makefile
echo x - qmail-scanner/distinfo
sed 's/^X//' >qmail-scanner/distinfo << 'END-of-qmail-scanner/distinfo'
XMD5 (qmail-scanner-1.10.tgz) = 5ea7f5b4040db30a29e437c7c321cdb6
END-of-qmail-scanner/distinfo
echo x - qmail-scanner/pkg-descr
sed 's/^X//' >qmail-scanner/pkg-descr << 'END-of-qmail-scanner/pkg-descr'
XQmail-Scanner, is an addon that enables a Qmail Email server to scan
Xall gatewayed Email for certain characteristics (i.e. a content
Xscanner). It is typically used for its anti-virus protection
Xfunctions, in which case it is used in conjunction with commercial
Xvirus scanners. but also enables a site (at a server/site level) to
Xreact to Email that contains specific strings in particular headers,
Xor particular attachment filenames or types (e.g. *.VBS attachments).
X
XIf you have a commercial virus scanner (eg, Sophos sweep, McAfee
Xuvscan, etc) installed when you build qmail-scanner, qmail-scanner
Xwill configure itself to use that. Otherwise, it will only use its
Xinternal content filter which only allows you to block mail based
Xon text in the subject/body, general types of attachments, etc.
X
Xqmail-scanner requires that qmail be built with
XWITH_QMAILQUEUE_PATCH defined - if it was not, you
Xwill have to rebuild qmail in order to use qmail-scanner
X
X
XWWW: http://qmail-scanner.sourceforge.net/
END-of-qmail-scanner/pkg-descr
echo x - qmail-scanner/pkg-comment
sed 's/^X//' >qmail-scanner/pkg-comment << 'END-of-qmail-scanner/pkg-comment'
XQmail-Scanner: A Content/Virus Scanner for Qmail
END-of-qmail-scanner/pkg-comment
echo x - qmail-scanner/pkg-plist
sed 's/^X//' >qmail-scanner/pkg-plist << 'END-of-qmail-scanner/pkg-plist'
Xbin/qmail-scanner-queue.pl
Xqmailscan/qmail-scanner-queue-version.txt
Xqmailscan/quarantine.log
Xqmailscan/quarantine-attachments.txt
Xqmailscan/quarantine-attachments.db
Xqmailscan/viruses
Xqmailscan/viruses.log
X@dirrm qmailscan/quarantine/tmp
X@dirrm qmailscan/quarantine/cur
X@dirrm qmailscan/quarantine/new
X@dirrm qmailscan/quarantine
X@dirrm qmailscan/working/new
X@dirrm qmailscan/working/cur
X@dirrm qmailscan/working/tmp
X@dirrm qmailscan/working
X@dirrm qmailscan
END-of-qmail-scanner/pkg-plist
echo x - qmail-scanner/pkg-message
sed 's/^X//' >qmail-scanner/pkg-message << 'END-of-qmail-scanner/pkg-message'
XNotes:
X
X1) qmail-scanner depends on suidperl - this has security
Xramifications you should be aware of.
X
XAfter installing qmail-scanner, run
X"setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -g"
XIf this produces any errors, check that suidperl is in fact
Xsetuid root.
X
X2) Resource limits - qmail-scanner uses a fair bit of resources
Xand will stop all mail delivery if you set resource limits too
Xlow. If you use limit/ulimit/softlimit for your qmail-smtpd
Xprocess, be sure to set memory limits no lower than 6M. If you
Xturn on qmail-scanner and mail suddenly stops going through,
Xthis is the most likely cause - check your smtpd startup scripts
Xfor limits.
X
X3) Assuming that you've built qmail with the qmailqueue patch,
Xyou can enable virus scanning by arranging for qmail-smptd to
Xbe run with QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl
Xset. You can either replace "qmail-smtpd" with
X"env QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl qmail-smtpd"
Xin your startup scripts, or, for finer grained control, you
Xcan set it in a tcprules cdb.
END-of-qmail-scanner/pkg-message
echo c - qmail-scanner/scripts
mkdir -p qmail-scanner/scripts > /dev/null 2>&1
echo x - qmail-scanner/scripts/post-patch
sed 's/^X//' >qmail-scanner/scripts/post-patch << 'END-of-qmail-scanner/scripts/post-patch'
X#!/bin/sh
X
Xif ! test -e "${WRKSRC}/Makefile"
Xthen
X echo "all:" > ${WRKSRC}/Makefile
Xfi
X
END-of-qmail-scanner/scripts/post-patch
echo c - qmail-scanner/files
mkdir -p qmail-scanner/files > /dev/null 2>&1
echo x - qmail-scanner/files/patch-aa
sed 's/^X//' >qmail-scanner/files/patch-aa << 'END-of-qmail-scanner/files/patch-aa'
X--- configure.orig Sun Jan 20 15:59:42 2002
X+++ configure Thu Feb 7 20:01:43 2002
X@@ -37,9 +37,7 @@
X Qmail-Scanner doesn't have language translations for $QSLANG,
X - so defaulting to english...
X
X-[Hit <RETURN> to continue]
X "
X- read ans
X QSLANG="en_GB"
X fi
X
X@@ -202,9 +200,7 @@
X Qmail-Scanner doesn't have language translations for $QSLANG,
X - so setting back to english...
X
X-[Hit <RETURN> to continue]
X "
X- read ans
X QSLANG="en_GB"
X fi
X
X@@ -221,13 +217,7 @@
X It will then generate qmail-scanner-queue.pl - it is up to you to install it
X correctly.
X
X-
X-Continue? ([Y]/N)
X EOF
X-read ans
X-if [ "`echo $ans|grep -i n`" != "" ]; then
X- exit
X-fi
X
X PATH="$PATH:$QMAILDIR/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/etc/iscan:/usr/local/uvscan:/usr/lib/AntiVir:/usr/lib/uvscan:/usr/local/av:/opt/AV:/usr/local/f-prot" export PATH
X
X@@ -1007,12 +997,7 @@
X If that looks correct, I will now generate qmail-scanner-queue.pl
X for your system...
X
X-Continue? ([Y]/N)
X EOF
X-read ans
X-if [ "`echo $ans|grep -i n`" != "" ]; then
X- exit
X-fi
X
X
X if [ "`echo $REDUNDANT|egrep -i 'yes|^y|on|true'`" != "" ]; then
X@@ -1191,9 +1176,6 @@
X chmod 755 qmail-scanner-queue.pl
X
X if [ "$INSTALLIT" != "0" ]; then
X- echo "Hit RETURN to create initial directory structure under $AS_QQ,"
X- printf "and install qmail-scanner-queue.pl under $BINDIR: "
X- read ans
X
X mv -f $BINDIR/qmail-scanner-queue.pl $BINDIR/qmail-scanner-queue.pl.old 2>/dev/null
X cp -f qmail-scanner-queue.pl $BINDIR/qmail-scanner-queue.pl
END-of-qmail-scanner/files/patch-aa
exit
--- qmail-scanner.shar ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020208094420.65451.qmail>