Date: 8 Feb 2002 09:44:20 -0000 From: Jason Stone <jason-fbsd-ports-qmailscanner@shalott.net> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/34730: new port qmail-scanner - a virus-scanning interface for qmail Message-ID: <20020208094420.65451.qmail@fantastica.shalott.net>
next in thread | raw e-mail | index | archive | help
>Number: 34730 >Category: ports >Synopsis: new port qmail-scanner - a virus-scanning interface for qmail >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Feb 08 01:50:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Jason Stone <jason-fbsd-ports-qmailscanner@shalott.net> >Release: FreeBSD 4.5-STABLE i386 >Organization: >Environment: System: FreeBSD moonchild.fantastica 4.5-STABLE FreeBSD 4.5-STABLE #0: Tue Feb 5 18:54:24 PST 2002 root@fantastica.shalott.net:/usr/src/sys/compile/JKERN i386 >Description: qmail-scanner is a virus scanning interface to qmail. It provides a convenient and standardized way of using any commercial virus scanner with qmail, as well as a sophisticated content filter which can be used to provide protection from specific virii even in the absence of a commercial scanner. >How-To-Repeat: >Fix: --- qmail-scanner.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # qmail-scanner # qmail-scanner/Makefile # qmail-scanner/distinfo # qmail-scanner/pkg-descr # qmail-scanner/pkg-comment # qmail-scanner/pkg-plist # qmail-scanner/pkg-message # qmail-scanner/scripts # qmail-scanner/scripts/post-patch # qmail-scanner/files # qmail-scanner/files/patch-aa # echo c - qmail-scanner mkdir -p qmail-scanner > /dev/null 2>&1 echo x - qmail-scanner/Makefile sed 's/^X//' >qmail-scanner/Makefile << 'END-of-qmail-scanner/Makefile' X# New ports collection makefile for: qmail-scanner X# Date created: 7 Feb 2002 X# Whom: Jason Stone <jason-fbsd-ports-qmailscanner@shalott.net> X# X# $FreeBSD$ X# X XPORTNAME= qmail-scanner XPORTVERSION= 1.10 XCATEGORIES= mail XMASTER_SITES= ${MASTER_SITE_SOURCEFORGE} XMASTER_SITE_SUBDIR= qmail-scanner XEXTRACT_SUFX= .tgz X XMAINTAINER= jason-fbsd-ports-qmailscanner@shalott.net X XUSE_PERL5= yes XINSTALL_TARGET= all XPREFIX= /var/qmail X XBUILD_DEPENDS= \ X ${QMAIL_DIR}/bin/qmail-send:${PORTSDIR}/mail/qmail \ X ${arch_site_perl}/Time/HiRes.pm:${PORTSDIR}/devel/p5-Time-HiRes \ X ${LOCALBASE}/bin/unzip:${PORTSDIR}/archivers/unzip \ X ${LOCALBASE}/bin/reformime:${PORTSDIR}/mail/maildrop \ X ${LOCALBASE}/bin/tnef:${PORTSDIR}/converters/tnef XRUN_DEPENDS= \ X ${QMAIL_DIR}/bin/qmail-send:${PORTSDIR}/mail/qmail \ X ${arch_site_perl}/Time/HiRes.pm:${PORTSDIR}/devel/p5-Time-HiRes \ X ${LOCALBASE}/bin/unzip:${PORTSDIR}/archivers/unzip \ X ${LOCALBASE}/bin/reformime:${PORTSDIR}/mail/maildrop \ X ${LOCALBASE}/bin/tnef:${PORTSDIR}/converters/tnef X X.if exists(${LOCALBASE}/qmail/bin/qmail-send) XQMAIL_DIR?= ${LOCALBASE}/qmail X.else XQMAIL_DIR?= /var/qmail X.endif X Xarch_site_perl= ${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/${PERL_ARCH} X XHAS_CONFIGURE= YES XCONFIGURE_ARGS= --spooldir ${PREFIX}/qmailscan --domain ${DOMAIN} --redundant yes --add-dscr-hdrs yes --debug no --notify ${NOTIFY} --install X Xpre-fetch: X.if !defined(NOTIFY) X @${ECHO_MSG} "" X @${ECHO_MSG} "NOTIFY not defined - defaulting to sender" X @${ECHO_MSG} " qmail-scanner lets you send notifications to any/all of" X @${ECHO_MSG} " the sender, the recipient, and the domain postmaster" X @${ECHO_MSG} " when it processes a virus. If you want to change the" X @${ECHO_MSG} " default of only notifying the sender, hit Ctrl-C now" X @${ECHO_MSG} " and define NOTIFY as a comma-seperated list from the" X @${ECHO_MSG} " set sender,recips,admin,none - e.g.:" X @${ECHO_MSG} " make NOTIFY=sender,admin" X @${ECHO_MSG} "" X.endif X X.if !defined(DOMAIN) X @${ECHO_MSG} "" X @${ECHO_MSG} "DOMAIN not defined - defaulting to localhost:" X @${ECHO_MSG} " note that NOTIFY=recip will probablly not work in this case" X @${ECHO_MSG} " Ctrl-C now and run \"make DOMAIN=my.domain.com\" if you want" X @${ECHO_MSG} " to use NOTIFY=recip" X @${ECHO_MSG} "" X.endif XDOMAIN?= localhost XNOTIFY?= sender X X.include <bsd.port.mk> END-of-qmail-scanner/Makefile echo x - qmail-scanner/distinfo sed 's/^X//' >qmail-scanner/distinfo << 'END-of-qmail-scanner/distinfo' XMD5 (qmail-scanner-1.10.tgz) = 5ea7f5b4040db30a29e437c7c321cdb6 END-of-qmail-scanner/distinfo echo x - qmail-scanner/pkg-descr sed 's/^X//' >qmail-scanner/pkg-descr << 'END-of-qmail-scanner/pkg-descr' XQmail-Scanner, is an addon that enables a Qmail Email server to scan Xall gatewayed Email for certain characteristics (i.e. a content Xscanner). It is typically used for its anti-virus protection Xfunctions, in which case it is used in conjunction with commercial Xvirus scanners. but also enables a site (at a server/site level) to Xreact to Email that contains specific strings in particular headers, Xor particular attachment filenames or types (e.g. *.VBS attachments). X XIf you have a commercial virus scanner (eg, Sophos sweep, McAfee Xuvscan, etc) installed when you build qmail-scanner, qmail-scanner Xwill configure itself to use that. Otherwise, it will only use its Xinternal content filter which only allows you to block mail based Xon text in the subject/body, general types of attachments, etc. X Xqmail-scanner requires that qmail be built with XWITH_QMAILQUEUE_PATCH defined - if it was not, you Xwill have to rebuild qmail in order to use qmail-scanner X X XWWW: http://qmail-scanner.sourceforge.net/ END-of-qmail-scanner/pkg-descr echo x - qmail-scanner/pkg-comment sed 's/^X//' >qmail-scanner/pkg-comment << 'END-of-qmail-scanner/pkg-comment' XQmail-Scanner: A Content/Virus Scanner for Qmail END-of-qmail-scanner/pkg-comment echo x - qmail-scanner/pkg-plist sed 's/^X//' >qmail-scanner/pkg-plist << 'END-of-qmail-scanner/pkg-plist' Xbin/qmail-scanner-queue.pl Xqmailscan/qmail-scanner-queue-version.txt Xqmailscan/quarantine.log Xqmailscan/quarantine-attachments.txt Xqmailscan/quarantine-attachments.db Xqmailscan/viruses Xqmailscan/viruses.log X@dirrm qmailscan/quarantine/tmp X@dirrm qmailscan/quarantine/cur X@dirrm qmailscan/quarantine/new X@dirrm qmailscan/quarantine X@dirrm qmailscan/working/new X@dirrm qmailscan/working/cur X@dirrm qmailscan/working/tmp X@dirrm qmailscan/working X@dirrm qmailscan END-of-qmail-scanner/pkg-plist echo x - qmail-scanner/pkg-message sed 's/^X//' >qmail-scanner/pkg-message << 'END-of-qmail-scanner/pkg-message' XNotes: X X1) qmail-scanner depends on suidperl - this has security Xramifications you should be aware of. X XAfter installing qmail-scanner, run X"setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -g" XIf this produces any errors, check that suidperl is in fact Xsetuid root. X X2) Resource limits - qmail-scanner uses a fair bit of resources Xand will stop all mail delivery if you set resource limits too Xlow. If you use limit/ulimit/softlimit for your qmail-smtpd Xprocess, be sure to set memory limits no lower than 6M. If you Xturn on qmail-scanner and mail suddenly stops going through, Xthis is the most likely cause - check your smtpd startup scripts Xfor limits. X X3) Assuming that you've built qmail with the qmailqueue patch, Xyou can enable virus scanning by arranging for qmail-smptd to Xbe run with QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl Xset. You can either replace "qmail-smtpd" with X"env QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl qmail-smtpd" Xin your startup scripts, or, for finer grained control, you Xcan set it in a tcprules cdb. END-of-qmail-scanner/pkg-message echo c - qmail-scanner/scripts mkdir -p qmail-scanner/scripts > /dev/null 2>&1 echo x - qmail-scanner/scripts/post-patch sed 's/^X//' >qmail-scanner/scripts/post-patch << 'END-of-qmail-scanner/scripts/post-patch' X#!/bin/sh X Xif ! test -e "${WRKSRC}/Makefile" Xthen X echo "all:" > ${WRKSRC}/Makefile Xfi X END-of-qmail-scanner/scripts/post-patch echo c - qmail-scanner/files mkdir -p qmail-scanner/files > /dev/null 2>&1 echo x - qmail-scanner/files/patch-aa sed 's/^X//' >qmail-scanner/files/patch-aa << 'END-of-qmail-scanner/files/patch-aa' X--- configure.orig Sun Jan 20 15:59:42 2002 X+++ configure Thu Feb 7 20:01:43 2002 X@@ -37,9 +37,7 @@ X Qmail-Scanner doesn't have language translations for $QSLANG, X - so defaulting to english... X X-[Hit <RETURN> to continue] X " X- read ans X QSLANG="en_GB" X fi X X@@ -202,9 +200,7 @@ X Qmail-Scanner doesn't have language translations for $QSLANG, X - so setting back to english... X X-[Hit <RETURN> to continue] X " X- read ans X QSLANG="en_GB" X fi X X@@ -221,13 +217,7 @@ X It will then generate qmail-scanner-queue.pl - it is up to you to install it X correctly. X X- X-Continue? ([Y]/N) X EOF X-read ans X-if [ "`echo $ans|grep -i n`" != "" ]; then X- exit X-fi X X PATH="$PATH:$QMAILDIR/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/etc/iscan:/usr/local/uvscan:/usr/lib/AntiVir:/usr/lib/uvscan:/usr/local/av:/opt/AV:/usr/local/f-prot" export PATH X X@@ -1007,12 +997,7 @@ X If that looks correct, I will now generate qmail-scanner-queue.pl X for your system... X X-Continue? ([Y]/N) X EOF X-read ans X-if [ "`echo $ans|grep -i n`" != "" ]; then X- exit X-fi X X X if [ "`echo $REDUNDANT|egrep -i 'yes|^y|on|true'`" != "" ]; then X@@ -1191,9 +1176,6 @@ X chmod 755 qmail-scanner-queue.pl X X if [ "$INSTALLIT" != "0" ]; then X- echo "Hit RETURN to create initial directory structure under $AS_QQ," X- printf "and install qmail-scanner-queue.pl under $BINDIR: " X- read ans X X mv -f $BINDIR/qmail-scanner-queue.pl $BINDIR/qmail-scanner-queue.pl.old 2>/dev/null X cp -f qmail-scanner-queue.pl $BINDIR/qmail-scanner-queue.pl END-of-qmail-scanner/files/patch-aa exit --- qmail-scanner.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020208094420.65451.qmail>