diff options
author | Stef Walter <stef@memberwebs.com> | 2004-09-18 03:04:14 +0000 |
---|---|---|
committer | Stef Walter <stef@memberwebs.com> | 2004-09-18 03:04:14 +0000 |
commit | 0233fd9704025b2472445448282a73dcb223adb7 (patch) | |
tree | 4741786126322a03ea4ed28f983781241310513e | |
parent | d1395329541644273d15f7c9b11aa396da308512 (diff) |
More warnings about the virus action functionality
-rw-r--r-- | doc/clamsmtpd.8 | 44 | ||||
-rw-r--r-- | doc/clamsmtpd.conf.5 | 39 |
2 files changed, 47 insertions, 36 deletions
diff --git a/doc/clamsmtpd.8 b/doc/clamsmtpd.8 index b25f082..526f4ae 100644 --- a/doc/clamsmtpd.8 +++ b/doc/clamsmtpd.8 @@ -137,6 +137,44 @@ setting is set high enough for your transparent proxying. Because .Nm is not being used as a filter inside a queue, which usually throttles the amount of email going through, this setting may need to be higher than usual. +.Sh VIRUS ACTIONS +Using the +.Ar VirusAction +option you can run a script or program whenever a virus is found. This may +be handy in certain circumstances but it has several drawbacks. For one, the +performance of the virus filtering will take a hit, perhaps DOS'ing your +machine under heavy load. Secondly as with running any program there are +security implications to be considered. +.Pp +.Please consider the above carefully before implementing a virus action. +.Pp +The script is run without its output being logged, or return value being +checked. Because of this you should test it thoroughly. Make sure it runs +without problems under the user that +.Xr clamsmtpd 8 +is being run as. +.Pp +Various environment variables will be present when your script is run. You +may need to escape them properly before use in your favorite scripting +language. Failure to do this could lead to a REMOTE COMPROMISE of your +machine. +.Bl -tag -width Fl +.It Ar EMAIL +When the +.Ar Quarantine +option is enabled, this specifies the file that the virus was saved to. +.It Ar RECIPIENTS +The email addresses of the email recipients. These are specified one per +line, in standard address format. +.It Ar SENDER +The email address for the sender of the email. +.It Ar TMP +The path to the temp directory in use. This is the same as the +.Ar TempDirectory +option. +.It Ar VIRUS +The name of the virus found. +.El .Sh SECURITY There's no reason to run this daemon as root. It is meant as a filter and should listen on a high TCP port. It's probably a good idea to run it using the same @@ -152,6 +190,12 @@ writeable location. Specify the directory using the .Ar TempDirectory setting. .Pp +When using the +.Ar VirusAction +option make sure you understand the security issues involved. Unescaped +environment variables can lead to execution of arbitrary shell commands +on your machine. +.Pp If running .Nm on a publicly accessible IP address or without a firewall please be sure to diff --git a/doc/clamsmtpd.conf.5 b/doc/clamsmtpd.conf.5 index f79be11..f528eb9 100644 --- a/doc/clamsmtpd.conf.5 +++ b/doc/clamsmtpd.conf.5 @@ -130,7 +130,9 @@ must be started as root. It will then drop root privileges and run as the specified user. The user can either be a name or a numerical user id. .It Ar VirusAction This is a command to run when a virus is found. See the VIRUS ACTION section -below for a discussion of this option. +in +.Xr clamsmtpd 8 +for a discussion of this option. .El .Sh ADDRESSES Addresses can be specified in multiple formats: @@ -144,41 +146,6 @@ the port number (ie: '127.0.0.1:3310'). .It IPv6 addresses are implemented but disabled. The code needs testing. .El -.Sh VIRUS ACTIONS -Using the -.Ar VirusAction -option you can run a script or program whenever a virus is found. This may -be handy in certain circumstances but it has several drawbacks. For one, the -performance of the virus filtering will take a hit, perhaps DOS'ing your -machine under heavy load. Secondly as with running any program there are -security implications to be considered. -.Pp -.Please consider the above carefully before implementing a virus action. -.Pp -The script is run without its output being logged, or return value being -checked. Because of this you should test it thoroughly. Make sure it runs -without problems under the user that -.Xr clamsmtpd 8 -is being run as. -.Pp -Various environment variables will be present when your script is run: -.Bl -tag -width Fl -.It Ar EMAIL -When the -.Ar Quarantine -option is enabled, this specifies the file that the virus was saved to. -.It Ar RECIPIENTS -The email addresses of the email recipients. These are specified one per -line, in standard address format. -.It Ar SENDER -The email address for the sender of the email. -.It Ar TMP -The path to the temp directory in use. This is the same as the -.Ar TempDirectory -option. -.It Ar VIRUS -The name of the virus found. -.El .Sh SEE ALSO .Xr clamsmtpd 8 .Sh AUTHOR |