Added the sample virus_action.sh script to the distribution

2 files changed, 52 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 2294431..a112f3e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+1.2  ????
+
+  - Added the sample virus_action.sh script to the distribution
+
 1.1  [2004-10-30]
   - Added CLIENT and SERVER variables to VirusAction script environment.
   - Even better logging for network errors.
diff --git a/scripts/virus_action.sh b/scripts/virus_action.sh
new file mode 100644
index 0000000..b41f993
--- /dev/null
+++ b/scripts/virus_action.sh
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+#   WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+#
+#  By using variables passed in from clamsmtpd in file
+#  manipulation commands without escaping their contents
+#  you are opening yourself up to REMOTE COMPROMISE. You
+#  have been warned. Do NOT do the following unless you
+#  want to be screwed big time:
+#
+#  mv $EMAIL "$SENDER.eml"
+#
+#  An attacker can use the above command to compromise your
+#  computer. The only variable that is guaranteed safe in
+#  this regard is $EMAIL.
+#
+#  The following script does not escape its variables
+#  because it only uses them in safe ways.
+#
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+# A sample script for virus actions. When testing make sure
+# everything can run as the clamav (or relevant) user.
+
+file="/path/to/virus.log"
+dir="/path/to/quarantine/"
+
+exec 1>>$file
+exec 2>>$file
+
+
+# Add some fun log lines to the log file
+
+echo "-------------------------------------------------------"
+echo Sender  $SENDER
+echo Recipients  $RECIPIENTS
+echo Virus  $VIRUS
+echo "-------------------------------------------------------"
+
+
+# Move the virus file to another directory
+# This only works if Quarantine is enabled
+
+if [ -n "$EMAIL" ]; then
+	mv "$EMAIL" "$dir"
+fi
+