Added the sample virus_action.sh script to the distribution

1 files changed, 48 insertions, 0 deletions

diff --git a/scripts/virus_action.sh b/scripts/virus_action.sh
new file mode 100644
index 0000000..b41f993
--- /dev/null
+++ b/scripts/virus_action.sh
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+#   WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+#
+#  By using variables passed in from clamsmtpd in file
+#  manipulation commands without escaping their contents
+#  you are opening yourself up to REMOTE COMPROMISE. You
+#  have been warned. Do NOT do the following unless you
+#  want to be screwed big time:
+#
+#  mv $EMAIL "$SENDER.eml"
+#
+#  An attacker can use the above command to compromise your
+#  computer. The only variable that is guaranteed safe in
+#  this regard is $EMAIL.
+#
+#  The following script does not escape its variables
+#  because it only uses them in safe ways.
+#
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+# A sample script for virus actions. When testing make sure
+# everything can run as the clamav (or relevant) user.
+
+file="/path/to/virus.log"
+dir="/path/to/quarantine/"
+
+exec 1>>$file
+exec 2>>$file
+
+
+# Add some fun log lines to the log file
+
+echo "-------------------------------------------------------"
+echo Sender  $SENDER
+echo Recipients  $RECIPIENTS
+echo Virus  $VIRUS
+echo "-------------------------------------------------------"
+
+
+# Move the virus file to another directory
+# This only works if Quarantine is enabled
+
+if [ -n "$EMAIL" ]; then
+	mv "$EMAIL" "$dir"
+fi
+