diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | scripts/virus_action.sh | 48 |
2 files changed, 52 insertions, 0 deletions
@@ -1,3 +1,7 @@ +1.2 ???? + + - Added the sample virus_action.sh script to the distribution + 1.1 [2004-10-30] - Added CLIENT and SERVER variables to VirusAction script environment. - Even better logging for network errors. diff --git a/scripts/virus_action.sh b/scripts/virus_action.sh new file mode 100644 index 0000000..b41f993 --- /dev/null +++ b/scripts/virus_action.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +# WARNING WARNING WARNING WARNING WARNING WARNING WARNING +# +# By using variables passed in from clamsmtpd in file +# manipulation commands without escaping their contents +# you are opening yourself up to REMOTE COMPROMISE. You +# have been warned. Do NOT do the following unless you +# want to be screwed big time: +# +# mv $EMAIL "$SENDER.eml" +# +# An attacker can use the above command to compromise your +# computer. The only variable that is guaranteed safe in +# this regard is $EMAIL. +# +# The following script does not escape its variables +# because it only uses them in safe ways. +# +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +# A sample script for virus actions. When testing make sure +# everything can run as the clamav (or relevant) user. + +file="/path/to/virus.log" +dir="/path/to/quarantine/" + +exec 1>>$file +exec 2>>$file + + +# Add some fun log lines to the log file + +echo "-------------------------------------------------------" +echo Sender $SENDER +echo Recipients $RECIPIENTS +echo Virus $VIRUS +echo "-------------------------------------------------------" + + +# Move the virus file to another directory +# This only works if Quarantine is enabled + +if [ -n "$EMAIL" ]; then + mv "$EMAIL" "$dir" +fi + |