diff options
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/virus_action.sh | 48 | 
1 files changed, 48 insertions, 0 deletions
| diff --git a/scripts/virus_action.sh b/scripts/virus_action.sh new file mode 100644 index 0000000..b41f993 --- /dev/null +++ b/scripts/virus_action.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +#   WARNING WARNING WARNING WARNING WARNING WARNING WARNING +# +#  By using variables passed in from clamsmtpd in file +#  manipulation commands without escaping their contents +#  you are opening yourself up to REMOTE COMPROMISE. You +#  have been warned. Do NOT do the following unless you +#  want to be screwed big time: +# +#  mv $EMAIL "$SENDER.eml" +# +#  An attacker can use the above command to compromise your +#  computer. The only variable that is guaranteed safe in +#  this regard is $EMAIL. +# +#  The following script does not escape its variables +#  because it only uses them in safe ways. +# +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +# A sample script for virus actions. When testing make sure +# everything can run as the clamav (or relevant) user. + +file="/path/to/virus.log" +dir="/path/to/quarantine/" + +exec 1>>$file +exec 2>>$file + + +# Add some fun log lines to the log file + +echo "-------------------------------------------------------" +echo Sender  $SENDER +echo Recipients  $RECIPIENTS +echo Virus  $VIRUS +echo "-------------------------------------------------------" + + +# Move the virus file to another directory +# This only works if Quarantine is enabled + +if [ -n "$EMAIL" ]; then +	mv "$EMAIL" "$dir" +fi + | 
