summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'scripts')
-rw-r--r--scripts/virus_action.sh48
1 files changed, 48 insertions, 0 deletions
diff --git a/scripts/virus_action.sh b/scripts/virus_action.sh
new file mode 100644
index 0000000..b41f993
--- /dev/null
+++ b/scripts/virus_action.sh
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+#
+# By using variables passed in from clamsmtpd in file
+# manipulation commands without escaping their contents
+# you are opening yourself up to REMOTE COMPROMISE. You
+# have been warned. Do NOT do the following unless you
+# want to be screwed big time:
+#
+# mv $EMAIL "$SENDER.eml"
+#
+# An attacker can use the above command to compromise your
+# computer. The only variable that is guaranteed safe in
+# this regard is $EMAIL.
+#
+# The following script does not escape its variables
+# because it only uses them in safe ways.
+#
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+# A sample script for virus actions. When testing make sure
+# everything can run as the clamav (or relevant) user.
+
+file="/path/to/virus.log"
+dir="/path/to/quarantine/"
+
+exec 1>>$file
+exec 2>>$file
+
+
+# Add some fun log lines to the log file
+
+echo "-------------------------------------------------------"
+echo Sender $SENDER
+echo Recipients $RECIPIENTS
+echo Virus $VIRUS
+echo "-------------------------------------------------------"
+
+
+# Move the virus file to another directory
+# This only works if Quarantine is enabled
+
+if [ -n "$EMAIL" ]; then
+ mv "$EMAIL" "$dir"
+fi
+