summaryrefslogtreecommitdiff
path: root/scripts/virus_action.sh
blob: b41f9938838d7b31c6800a944ad37f86486ce258 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#!/bin/sh

# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
#   WARNING WARNING WARNING WARNING WARNING WARNING WARNING
#
#  By using variables passed in from clamsmtpd in file
#  manipulation commands without escaping their contents
#  you are opening yourself up to REMOTE COMPROMISE. You
#  have been warned. Do NOT do the following unless you
#  want to be screwed big time:
#
#  mv $EMAIL "$SENDER.eml"
#
#  An attacker can use the above command to compromise your
#  computer. The only variable that is guaranteed safe in
#  this regard is $EMAIL.
#
#  The following script does not escape its variables
#  because it only uses them in safe ways.
#
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

# A sample script for virus actions. When testing make sure
# everything can run as the clamav (or relevant) user.

file="/path/to/virus.log"
dir="/path/to/quarantine/"

exec 1>>$file
exec 2>>$file


# Add some fun log lines to the log file

echo "-------------------------------------------------------"
echo Sender  $SENDER
echo Recipients  $RECIPIENTS
echo Virus  $VIRUS
echo "-------------------------------------------------------"


# Move the virus file to another directory
# This only works if Quarantine is enabled

if [ -n "$EMAIL" ]; then
	mv "$EMAIL" "$dir"
fi