 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
9 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Pythonfilter not ...| From | Sent On | Attachments |
|---|---|---|
| Jérôme Blion | May 12, 2007 10:48 am | |
| Gordon Messmer | May 12, 2007 11:27 am | |
| Jérôme Blion | May 12, 2007 11:54 am | |
| Gordon Messmer | May 12, 2007 1:13 pm | |
| Jérôme Blion | May 12, 2007 6:40 pm | |
| Gordon Messmer | May 13, 2007 11:41 am | |
| Jérôme Blion | May 13, 2007 3:49 pm | |
| Gordon Messmer | May 14, 2007 10:01 am | |
| Jérôme Blion | May 14, 2007 10:52 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: [courier-users] Pythonfilter not running | Actions... |
|---|---|---|
| From: | Jérôme Blion (jero...@free.fr) | |
| Date: | May 13, 2007 3:49:31 pm | |
| List: | net.sourceforge.lists.courier-users | |
Gordon Messmer a écrit :
Jérôme Blion wrote:
I am a little bit confused about one thing : the spool folder : In config.py, there is: spool = '/var/spool/courier'
This folder does not exist on the 2 boxes I installed from sources...
D'oh. I just fixed that bug, too.
Download 0.21: http://phantom.dragonsdawn.net/~gordon/courier-pythonfilter/
Great :) My logs are filling now !!! (it should be one of the first times I'm happy to fill my logs :) )
I fixed my clamd.py. Indeed, pyclamd returns two differents types depending on the return code of the scan_file function. Else a dictionnary or a NoneType... As I don't know how to do it correctly, I converted avresult to a string.
You will find the new clamd.py in attachments. It works fine for me... The code is a little bit dirty, as the socket name is hardcoded... As I just discovered python with pythonfilter, I think there are some possible improvements in my script.
# echo "hello world" | nail jer...@ns300321.ovh.net ############# /var/log/mail.log ############# May 14 00:21:24 ns300321 courierfilter: Additional groups: [1] May 14 00:21:24 ns300321 courierfilter: Body: /usr/lib/courier/var/tmp/117909/D206 May 14 00:21:24 ns300321 courierfilter: Raw stat: (33200, 4295L, 2306L, 1, 1, 1, 1482L, 1179094884, 1179094884, 1179094884) May 14 00:21:24 ns300321 courierfilter: Control file: /usr/lib/courier/var/tmp/117909/1179094884.31113.sim-plage.com May 14 00:21:24 ns300321 courierfilter: Raw stat: (33200, 206L, 2306L, 1, 1, 1, 121L, 1179094884, 1179094884, 1179094884) May 14 00:34:40 ns300321 courierfilter: Stopping pythonfilter May 14 00:34:42 ns300321 courierfilter: Starting pythonfilter May 14 00:34:42 ns300321 courierfilter: Initialized the "debug" python filter May 14 00:34:42 ns300321 courierfilter: Initialized the "clamdfilter" python filter May 14 00:34:42 ns300321 courierfilter: Initialized the "nosuccessdsn" python filter May 14 00:34:49 ns300321 courieresmtpd: started,ip=[::ffff:91.121.12.83] May 14 00:34:49 ns300321 courierfilter: Debugging filter invoked: May 14 00:34:49 ns300321 courierfilter: PID: 691 May 14 00:34:49 ns300321 courierfilter: CWD: /usr/lib/courier May 14 00:34:49 ns300321 courierfilter: EUID: 1 May 14 00:34:49 ns300321 courierfilter: EGID: 1 May 14 00:34:49 ns300321 courierfilter: UID: 1 May 14 00:34:49 ns300321 courierfilter: GID: 1 May 14 00:34:49 ns300321 courierfilter: Additional groups: [1] May 14 00:34:49 ns300321 courierfilter: Body: /usr/lib/courier/var/tmp/117909/D206 May 14 00:34:49 ns300321 courierfilter: Raw stat: (33200, 249L, 2306L, 1, 1, 1, 1103L, 1179095689, 1179095689, 1179095689) May 14 00:34:49 ns300321 courierfilter: Control file: /usr/lib/courier/var/tmp/117909/1179095689.699.sim-plage.com May 14 00:34:49 ns300321 courierfilter: Raw stat: (33200, 206L, 2306L, 1, 1, 1, 145L, 1179095689, 1179095689, 1179095689) May 14 00:34:49 ns300321 courieresmtpd: Unexpected SSL connection shutdown. May 14 00:34:49 ns300321 courierd: newmsg,id=000000CE.46479289.000002BB: dns; ns23268.ovh.net (ns23268.ovh.net [::ffff:91.121.12.83]) May 14 00:34:49 ns300321 courierd: started,id=000000CE.46479289.000002BB,from=<ro...@ns23268.ovh.net>,module=local,host=jerome!!1!1!/home/courier/domains/sim-plage.com/jerome!/home/courier/domains/sim-plage.com/jerome!,addr=<jerome> May 14 00:34:49 ns300321 courierd: Waiting. shutdown time=none, wakeup time=none, queuedelivering=1, inprogress=1 May 14 00:34:49 ns300321 courierlocal: id=000000CE.46479289.000002BB,from=<ro...@ns23268.ovh.net>,addr=<jer...@ns300321.ovh.net>,size=1103,success: Message delivered. May 14 00:34:49 ns300321 courierd: completed,id=000000CE.46479289.000002BB May 14 00:34:49 ns300321 courierd: Waiting. shutdown time=Sun May 27 11:14:27 2007, wakeup time=Sun May 27 11:14:27 2007, queuedelivering=0, inprogress=0
# echo "hello world" | nail -a clam.zip jer...@ns300321.ovh.net # 554 ClamAV-Test-File was detected. Abort! sendmail: Unable to submit message. ############# /var/log/mail.log ############# May 14 00:37:53 ns300321 courierfilter: Starting pythonfilter May 14 00:37:53 ns300321 courierfilter: Initialized the "debug" python filter May 14 00:37:53 ns300321 courierfilter: Initialized the "clamdfilter" python filter May 14 00:37:53 ns300321 courierfilter: Initialized the "nosuccessdsn" python filter May 14 00:38:01 ns300321 courierfilter: Debugging filter invoked: May 14 00:38:01 ns300321 courierfilter: PID: 1529 May 14 00:38:01 ns300321 courierfilter: CWD: /usr/lib/courier May 14 00:38:01 ns300321 courierfilter: EUID: 1 May 14 00:38:01 ns300321 courierfilter: EGID: 1 May 14 00:38:01 ns300321 courierfilter: UID: 1 May 14 00:38:01 ns300321 courierfilter: GID: 1 May 14 00:38:01 ns300321 courierfilter: Additional groups: [1] May 14 00:38:01 ns300321 courierfilter: Body: /usr/lib/courier/var/tmp/117909/D206 May 14 00:38:01 ns300321 courierfilter: Raw stat: (33200, 249L, 2306L, 1, 1, 1, 1481L, 1179095881, 1179095881, 1179095881) May 14 00:38:01 ns300321 courierfilter: Control file: /usr/lib/courier/var/tmp/117909/1179095881.1538.sim-plage.com May 14 00:38:01 ns300321 courierfilter: Raw stat: (33200, 206L, 2306L, 1, 1, 1, 121L, 1179095881, 1179095881, 1179095881)
Mail from my computer to the server:
############# /var/log/mail.log May 14 00:39:21 ns300321 courieresmtpd: started,ip=[::ffff:212.27.42.35] May 14 00:39:21 ns300321 courierfilter: Debugging filter invoked: May 14 00:39:21 ns300321 courierfilter: PID: 1529 May 14 00:39:21 ns300321 courierfilter: CWD: /usr/lib/courier May 14 00:39:21 ns300321 courierfilter: EUID: 1 May 14 00:39:21 ns300321 courierfilter: EGID: 1 May 14 00:39:21 ns300321 courierfilter: UID: 1 May 14 00:39:21 ns300321 courierfilter: GID: 1 May 14 00:39:21 ns300321 courierfilter: Additional groups: [1] May 14 00:39:21 ns300321 courierfilter: Body: /usr/lib/courier/var/tmp/117909/D206 May 14 00:39:21 ns300321 courierfilter: Raw stat: (33200, 249L, 2306L, 1, 1, 1, 2361L, 1179095961, 1179095961, 1179095961) May 14 00:39:21 ns300321 courierfilter: Control file: /usr/lib/courier/var/tmp/117909/1179095961.1603.sim-plage.com May 14 00:39:21 ns300321 courierfilter: Raw stat: (33200, 206L, 2306L, 1, 1, 1, 149L, 1179095961, 1179095961, 1179095961) May 14 00:39:29 ns300321 courieresmtpd: error,relay=::ffff:212.27.42.35,from=<jero...@free.fr>: 554 ClamAV-Test-File was detected. Abort!
For me, it's perfect :) Thanks for the quick fix, it works fine now.
Best regards, and have a good night :) Jerome Blion.
#!/usr/bin/python # clamav -- Courier filter which scans messages with ClamAV # Copyright (C) 2004 Robert Penz <rob...@penz.name> # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
import sys import pyclamd
# Record in the system log that this filter was initialized. sys.stderr.write('Initialized the "clamdfilter" python filter\n')
def doFilter(bodyFile, controlFileList): # check for viruses try: pyclamd.init_unix_socket('/tmp/clamd') avresult = pyclamd.contscan_file(bodyFile)
except Exception, e: return "554 " + str(e)
if str(avresult) == 'None': return ''
if avresult.has_key(bodyFile): return "554 %s was detected. Abort!" % avresult[bodyFile]
if __name__ == '__main__': # we only work with 2 parameter if len(sys.argv) != 2: print "Usage: clamd.py <message_body_file> <controlFileList" sys.exit(0) print doFilter(sys.argv[1], "")