-
-
Notifications
You must be signed in to change notification settings - Fork 3
qscanq stdin.8
qscanq-stdin - qmail virus scanner
qscanq-stdin [ prog arg1 arg2 arg3 ... ]
qscanq-stdin is invoked by qscanq. It ensures that the message on stdin is seekable, extracts its MIME components to the current directory, and runs the virus / bad attachment scanner on them.
Like qscanq and qmail-multi, qscanq-stdin needs no arguments. If arguments are supplied, they are used as the command to run instead of qmail-multi. In this way, further qmail-multi wrappers--such as spam filters--can be chained with qscanq.
qscanq-stdin expects an email message on file descriptor 1, its envelope on file descriptor 0, and writes nothing to descriptor 2. It returns an exit code which is interpreted by the caller (usually qmail-smtpd or qmail-inject ).
The first thing qscanq-stdin does is to copy stdin to a file in the current directory named "msg". It then closes and reopens the file read-only on file descriptor 0, and unlinks the file. This presents the same interface to downstream programs while ensuring that the file is seekable, read-only, and not directly accessible to other programs.
After making stdin seekable, qscanq-stdin creates a second copy of the message in a file also named "msg". Some viruses are only detected by looking at the raw message, so we need a copy in the working folder.
Once stdin is seekable, qscanq-stdin runs RipMIME to extract the MIME components of stdin into files in the current directory. RipMIME is run with descriptors 1 and 2 closed, so it can't read the message envelope or print any output. If RipMIME fails, qscanq-stdin returns temporary error code 71, resulting in message deferral. After RipMIME exits, stdin is rewound to the start of the file.
After RipMIME completes, qscanq-stdin runs bad attachment check or clamdscan for the virus scanner, depending on the value of VIRUSCHECK environment variable. The viruscanner can be changed by setting the SCANCMD environment variable. All three descriptors, 0, 1 and 2, are closed before running run-antivir. If it can't be run, or crashes, then qscanq-stdin returns code 71, causing the message to be deferred.
If clamdscan returns code 2, indicating that a virus has been found, then clamdscan returns error code 33, permanently rejecting the message. qscanq-stdin will return 34, permanently rejecting the message, in case the attachment extension matches any prohibited extensions in the badext control file.
If the virus scanning or bad attachment scanning passes all tests, qscanq-stdin will run the command supplied on its command line, or if none is supplied will run qmail-multi. It also requests cleanup of its working directory by calling run-cleanq
Upon startup, qscanq-stdin sets an alarm for the time specified in conf-ageout (default: 1 hour). When the alarm fires, qscanq-stdin sends SIGKILL to RipMIME or to the virus scanner, whichever may be running, and exits with code 71 (or code 54 if ripmime is killed). Once qmail-queue has started (invoked by qmail-multi ), it sets its own alarm, independent of qscanq's alarm (default: 1 day). qscanq will wait forever if need be, so its longest runtime is equal to conf-ageout plus the timeout used by qmail-queue.
badext
Unacceptable extensions for attachments. qscanq-stdin will reject
mail if extensions of attachments in the mail matches lines in badext.
A line in badext may be of the form .ext, meaning any attachment
having the extension ext. The filename can be overriden by the
environment variable BADEXT.
badextpatterns
Gives qscanq-stdin the ability to filter E-Mails by comparing the
attachment extensions with a REGEX pattern in badextpatterns. Example:
*.doc !document.doc [0-9][0-9][0-9][0-9][0-9]@[0-9][0-9][0-9].doc *%*
badextpatterns file with this contents stops all mail having attachment with extension .doc except for document.doc. It also rejects all mail with extensions like: 12345@123.doc. Further, any E-Mail with a sender address containing a percent sign (%) is rejected. The filename can be overriden by the environment variable BADEXTPATTERNS.
qscanq-stdin sets no environment variables. It does pass its environment to qmail-queue (or PROG, if supplied instead). This means that any qmail-queue wrapper must be able to handle its environment safely.
If the DEBUG environment variable is set to any value whatsoever, then qscanq-stdin will print diagnostic messages to stderr whenever an error occurs. This is for use in debugging a new configuration, and should never be used to capture "extra log information" during runtime. If DEBUG is set for qscanq, then qscanq will set DEBUG=1 when calling qscanq-stdin.
It should be stressed that the value of DEBUG is ignored. Setting DEBUG to "1", "TRUE", "yes", etc., will turn on debug messages. Setting it to "0", "FALSE", "no", "N", etc., will also turn on debug messages. If you don't want debug messages, don't set DEBUG at all.
The default scanner to be called is set during compilation in conf-scancmd. This can be overriden at run time by the environment variable SCANCMD.
You can run qscanq with virus checkers other than clamdscan. Just edit conf-scancmd with the command-line you want qscanq to use. The command must obey the following rules:
1. The current directory is recursively scanned.
2. The scanner returns a 0 exit code if directory is clean.
3. The scanner returns a 1 exit code if a virus is found.
4. The scanner returns a 2 if some runtime error prevented the current directory from being scanned completely.
If your scanner's exit codes do not conform to the specification above, then you will need to provide a wrapper which interprets your scanners return codes, and returns the above codes. Then edit conf-scancmd or set SCANCMD environment variable with the command-line used to run your wrapper.
In addition to the return codes from qmail-queue, qscanq-stdin returns 53 (write error) if it can't create a seekable copy of stdin, and 54 (read error) if it can't reopen that file in read-only mode or if RipMIME fails. If clamdscan or qmail-queue fails, it returns code 71 (temporary rejection).
qscanq(8), cleanq(8), run-cleanq(8), qmail-queue(8), qmail-multi(8), clamd(8) clamav.conf(5) clamdscan(1) clamscan(1)