These classnotes are depreciated. As of 2005, I no longer teach the classes. Notes will remain online for legacy purposes

UNIX03/Integrating Sophie With Amavisd

Classnotes | UNIX03 | RecentChanges | Preferences
One of the nice things about Sophie is that it integrates quite nicely with Amavisd (and thus, our handy mail gateway).

Something I've not stated before, but which I probably should, is that when you are installing applications such as these on a Unix system, regardless as to whether or not you are installing them from source or as a binary package it is good idea to have the original source tarball handy.

Why? Well, often they will include example configuration files and setups in these source tarballs which will help you in setting up your application.

If you haven't already, go and grab the source tarball for the latest Amavisd-new from here: http://www.ijs.si/software/amavisd/

Inside this archive, you will find a rather complete amavisd.conf file which contains nearly every setting you'd ever want. It is from this file we can discover how to set up Amavisd-new with Sophie.

From this conf file, we determine that we need the following additions to our current amavisd.conf file: 

 # Viral settings
 $virus_admin = "virusalert\@$mydomain";
 $viruses_that_fake_sender_re = new_RE(
  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
  qr'tanatos|lentin|bridex|mimail|trojan\.dropper'i,
 );

First, we define who the virus admin address is. Then we define a list of known fake sender items for viruses. 

 # If you want quarantined viruses to go here
 #$QUARANTINEDIR = '/var/virusmails';

If we want to have a quarantine directory where all found viral files go, we would define it here. 

 #$virus_quarantine_to  = 'virus-quarantine';

If, however, we wanted all the viral files to be mailed to a particular user, we could define it here. 

 $X_HEADER_TAG = 'X-Virus-Scanned';
 # Leave empty to add no header field
 $X_HEADER_LINE = "by amavisd-new at $mydomain";

Next, we define what headers (if any) we add to messages which are scanned. We could leave these blank. 

 $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';

We, of course, have to define our path here. 

 @av_scanners = (


 # ### http://www.vanja.com/tools/sophie/
 ['Sophie',
   \&ask_daemon, ["{}/\n", '/var/run/sophie'],
   qr/(?x)^ 0+ ( : | [\000\r\n]* $)/,  qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
   qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
 ['Sophos Anti Virus (sweep)', 'sweep',
   '-nb -f -all -rec -ss -sc -archive {}',
   [0,2], qr/Virus .*? found/,
   qr/^>>> Virus(?:(?: fragment)? '?(.+?)'? found)/,
 # sub {$ENV{SAV_IDE}='/usr/local/sav'},
 ],


 );

Next, we tell Amavisd-new what to do to invoke the Sophie scanner. This may look like magic, but it's just Perl and is actually supplied by the Amavisd-new source tarball.

This is added to the end of our amavisd.conf file, just before the closing "1;".


Classnotes | UNIX03 | RecentChanges | Preferences
This page is read-only | View other revisions
Last edited October 4, 2003 2:24 am (diff)
Search:
(C) Copyright 2003 Samuel Hart
Creative Commons License
This work is licensed under a Creative Commons License.