Avast WEBforum
Business Products => Avast Business => Avast Business for Linux => Topic started by: Culpeper on December 07, 2005, 03:44:05 AM
-
Current version of Kmail has an antivirus wizard that sets up filters that are piped through to selected AV programs. They are:
Clam
Sophos
F-Prot
Anti-Vir
If the wizard detects any of the above AV programs installed than it will set up filters to scan using the selecting AV scanner to scan incoming or outgoing email. This doesn't mean Avast cannot be used in the same manner. It does mean the proper filtering needs to be set up thus bypassing the antivirus wizard in Kmail.
For example. If F-prot is installed and selected than the wizard will set up the proper filters to "pipe through" a script called, kmail_fprot.sh, which is as follows:
TEMPFILE=`mktemp`
if [ $? != 0 ] ; then
TEMPFILE=`mktemp /tmp/kmail.XXXXXX`
fi
export TEMPFILE
cat > $TEMPFILE
f-prot -archive 3 $TEMPFILE > /dev/null
RC=$?
if [ $RC -eq 0 ] ; then
echo "X-Virus-Flag: no"
else
case $RC in
1 ) DESC="no - Unrecoverable error" ;;
2 ) DESC="no - Selftest failed" ;;
3 ) DESC="yes - Virus-infected object found" ;;
4 ) DESC="no - Reserved" ;;
5 ) DESC="no - Abnormal termination" ;;
6 ) DESC="no - Virus was removed" ;;
7 ) DESC="no - Error, out of memory" ;;
8 ) DESC="yes - Something suspicious found" ;;
esac
echo "X-Virus-Flag: $DESC"
fi
cat $TEMPFILE
rm $TEMPFILE
And email messages using Clam would be piped through, kmail_clam.sh and looks like this
TEMPFILE=`mktemp`
if [ $? != 0 ] ; then
TEMPFILE=`mktemp /tmp/kmail.XXXXXX`
fi
export TEMPFILE
cat > $TEMPFILE
if clamscan --stdout --no-summary --mbox $TEMPFILE | grep -q FOUND; then
echo "X-Virus-Flag: yes"
else
echo "X-Virus-Flag: no"
fi
cat $TEMPFILE
rm $TEMPFILE
And Anti-Vir is, kmail_antivir.sh
MPFILE=`mktemp`
if [ $? != 0 ] ; then
TEMPFILE=`mktemp /tmp/kmail.XXXXXX`
fi
export TEMPFILE
cat > $TEMPFILE
if antivir --scan-in-archive --scan-in-mbox $TEMPFILE | grep -q ALERT; then
echo "X-Virus-Flag: yes"
else
echo "X-Virus-Flag: no"
fi
cat $TEMPFILE
rm $TEMPFILE
And Sophos is, kmail_sav.sh
EMPFILE=`mktemp`
if [ $? != 0 ] ; then
TEMPFILE=`mktemp /tmp/kmail.XXXXXX`
fi
export TEMPFILE
cat > $TEMPFILE
if sweep -ss -mime $TEMPFILE | grep -q found; then
echo "X-Virus-Flag: yes"
else
echo "X-Virus-Flag: no"
fi
cat $TEMPFILE
rm $TEMPFILE
What we need for Avast to work (I think), is to create a, kmail_avast.sh. I'm no programmer by any means but as far as I can tell this is what we need to get Avast scanning email using KDE Kmail. Any suggestions would be productive.
Please see the attached images to view filtering rules using F-Prot.
-
It would be nice...
The absence of a GUI to update, run on-demand scannings, etc., makes avast for Linux very unatractive.
If you succeed making this script, it will be a very good thing in my opinion.
Nice to know you're arround Culpeper 8)
-
We would need someone to write a script like the ones above to fit Avast. The best person to do this would be one of the Avast staff familar with Linux as well as Avast for Linux commands and syntax. It might be as simple as copying one of the scripts and changing the appropriate commands and syntax to fit Avast. I don't know.
-
Here's the script, please try it:
TEMPFILE=`mktemp`
if [ $? != 0 ] ; then
TEMPFILE=`mktemp /tmp/kmail.XXXXXX`
fi
export TEMPFILE
cat > $TEMPFILE
avast -h >/dev/null 2>&1
if [ $? -eq 41 ]; then \
avast -ai -t=A $TEMPFILE > /dev/null; \
else \
avastcmd -ai -t=A $TEMPFILE > /dev/null; \
fi
RC=$?
if [ $RC -eq 0 ] ; then
echo "X-Virus-Flag: no"
else
case $RC in
1 | 3 ) DESC="yes" ;;
2 ) DESC="no - Virus was removed" ;;
24 ) DESC="no - Encrypted" ;;
* ) DESC="no - Failed" ;;
esac
echo "X-Virus-Flag: $DESC"
fi
cat $TEMPFILE
rm $TEMPFILE
-
Will do...Thanx!
-
dublin
Your script works testing with eicar.zip.
-
thx