github-actions[bot]
commented
2 years ago Thank you for submitting your first issue to MailScanner! We will respond to you soon!
Open huloza opened 2 years ago
github-actions[bot]
commented
2 years ago Thank you for submitting your first issue to MailScanner! We will respond to you soon!
shawniverson
commented
2 years ago This makes a huge amount of sense, especially as we move toward container-based architectures. Separation of these components is key.
huloza
commented
2 years ago This makes a huge amount of sense, especially as we move toward container-based architectures. Separation of these components is key.
If you want to do testing i have a clamAV server ready, can contact me in private to give you the config.
Regards.
Hello, right now you can use "clamd" in Virus Scanners directive to use ClamAV antivirus, aditionally you can set "Clamd Socket" and "Clamd Port" directives, but this only work if clamav is installed in the same server as MailScanner.
This Feature request improves this system adding the possibility to use a REMOTE CLAMAV INSTALLATION, this can be useful if your MailScanner installation is in a low spec server and you cannot use clamav unofficial signatures to catch spam and virus because of system resources.
¿Why? SweepViruses.pm file where the AV logic is writen uses direct socket connection with clamd exec, but passes the file or directory(target) parameter assuming files are in local system, if you configure a remote ClamAV installation server and set the ip address in SOCKET and PORT directives, you will always get an error because remote server cannot access the target parameter(files or directory).
This feature can be added in two ways:
1. Upgrade the SweepViruses.pm logic to use INSTREAM clamd command instead of CONTSCAN or MULTISCAN
this way you can use local/remote server because MailScanner will always STREAM target data to clamd. CONS of this method is you cant use MULTISTREAM (Clamd Use Threads directive).
More info about INSTREAM clamd command: https://linux.die.net/man/8/clamd
2. Add a new AV wrapper called clamdscan with his respective SweepViruses.pm logic
clamdscan is installed by default with clamav and uses the clamd exec to scan, you can pass a custom settings(clamd.conf) file every time you call it, in this custom clamd.conf you can set the remote IP and Port.
Example of clamdscan command that scans with remote AV server specified in clamd_remote.conf:
_clamdscan --multiscan --config-file=/etc/clamav/clamdremote.conf folder/
More info about clamdscan parameters: https://linux.die.net/man/1/clamdscan
I'm not a bash programmer but i think this is a simple addition with a lot of benefits for MailScanner users, if some MailScanner dev wants to do the changes i can help with testing and all needings, i already have a configured AV Server.
¡Hope we implement this! and sorry english is not my first language.
Regards!