[Pkg-clamav-devel] Bug#506055: /usr/share/doc/clamav/examples/clampipe uses --unzip which causes mail problems
Chris Chiappa
chris+debian at chiappa.net
Tue Nov 18 00:53:55 UTC 2008
Package: clamav
Version: 0.94.dfsg.1-1
Severity: important
So, using a script from the examples directory is probably buyer-beware but
I'll bet lots of people do it anyhow. I use clampipe in the obvious
procmail rule:
:0fw
| perl /usr/share/doc/clamav/examples/clampipe
Unfortunately, it wants to call call clamscan with the --unzip option which
was apparently recently deprecated, leaving me with mailboxes which have
mails that look something like this:
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
foo.bar.org
X-Spam-Level: ***
X-Spam-Status: No, score=3.2 required=5.0 tests=BAYES_00,
CORRUPT_FROM_LINE_IN_HDRS,FUZZY_CPILL,MISSING_DATE,MISSING_HB_SEP,
MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,NO_RECEIVED,
NO_RELAYS,URIBL_GREY autolearn=no version=3.2.5
WARNING: Ignoring deprecated option --unzip
>From someone at somewhere.net Sat Nov 15 02:10:32 2008
Return-Path: <someone at somewhere.net>
this messes up mail readers and IMAP daemons expecting mbox format which
should look like this:
>From someone at somewhere.net Sat Nov 15 02:10:32 2008
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
foo.bar.org
X-Spam-Level: ***
X-Spam-Status: No, score=3.2 required=5.0 tests=BAYES_00,
CORRUPT_FROM_LINE_IN_HDRS,FUZZY_CPILL,MISSING_DATE,MISSING_HB_SEP,
MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,NO_RECEIVED,
NO_RELAYS,URIBL_GREY autolearn=no version=3.2.5
Return-Path: <someone at somewhere.net>
The visible symptom is that there doesn't seem to be any new mail...in
reality due to the corrupted mailbox, it just looks like the new mails are
being tacked onto the end of the last one.
Arguably this is a bug in procmail, but I don't know what the protocol is
supposed to be here. Maybe this isn't a bug anywhere and is purely user
error, but I figured it was worth documenting in any case.
Trivial fix to clampipe attached (remove --unzip from clamscan line)
-- Package-specific info:
--- configuration ---
/etc/clamav/clamd.conf: clamd directives
------------------------------
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock = no
LogFileMaxSize = 0
LogTime = yes
LogClean = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory = "/tmp"
ScanPE = yes
ScanELF = yes
DetectBrokenExecutables = no
ScanMail = yes
MailFollowURLs = no
ScanPartialMessages = no
PhishingSignatures = yes
PhishingScanURLs = yes
PhishingAlwaysBlockCloak = no
PhishingAlwaysBlockSSLMismatch = no
HeuristicScanPrecedence = no
DetectPUA = no
ExcludePUA not set
IncludePUA not set
StructuredDataDetection = no
StructuredMinCreditCardCount = 3
StructuredMinSSNCount = 3
StructuredSSNFormatNormal = yes
StructuredSSNFormatStripped = no
AlgorithmicDetection = yes
ScanHTML = yes
ScanOLE2 = yes
ScanPDF = yes
ScanArchive = yes
MaxScanSize = 104857600
MaxFileSize = 26214400
MaxRecursion = 16
MaxFiles = 10000
ArchiveLimitMemoryUsage = no
ArchiveBlockEncrypted = no
DatabaseDirectory = "/var/lib/clamav"
TCPAddr not set
TCPSocket not set
LocalSocket = "/var/run/clamav/clamd.ctl"
MaxConnectionQueueLength = 15
StreamMaxLength = 10485760
StreamMinPort = 1024
StreamMaxPort = 2048
MaxThreads = 12
ReadTimeout = 180
IdleTimeout = 30
MaxDirectoryRecursion = 15
ExcludePath not set
FollowDirectorySymlinks = no
FollowFileSymlinks = no
ExitOnOOM = no
Foreground = no
Debug = no
LeaveTemporaryFiles = no
FixStaleSocket = yes
User = "clamav"
AllowSupplementaryGroups = yes
SelfCheck = 3600
VirusEvent not set
ClamukoScanOnAccess not set
ClamukoScanOnOpen not set
ClamukoScanOnClose not set
ClamukoScanOnExec not set
ClamukoIncludePath not set
ClamukoExcludePath not set
ClamukoMaxFileSize = 5242880
DevACOnly not set
DevACDepth not set
*** MailMaxRecursion is DEPRECATED ***
*** ArchiveMaxFileSize is DEPRECATED ***
*** ArchiveMaxRecursion is DEPRECATED ***
*** ArchiveMaxFiles is DEPRECATED ***
*** ArchiveMaxCompressionRatio is DEPRECATED ***
*** ArchiveBlockMax is DEPRECATED ***
/etc/clamav/freshclam.conf: freshclam directives
------------------------------
LogFileMaxSize = 0
LogTime = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav/"
Foreground = no
Debug = no
AllowSupplementaryGroups = no
DatabaseOwner = "clamav"
Checks = 24
UpdateLogFile = "/var/log/clamav/freshclam.log"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net"
DatabaseMirror = "database.clamav.net"
DatabaseMirror = "db.us.clamav.net"
MaxAttempts = 5
ScriptedUpdates = yes
CompressLocalDatabase = no
HTTPProxyServer = "localhost"
HTTPProxyPort = 3128
HTTPProxyUsername not set
HTTPProxyPassword not set
HTTPUserAgent not set
NotifyClamd not set
OnUpdateExecute not set
OnErrorExecute not set
OnOutdatedExecute not set
LocalIPAddress not set
ConnectTimeout = 30
ReceiveTimeout = 30
SubmitDetectionStats not set
DetectionStatsCountry not set
Engine and signature databases
------------------------------
Engine version: 0.94.1
Database directory: /var/lib/clamav/
main db: Format: .cld, Version: 49, Build time: Wed Oct 22 18:03:26 2008
daily db: Format: .cld, Version: 8644, Build time: Mon Nov 17 16:35:21 2008
--- data dir ---
total 41472
-rw-r--r-- 1 clamav clamav 106913 2005-10-18 04:28 clamav-8c647fc0d00091f3
drwxr-xr-x 2 clamav clamav 4096 2008-09-04 22:43 clamav-abf0d1b943879b7711480014d5d0b485
-rw-r--r-- 1 clamav clamav 1692672 2008-11-17 17:38 daily.cld
-rw-r--r-- 1 clamav clamav 40598016 2008-10-22 18:50 main.cld
-rw------- 1 clamav clamav 1404 2007-06-26 12:40 mirrors.dat
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages clamav depends on:
ii clamav-freshclam [clam 0.94.dfsg.1-1 anti-virus utility for Unix - viru
ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co
ii libc6 2.7-16 GNU C Library: Shared libraries
ii libclamav5 0.94.dfsg.1-1 anti-virus utility for Unix - libr
ii libgmp3c2 2:4.2.2+dfsg-3 Multiprecision arithmetic library
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages clamav recommends:
ii clamav-base 0.94.dfsg.1-1 anti-virus utility for Unix - base
Versions of packages clamav suggests:
ii clamav-docs 0.94.dfsg.1-1 anti-virus utility for Unix - docu
ii lha 1.14i-10.3 lzh archiver
ii unrar 1:3.8.4-1 Unarchiver for .rar files (non-fre
-- no debconf information
-------------- next part --------------
--- clampipe~ 2008-11-11 20:01:10.000000000 -0500
+++ clampipe 2008-11-17 19:17:41.000000000 -0500
@@ -9,7 +9,7 @@
$/=undef;
my $msg=<>;
-open (CLAM, "| clamscan --quiet --unzip -")
+open (CLAM, "| clamscan --quiet -")
|| die "cannot run clamscan: $!";
# The --mbox support is flakey and requires a From header as in a real
# mbox.
More information about the Pkg-clamav-devel
mailing list