1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
#!/bin/sh
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# WARNING WARNING WARNING WARNING WARNING WARNING WARNING
#
# By using variables passed in from clamsmtpd in file
# manipulation commands without escaping their contents
# you are opening yourself up to REMOTE COMPROMISE. You
# have been warned. Do NOT do the following unless you
# want to be screwed big time:
#
# mv $EMAIL "$SENDER.eml"
#
# An attacker can use the above command to compromise your
# computer. The only variable that is guaranteed safe in
# this regard is $EMAIL.
#
# The following script does not escape its variables
# because it only uses them in safe ways.
#
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# A sample script for virus actions. When testing make sure
# everything can run as the clamav (or relevant) user.
file="/path/to/virus.log"
dir="/path/to/quarantine/"
exec 1>>$file
exec 2>>$file
# Add some fun log lines to the log file
echo "-------------------------------------------------------"
echo Sender $SENDER
echo Recipients $RECIPIENTS
echo Virus $VIRUS
echo "-------------------------------------------------------"
# Move the virus file to another directory
# This only works if Quarantine is enabled
if [ -n "$EMAIL" ]; then
mv "$EMAIL" "$dir"
fi
|
