I am using a simple perl script, clamfilter, to filter my incoming mail via procmail and sort it into a seperate mbox. This is all working fine, but I would love to be able to also have more than just the headers modified.
The source code for the clam filter is available here:
http://www.everysoft.com/clamfilter.pl.txt
At the moment this only alters the email headers like so:
Code:
X-Virus-Found: yes
X-Virus-Status:
------------------------------------------------------------
Virus Scan Status:
------------------------------------------------------------
/tmp/clamav-4a06825e36e18d49/all_document.pifd6vAvl: Worm.SomeFool.Gen-1 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 22932
Scanned directories: 1
Scanned files: 1
Infected files: 1
Data scanned: 0.02 MB
I/O buffer size: 131072 bytes
Time: 1.074 sec (0 m 1 s)
------------------------------------------------------------
Unfortunately the email itself and infected attachments remain unaltered. I am trying to at the very least have either the clamfilter script or a procmail recipe change the subject to ******VIRUS***** as a warning, or ideally, delete the attachment altogether. It would also be nice if the above header information could be printed in the body as well as the headers so users can know what virus the email was infected with.
My procmail recipe for the clamfilter is as follows, and merely moves the emails to a seperate folder:
Code:
#ClamAV filter
:0fw
| clamfilter.pl
:0:
* ^X-Virus-Found: yes
viruses
Any help here from the Procmail or Perl gurus would be greatly appreciated.
Cheers.
TK.
