#!/usr/bin/perl -Tw =head1 NAME bitdefender -- BitDefender Linux Edition antivirus plugin for qpsmtpd =head1 DESCRIPTION This plugin scans incoming mail with the BitDefender Linux Edition scanner, and can at your option reject or flag infected messages. =head1 CONFIGURATION =over 4 =item B<bitdefender_location> Full path to the BitDefender binary and all signature files; defaults to /opt/bdc/bdc. =item B<deny_viruses> Whether the scanner will automatically delete messages which have viruses. Takes either 'yes' or 'no' (defaults to 'yes'). =item B<max_size> Maximum size in kilobytes for messages which will be scanned; defaults to 128k; =back =head1 DEPENDENCIES =over 4 =item B<BitDefender> The BitDefender Linux Edition is available to use, free of charge, from this link: <http://www.bitdefender.com/bd/site/products.php?p_id=16> Please read the documentation for configuring automatic updates of the virus profiles. =back =head1 AUTHOR John Peacock <jpeacock@cpan.org> =head1 COPYRIGHT AND LICENSE Copyright (c) 2004 John Peacock Based lightly on the clamav plugin This plugin is licensed under the same terms as the qpsmtpd package itself. Please see the LICENSE file included with qpsmtpd for details. =cut use File::Path; use strict; use warnings; sub register { my ( $self, $qp, @args ) = @_; while (@args) { $self->{"_bitd"}->{ pop @args } = pop @args; } $self->{"_bitd"}->{"bitdefender_location"} ||= "/opt/bdc/bdc"; $self->{"_bitd"}->{"deny_viruses"} ||= "yes"; $self->{"_bitd"}->{"max_size"} ||= 128; $self->{"_bitd"}->{"max_size"} *= 1024; } sub hook_data_post { my ( $self, $transaction ) = @_; if ( $transaction->data_size > $self->{"_bitd"}->{"max_size"} ) { $self->log( LOGWARN, 'Mail too large to scan (' . $transaction->data_size . " vs " . $self->{"_bitd"}->{"max_size"} . ")" ); return (DECLINED); } # Ignore non-multipart emails my $content_type = $transaction->header->get('Content-Type'); $content_type =~ s/\s/ /g if defined $content_type; unless ( $content_type && $content_type =~ m!\bmultipart/.*\bboundary="?([^"]+)!i ) { $self->log( LOGERROR, "non-multipart mail - skipping" ); return DECLINED; } my $filename = $transaction->body_filename; unless (defined $filename) { $self->log(LOGERROR, "didn't get a filename"); return DECLINED; } # Now do the actual scanning! open my $bdc, "-|", $self->{"_bitd"}->{"bitdefender_location"} . " --mail --all --arc $filename"; my $output; while (<$bdc>) { if (/infected: (.+)$/) { $output = $1; last; } } close $bdc; if ($output) { $self->log( LOGINFO, "Virus(es) found: $output" ); if ( $self->{"_bitd"}->{"deny_viruses"} eq "yes" ) { return ( DENY, "Virus Found: $output" ); } } return (DECLINED); } 1;