These classnotes are depreciated. As of 2005, I no longer teach the classes. Notes will remain online for legacy purposes

UNIX03/Configure Amavisd For Sophie

Classnotes | UNIX03 | RecentChanges | Preferences

Go back and add the following to your amavisd.conf file:

 # Viral settings
 $virus_admin = "virusalert\@$mydomain";
 $viruses_that_fake_sender_re = new_RE(
  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
  qr'tanatos|lentin|bridex|mimail|trojan\.dropper'i,
 );
 # If you want quarantined viruses to go here
 #$QUARANTINEDIR = '/var/virusmails';

 #$virus_quarantine_to  = 'virus-quarantine';
 $X_HEADER_TAG = 'X-Virus-Scanned';
 $X_HEADER_LINE = "by amavisd-new at $mydomain";
 $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
 @av_scanners = (

 # ### http://www.vanja.com/tools/sophie/
 ['Sophie',
   \&ask_daemon, ["{}/\n", '/var/run/sophie'],
   qr/(?x)^ 0+ ( : | [\000\r\n]* $)/,  qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
   qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
 ['Sophos Anti Virus (sweep)', 'sweep',
   '-nb -f -all -rec -ss -sc -archive {}',
   [0,2], qr/Virus .*? found/,
   qr/^>>> Virus(?:(?: fragment)? '?(.+?)'? found)/,
 # sub {$ENV{SAV_IDE}='/usr/local/sav'},
 ],

 );

Add this to the end of the file.

Now you must ask yourself a question: How is Amavisd-new going to access the Sophie UNIX socket? You can modify the file so that it is created in /var/lib/amavis/tmp, or you can just remove Amavisd-new from it's chroot jail.



Classnotes | UNIX03 | RecentChanges | Preferences
This page is read-only | View other revisions
Last edited October 8, 2003 8:13 pm (diff)
Search:
(C) Copyright 2003 Samuel Hart
Creative Commons License
This work is licensed under a Creative Commons License.