Fprot antivirus Client

Toorop toorop at cyborgnation.org
Tue Aug 27 11:26:38 CEST 2002


Bonjour,

   I'm writting a Python script which aim is to caught mail before
   qmail-queue, 'send' it to Fprot and re-inject it in qmail-queue.

   F-Prot is a free (for personnal use) scanner
   (http://www.f-prot.com/products/fplin.html) using command line.
   You can only scan file, so my script write the incomming mail in
   temp file, make the command line corresponding to this file,
   execute the command via popen, and wait for the exit status.
   exit status = 0  nothing find
   exit status = 3 At least one virus.

   Well, the problem now :
   A - If i make a test with Eicar test file infected mail, the
   exit status is 0, which is wrong.
   B - If i run my script, but using always the same command than before
   ,ei for each mail i ask to scanned the temp file writting in
   case A(repersenting a infected fiel), the exit status is 3
   which is good this time.

   So, in conclusion : If the script puts  the infected file Mail it
   temporary dir and sends the command of treatment to Fprot
   directly the scann process return bad result (always 0).But if
   the command of treatment of this file is made in anather
   instance of the scriptthat works !!

My function :
------------------------------------------------------------------------------
def scan_for_viruses():
        # Rando name for temp file
        nom=time.strftime("%d%m%Y%H%M%S", time.gmtime())
        g=Random()
        rand="%s" %g.random()
        rand=string.replace(rand,".","",1)
        nom+="%s" %rand

        # Write mail in temp file
        try :
                chemin="%stemp/%s" %(protecmail_dir,nom)
                fichier=open(chemin,'a')
                fichier.write(mail)
                fichier.close
        except :
                log ("Probleme de mise en répertoire temporaire dans la fonction scan_for_viruses.")
                return
   
        # Run Fprot scanner
        fprot="/usr/local/bin/f-prot %s" %chemin  # command

        # The line after is for test, the 260820021..... file is infected
        # and the scanner return 3.But when the mail correspondind to
        # that file has passed to the script the exit status was 0, which is wrong
        #fprot="/usr/local/bin/f-prot /path/to/temp/260820021952530513805522225"
        try :
                #log(" La commande est : %s" %fprot,0)
                scan=popen2.Popen3(fprot)
                exit_status=os.WEXITSTATUS(scan.wait())
                log("Exit status of Fprot is %s" %exit_status,0)
        except :
                log("Something wrong with popen !!!",0)
                
        # Remove temp file
        try :
                killer=os.remove(chemin)
        except :
                log("Impossible d'effacer le fichier temporaire :%s" %chemin)
        return

---------------------------------------------------------------------------------

   Any idea ???
  

--
Toorop 
Lorsque que vous avez éliminé l'impossible, ce qui reste, 
même si c'est improbable, doit être la vérité.
www.spoonsdesign.com

---------------------------------
Mail scanné par Protecmail filter 





More information about the Python-list mailing list