2 * This module allows Citadel to use clamd to filter incoming messages
3 * arriving via SMTP. For more information on clamd, visit
4 * http://clamav.net (the ClamAV project is not in any way
5 * affiliated with the Citadel project).
7 * Copyright (c) 1987-2012 by the citadel.org team
9 * This program is open source software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 3.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
24 #define CLAMD_PORT "3310"
34 #include <sys/types.h>
36 #if TIME_WITH_SYS_TIME
37 # include <sys/time.h>
41 # include <sys/time.h>
50 #include <sys/socket.h>
51 #include <libcitadel.h>
54 #include "citserver.h"
61 #include "internet_addressing.h"
63 #include "clientsocket.h"
66 #include "ctdl_module.h"
71 * Connect to the clamd server and scan a message.
73 int clamd(struct CtdlMessage *msg, recptypes *recp) {
75 int streamsock = (-1);
86 /* Don't care if you're logged in. You can still spread viruses.
88 /* if (CC->logged_in) return(0); */
90 /* See if we have any clamd hosts configured */
91 num_clamhosts = get_hosts(clamhosts, "clamav");
92 if (num_clamhosts < 1) return(0);
94 /* Try them one by one until we get a working one */
95 for (clamhost=0; clamhost<num_clamhosts; ++clamhost) {
96 extract_token(buf, clamhosts, clamhost, '|', sizeof buf);
97 syslog(LOG_INFO, "Connecting to clamd at <%s>\n", buf);
99 /* Assuming a host:port entry */
100 extract_token(hostbuf, buf, 0, ':', sizeof hostbuf);
101 if (extract_token(portbuf, buf, 1, ':', sizeof portbuf)==-1)
102 /* Didn't specify a port so we'll try the psuedo-standard 3310 */
103 sock = sock_connect(hostbuf, CLAMD_PORT);
105 /* Port specified lets try connecting to it! */
106 sock = sock_connect(hostbuf, portbuf);
108 if (sock >= 0) syslog(LOG_DEBUG, "Connected!\n");
112 /* If the service isn't running, just pass the mail
113 * through. Potentially throwing away mails isn't good.
118 CCC->SBuf.Buf = NewStrBuf();
119 CCC->sMigrateBuf = NewStrBuf();
120 CCC->SBuf.ReadWritePointer = NULL;
123 syslog(LOG_DEBUG, "Transmitting STREAM command\n");
124 sprintf(buf, "STREAM\r\n");
125 sock_write(&sock, buf, strlen(buf));
127 syslog(LOG_DEBUG, "Waiting for PORT number\n");
128 if (sock_getln(&sock, buf, sizeof buf) < 0) {
132 syslog(LOG_DEBUG, "<%s\n", buf);
133 if (strncasecmp(buf, "PORT", 4)!=0) {
137 /* Should have received a port number to connect to */
138 extract_token(portbuf, buf, 1, ' ', sizeof portbuf);
140 /* Attempt to establish connection to STREAM socket */
141 streamsock = sock_connect(hostbuf, portbuf);
143 if (streamsock < 0) {
144 /* If the service isn't running, just pass the mail
145 * through. Potentially throwing away mails isn't good.
147 FreeStrBuf(&CCC->SBuf.Buf);
148 FreeStrBuf(&CCC->sMigrateBuf);
152 syslog(LOG_DEBUG, "STREAM socket connected!\n");
158 CC->redirect_buffer = NewStrBufPlain(NULL, SIZ);
159 CtdlOutputPreLoadedMsg(msg, MT_RFC822, HEADERS_ALL, 0, 1, 0);
160 msgtext = CC->redirect_buffer;
161 CC->redirect_buffer = NULL;
163 sock_write(&streamsock, SKEY(msgtext));
164 FreeStrBuf(&msgtext);
166 /* Close the streamsocket connection; this tells clamd
169 if (streamsock != -1)
173 syslog(LOG_DEBUG, "Awaiting response\n");
174 if (sock_getln(&sock, buf, sizeof buf) < 0) {
177 syslog(LOG_DEBUG, "<%s\n", buf);
178 if (strncasecmp(buf, "stream: OK", 10)!=0) {
183 CM_SetField(msg, eErrorMsg, HKEY("message rejected by virus filter"));
187 FreeStrBuf(&CCC->SBuf.Buf);
188 FreeStrBuf(&CCC->sMigrateBuf);
194 CTDL_MODULE_INIT(virus)
198 CtdlRegisterMessageHook(clamd, EVT_SMTPSCAN);
201 /* return our module name for the log */