2 * This module allows Citadel to use clamd to filter incoming messages
3 * arriving via SMTP. For more information on clamd, visit
4 * http://clamav.net (the ClamAV project is not in any way
5 * affiliated with the Citadel project).
7 * Copyright (c) 1987-2022 by the citadel.org team
9 * This program is open source software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 3.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
18 #define CLAMD_PORT "3310"
20 #include "../../sysdep.h"
28 #include <sys/types.h>
33 #include <sys/socket.h>
34 #include <libcitadel.h>
35 #include "../../citadel_defs.h"
36 #include "../../server.h"
37 #include "../../citserver.h"
38 #include "../../support.h"
39 #include "../../config.h"
40 #include "../../control.h"
41 #include "../../user_ops.h"
42 #include "../../database.h"
43 #include "../../msgbase.h"
44 #include "../../internet_addressing.h"
45 #include "../../domain.h"
46 #include "../../clientsocket.h"
47 #include "../../ctdl_module.h"
51 * Connect to the clamd server and scan a message.
53 int clamd(struct CtdlMessage *msg, struct recptypes *recp) {
55 int streamsock = (-1);
66 /* See if we have any clamd hosts configured */
67 num_clamhosts = get_hosts(clamhosts, "clamav");
68 if (num_clamhosts < 1) {
72 /* Try them one by one until we get a working one */
73 for (clamhost=0; clamhost<num_clamhosts; ++clamhost) {
74 extract_token(buf, clamhosts, clamhost, '|', sizeof buf);
75 syslog(LOG_INFO, "Connecting to clamd at <%s>\n", buf);
77 /* Assuming a host:port entry */
78 extract_token(hostbuf, buf, 0, ':', sizeof hostbuf);
79 if (extract_token(portbuf, buf, 1, ':', sizeof portbuf)==-1)
80 /* Didn't specify a port so we'll try the psuedo-standard 3310 */
81 sock = sock_connect(hostbuf, CLAMD_PORT);
83 /* Port specified lets try connecting to it! */
84 sock = sock_connect(hostbuf, portbuf);
86 if (sock >= 0) syslog(LOG_DEBUG, "Connected!\n");
90 /* If the service isn't running, just pass the mail
91 * through. Potentially throwing away mails isn't good.
96 CCC->SBuf.Buf = NewStrBuf();
97 CCC->sMigrateBuf = NewStrBuf();
98 CCC->SBuf.ReadWritePointer = NULL;
101 syslog(LOG_DEBUG, "Transmitting STREAM command\n");
102 sprintf(buf, "STREAM\r\n");
103 sock_write(&sock, buf, strlen(buf));
105 syslog(LOG_DEBUG, "Waiting for PORT number\n");
106 if (sock_getln(&sock, buf, sizeof buf) < 0) {
110 syslog(LOG_DEBUG, "<%s\n", buf);
111 if (strncasecmp(buf, "PORT", 4)!=0) {
115 /* Should have received a port number to connect to */
116 extract_token(portbuf, buf, 1, ' ', sizeof portbuf);
118 /* Attempt to establish connection to STREAM socket */
119 streamsock = sock_connect(hostbuf, portbuf);
121 if (streamsock < 0) {
122 /* If the service isn't running, just pass the mail
123 * through. Potentially throwing away mails isn't good.
125 FreeStrBuf(&CCC->SBuf.Buf);
126 FreeStrBuf(&CCC->sMigrateBuf);
130 syslog(LOG_DEBUG, "STREAM socket connected!\n");
135 CC->redirect_buffer = NewStrBufPlain(NULL, SIZ);
136 CtdlOutputPreLoadedMsg(msg, MT_RFC822, HEADERS_ALL, 0, 1, 0);
137 msgtext = CC->redirect_buffer;
138 CC->redirect_buffer = NULL;
140 sock_write(&streamsock, SKEY(msgtext));
141 FreeStrBuf(&msgtext);
143 /* Close the streamsocket connection; this tells clamd
146 if (streamsock != -1) {
151 syslog(LOG_DEBUG, "Awaiting response\n");
152 if (sock_getln(&sock, buf, sizeof buf) < 0) {
155 syslog(LOG_DEBUG, "<%s\n", buf);
156 if (strncasecmp(buf, "stream: OK", 10)!=0) {
161 CM_SetField(msg, eErrorMsg, HKEY("message rejected by virus filter"));
165 FreeStrBuf(&CCC->SBuf.Buf);
166 FreeStrBuf(&CCC->sMigrateBuf);
171 // Initialization function, called from modules_init.c
172 char *ctdl_module_init_virus(void) {
174 CtdlRegisterMessageHook(clamd, EVT_SMTPSCAN);
177 /* return our module name for the log */