--- mailfront-1.15/plugin-clamav.c.original 2010-04-04 19:39:16.195027409 +0800 +++ mailfront-1.15/plugin-clamav.c 2010-04-04 19:53:13.534026344 +0800 @@ -13,6 +13,8 @@ static RESPONSE(no_scan,451,"4.3.0 Could not virus scan message"); static response resp_virus = { 554, 0 }; +static unsigned long failsafe; + #define MAX_IPS 16 static str line; @@ -29,6 +31,12 @@ return -1; } +static const response *warn_sys(const char *s1) +{ + warn2sys("clamav skipped: ", s1); + return failsafe ? 0 : &resp_internal; +} + static const response* message_end(int fd) { const char* hostname; @@ -48,6 +56,9 @@ ibuf netin; obuf netout; struct stat st; + + if ((tmp = getenv("CLAMAV_FAILSAFE")) && *tmp) + failsafe = strtoul(tmp, 0, 10); if ((hostname = session_getenv("CLAMAV_HOST")) != 0 || (hostname = session_getenv("CLAMD_HOST")) != 0) { @@ -56,7 +67,7 @@ && (maxsize = strtoul(tmp, (char**)&tmp, 10)) != 0 && *tmp == 0) { if (fstat(fd, &st) != 0) - return &resp_internal; + return warn_sys("fstat(fd, &st) != 0"); if (st.st_size > (ssize_t)maxsize){ warn1("ClamAV scanning skipped: message larger than maximum"); return 0; @@ -81,15 +92,19 @@ || (send_timeout = strtoul(tmp, (char**)&tmp, 10)) == 0 || *tmp != 0) send_timeout = timeout; - if ((ip_count = resolve_ipv4name_n(hostname, ips, MAX_IPS)) <= 0) - return &resp_no_hostname; + if ((ip_count = resolve_ipv4name_n(hostname, ips, MAX_IPS)) <= 0) { + if (failsafe > 0) + return warn_sys("Could not resolve virus scanner hostname"); + else + return &resp_no_hostname; + } gettimeofday(&tv, 0); offset = (tv.tv_sec ^ tv.tv_usec) % ip_count; for (i = 0; i < ip_count; ++i) { const ipv4addr* addr = &ips[(i + offset) % ip_count]; if (lseek(fd, 0, SEEK_SET) != 0) - return &resp_internal; + return warn_sys("lseek(fd, 0, SEEK_SET) != 0"); if ((sock = try_connect(addr, cmdport, connect_timeout)) < 0) continue; @@ -128,7 +143,10 @@ close(sock); } } - return &resp_no_scan; + if (failsafe > 0) + return warn_sys("Could not virus scan message"); + else + return &resp_no_scan; } struct plugin plugin = {