3
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
4
# WARNING WARNING WARNING WARNING WARNING WARNING WARNING
6
# By using variables passed in from clamsmtpd in file
7
# manipulation commands without escaping their contents
8
# you are opening yourself up to REMOTE COMPROMISE. You
9
# have been warned. Do NOT do the following unless you
10
# want to be screwed big time:
12
# mv $EMAIL "$SENDER.eml"
14
# An attacker can use the above command to compromise your
15
# computer. The only variable that is guaranteed safe in
16
# this regard is $EMAIL.
18
# The following script does not escape its variables
19
# because it only uses them in safe ways.
21
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
23
# A sample script for virus actions. When testing make sure
24
# everything can run as the clamav (or relevant) user.
26
file="/path/to/virus.log"
27
dir="/path/to/quarantine/"
33
# Add some fun log lines to the log file
35
echo "-------------------------------------------------------"
37
echo Recipients $RECIPIENTS
39
echo "-------------------------------------------------------"
42
# Move the virus file to another directory
43
# This only works if Quarantine is enabled
45
if [ -n "$EMAIL" ]; then