@@ -47,7 +47,7 @@

 struct smfiDesc descr = {

     "ClamAV", 		/* filter name */

     SMFI_VERSION,	/* milter version */

-    SMFIF_ADDHDRS|SMFIF_QUARANTINE, /* flags */

+    SMFIF_CHGHDRS|SMFIF_QUARANTINE, /* flags */

     clamfi_connect,	/* connection info filter */

     NULL,		/* SMTP HELO command filter */

     NULL,		/* envelope sender filter */

@@ -203,11 +203,27 @@ int main(int argc, char **argv) {

 	return 1;

     }

+

     /* FIXME: find a place for these:

      * maxthreads = cfgopt(copt, "MaxThreads")->numarg;

      * logclean = cfgopt(copt, "LogClean")->numarg;

      */

+    if(cfgopt(copt, "AddHeader")->enabled) {

+	char myname[255];

+

+	if(!gethostname(myname, sizeof(myname))) {

+	    char mydomain[255];

+

+	    myname[sizeof(myname)-1] = '\0';

+	    snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s at %s", get_version(), myname);

+	    xvirushdr[sizeof(xvirushdr)-1] = '\0';

+	} else {

+	    snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s", get_version());

+	    xvirushdr[sizeof(xvirushdr)-1] = '\0';

+	}

+	addxvirus = 1;

+    }

     umask(0007);

     if(!(my_socket = cfgopt(copt, "MilterSocket")->strarg)) {

@@ -22,6 +22,7 @@

 #include "clamav-config.h"

 #endif

+#include <stdio.h>

 #include <stdlib.h>

 #include <string.h>

 #include <sys/types.h>

@@ -35,12 +36,21 @@

 #include "connpool.h"

 #include "netcode.h"

+#if __GNUC__ >= 3 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7)

+#define _UNUSED_ __attribute__ ((__unused__))

+#else

+#define _UNUSED_

+#endif

+

 uint64_t maxfilesize;

 static sfsistat FailAction;

 static sfsistat (*CleanAction)(SMFICTX *ctx);

 static sfsistat (*InfectedAction)(SMFICTX *ctx);

+int addxvirus = 0;

+char xvirushdr[255];

+

 #define CLAMFIBUFSZ 1424

 struct CLAMFI {

@@ -53,9 +63,15 @@ struct CLAMFI {

 };

+void add_x_header(SMFICTX *ctx, char *st) {

+    smfi_chgheader(ctx, "X-Virus-Scanned", 1, xvirushdr);

+    smfi_chgheader(ctx, "X-Virus-Status", 1, st);

+}

+

+

 static sfsistat sendchunk(struct CLAMFI *cf, unsigned char *bodyp, size_t len, SMFICTX *ctx) {

     if(cf->totsz >= maxfilesize)

-	return SMFIS_CONTINUE; /* FIXME: SMFIS_SKIP needs negotiation (only for _body() */

+	return SMFIS_CONTINUE;

     if(cf->totsz + len > maxfilesize)

 	len = maxfilesize - cf->totsz;

@@ -126,7 +142,9 @@ sfsistat clamfi_header(SMFICTX *ctx, char *headerf, char *headerv) {

 	}

 	if((ret = sendchunk(cf, (unsigned char *)"From clamav-milter\n", 19, ctx)) != SMFIS_CONTINUE)

 	    return ret;

+

     }

+

     if((ret = sendchunk(cf, (unsigned char *)headerf, strlen(headerf), ctx)) != SMFIS_CONTINUE)

 	return ret;

     if((ret = sendchunk(cf, (unsigned char *)": ", 2, ctx)) != SMFIS_CONTINUE)

@@ -199,11 +217,29 @@ sfsistat clamfi_eom(SMFICTX *ctx) {

     free(cf);

     len = strlen(reply);

-    if(len>5 && !strcmp(reply + len - 5, ": OK\n"))

+    if(len>5 && !strcmp(reply + len - 5, ": OK\n")) {

+	if(addxvirus) add_x_header(ctx, "Clean");

 	ret = CleanAction(ctx);

-    else if (len>7 && !strcmp(reply + len - 7, " FOUND\n"))

+    } else if (len>7 && !strcmp(reply + len - 7, " FOUND\n")) {

+	logg("^%s\n", reply);

+	if(addxvirus) {

+	    char *vir;

+

+	    reply[len-7] = '\0';

+	    vir = strrchr(reply, ' ');

+	    logg("^%s\n", reply);

+	    if(vir) {

+		char msg[255];

+

+		vir++;

+		logg("^v: >%s<\n", vir);

+		snprintf(msg, sizeof(msg), "Infected (%s)", vir);

+		msg[sizeof(msg)-1] = '\0';

+		add_x_header(ctx, msg);

+	    }

+	}

 	ret = InfectedAction(ctx);

-    else {

+    } else {

 	logg("!Unknown reply from clamd\n");

 	ret = FailAction;

     }

@@ -213,9 +249,7 @@ sfsistat clamfi_eom(SMFICTX *ctx) {

 }

-sfsistat clamfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr) {

-    struct CLAMFI *cf;

-

+sfsistat clamfi_connect(_UNUSED_ SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr) {

     while(1) {

 	/* Postfix doesn't seem to honor passing a NULL hostaddr and hostname

 	   set to "localhost" for non-smtp messages (they still appear as SMTP

@@ -255,16 +289,16 @@ static int parse_action(char *action) {

 }

-static sfsistat action_accept(SMFICTX *ctx) {

+static sfsistat action_accept(_UNUSED_ SMFICTX *ctx) {

     return SMFIS_ACCEPT;

 }

-static sfsistat action_defer(SMFICTX *ctx) {

+static sfsistat action_defer(_UNUSED_ SMFICTX *ctx) {

     return SMFIS_TEMPFAIL;

 }

-static sfsistat action_reject(SMFICTX *ctx) {

+static sfsistat action_reject(_UNUSED_ SMFICTX *ctx) {

     return SMFIS_REJECT;

 }

-static sfsistat action_blackhole(SMFICTX *ctx)  {

+static sfsistat action_blackhole(_UNUSED_ SMFICTX *ctx)  {

     return SMFIS_DISCARD;

 }

 static sfsistat action_quarantine(SMFICTX *ctx) {

@@ -4,7 +4,10 @@

 #include "shared/cfgparser.h"

 #include <libmilter/mfapi.h>

-uint64_t maxfilesize;

+extern uint64_t maxfilesize;

+extern int addxvirus;

+extern char xvirushdr[255];

+

 sfsistat clamfi_body(SMFICTX *ctx, unsigned char *bodyp, size_t len);

 sfsistat clamfi_eom(SMFICTX *ctx);

@@ -107,6 +107,8 @@ Example

 #   Like accept but the message is sent to oblivion

 # - Quarantine (not available for OnFail)

 #   Like accept but message is quarantined instead of being deilievered

+#   In sendmail the quarantine queue can be examined via mailq -qQ

+#   For Postfix this causes the message to be accepted but placed on hold

 # 

 # Action to be performed on clean messages (mostly useful for testing)

 # Default Accept

@@ -122,6 +124,13 @@ Example

 # Default Defer

 #OnFail Defer

+# If this option is set to Yes, an "X-Virus-Scanned" and an "X-Virus-Status"

+# headers will be attached to each processed message, possibly replacing

+# existing headers. 

+# Default: No

+#AddHeader Yes

+

+

 ##

 ## Logging options

 ##

@@ -250,9 +259,9 @@ Example

 #--server

 #Reworked

-#-A --advisory

-#-d --dont-scan-on-error

-#-n --noxheader

-#-N --noreject

-#-Q --quarantine

-#-U, --quarantine-dir

+##-A --advisory

+##-d --dont-scan-on-error

+##-n --noxheader

+##-N --noreject

+##-Q --quarantine

+##-U, --quarantine-dir

@@ -142,14 +142,14 @@ struct cfgoption cfg_options[] = {

     {"ArchiveBlockMax", OPT_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_DEPRECATED},

     {"ArchiveLimitMemoryUsage", OPT_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_DEPRECATED },

-

     /* Milter specific options */

     {"ClamdSocket", OPT_QUOTESTR, -1, NULL, 1, OPT_MILTER},

     {"MilterSocket", OPT_QUOTESTR, -1, NULL, 1, OPT_MILTER},

     {"LocalNet", OPT_QUOTESTR, -1, NULL, 1, OPT_MILTER},

-    {"ActionClean", OPT_QUOTESTR, -1, "Accept", 1, OPT_MILTER},

-    {"ActionInfected", OPT_QUOTESTR, -1, "Quarantine", 1, OPT_MILTER},

-    {"ActionFail", OPT_QUOTESTR, -1, "Defer", 1, OPT_MILTER},

+    {"OnClean", OPT_QUOTESTR, -1, "Accept", 0, OPT_MILTER},

+    {"OnInfected", OPT_QUOTESTR, -1, "Quarantine", 0, OPT_MILTER},

+    {"OnFail", OPT_QUOTESTR, -1, "Defer", 0, OPT_MILTER},

+    {"AddHeader", OPT_BOOL, 0, NULL, 0, OPT_MILTER},

     /* Deprecated milter options */

     {"ArchiveBlockEncrypted", OPT_BOOL, 0, NULL, 0, OPT_MILTER | OPT_DEPRECATED},