Comment all proprietary antivirus we don't have and accept all mail in primary scanners

1 files changed, 104 insertions, 103 deletions

diff --git a/modules/amavis/templates/amavisd.conf b/modules/amavis/templates/amavisd.conf
index a5c85bae..0e3b3f1d 100644
--- a/modules/amavis/templates/amavisd.conf
+++ b/modules/amavis/templates/amavisd.conf
@@ -433,32 +433,32 @@ $banned_filename_re = new_RE(
 # # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx").
 
   ### http://www.kaspersky.com/  (kav4mailservers)
-  ['KasperskyLab AVP - aveclient',
-    ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
-     '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'],
-    '-p /var/run/aveserver -s {}/*',
-    [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m,
-    qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m,
-  ],
+#  ['KasperskyLab AVP - aveclient',
+#    ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
+#     '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'],
+#    '-p /var/run/aveserver -s {}/*',
+#    [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m,
+#    qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m,
+#  ],
   # NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious,
   # currupted or protected archives are to be handled
 
   ### http://www.kaspersky.com/
-  ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
-    '-* -P -B -Y -O- {}', [0,3,6,8], [2,4],    # any use for -A -K   ?
-    qr/infected: (.+)/m,
-    sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
-    sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
-  ],
+#  ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
+#    '-* -P -B -Y -O- {}', [0,3,6,8], [2,4],    # any use for -A -K   ?
+#    qr/infected: (.+)/m,
+#    sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
+#    sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
+#  ],
 
   ### The kavdaemon and AVPDaemonClient have been removed from Kasperky
   ### products and replaced by aveserver and aveclient
-  ['KasperskyLab AVPDaemonClient',
-    [ '/opt/AVP/kavdaemon',       'kavdaemon',
-      '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
-      '/opt/AVP/AvpTeamDream',    'AvpTeamDream',
-      '/opt/AVP/avpdc', 'avpdc' ],
-    "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ],
+#  ['KasperskyLab AVPDaemonClient',
+#    [ '/opt/AVP/kavdaemon',       'kavdaemon',
+#      '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
+#      '/opt/AVP/AvpTeamDream',    'AvpTeamDream',
+#      '/opt/AVP/avpdc', 'avpdc' ],
+#    "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ],
     # change the startup-script in /etc/init.d/kavd to:
     #   DPARMS="-* -Y -dl -f=/var/lib/amavis /var/lib/amavis"
     #   (or perhaps:   DPARMS="-I0 -Y -* /var/lib/amavis" )
@@ -472,12 +472,12 @@ $banned_filename_re = new_RE(
     # su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}"
 
   ### http://www.centralcommand.com/
-  ['CentralCommand Vexira (new) vascan',
-    ['vascan','/usr/lib/Vexira/vascan'],
-    "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".
-    "--log=/var/log/vascan.log {}",
-    [0,3], [1,2,5],
-    qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ],
+#  ['CentralCommand Vexira (new) vascan',
+#    ['vascan','/usr/lib/Vexira/vascan'],
+#    "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".
+#    "--log=/var/log/vascan.log {}",
+#    [0,3], [1,2,5],
+#    qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ],
     # Adjust the path of the binary and the virus database as needed.
     # 'vascan' does not allow to have the temp directory to be the same as
     # the quarantine directory, and the quarantine option can not be disabled.
@@ -487,29 +487,29 @@ $banned_filename_re = new_RE(
 
   ### http://www.avira.com/
   ### Avira AntiVir (formerly H+BEDV) or (old) CentralCommand Vexira Antivirus
-  ['Avira AntiVir', ['antivir','vexira'],
-    '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m,
-    qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
-         (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ],
+#  ['Avira AntiVir', ['antivir','vexira'],
+#    '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m,
+#    qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
+#         (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ],
     # NOTE: if you only have a demo version, remove -z and add 214, as in:
     #  '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/,
 
   ### http://www.commandsoftware.com/
-  ['Command AntiVirus for Linux', 'csav',
-    '-all -archive -packed {}', [50], [51,52,53],
-    qr/Infection: (.+)/m ],
+#  ['Command AntiVirus for Linux', 'csav',
+#    '-all -archive -packed {}', [50], [51,52,53],
+#    qr/Infection: (.+)/m ],
 
   ### http://www.symantec.com/
-  ['Symantec CarrierScan via Symantec CommandLineScanner',
-    'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
-    qr/^Files Infected:\s+0$/m, qr/^Infected\b/m,
-    qr/^(?:Info|Virus Name):\s+(.+)/m ],
+#  ['Symantec CarrierScan via Symantec CommandLineScanner',
+#    'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
+#    qr/^Files Infected:\s+0$/m, qr/^Infected\b/m,
+#    qr/^(?:Info|Virus Name):\s+(.+)/m ],
 
   ### http://www.symantec.com/
-  ['Symantec AntiVirus Scan Engine',
-    'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
-    [0], qr/^Infected\b/m,
-    qr/^(?:Info|Virus Name):\s+(.+)/m ],
+#  ['Symantec AntiVirus Scan Engine',
+#    'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
+#    [0], qr/^Infected\b/m,
+#    qr/^(?:Info|Virus Name):\s+(.+)/m ],
     # NOTE: check options and patterns to see which entry better applies
 
 # ### http://www.f-secure.com/products/anti-virus/  version 4.65
@@ -520,11 +520,11 @@ $banned_filename_re = new_RE(
 #   qr/(?:infection|Infected|Suspected): (.+)/m ],
 
   ### http://www.f-secure.com/products/anti-virus/  version 5.52
-   ['F-Secure Antivirus for Linux servers',
-    ['/opt/f-secure/fsav/bin/fsav', 'fsav'],
-    '--virus-action1=report --archive=yes --auto=yes '.
-    '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8],
-    qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ],
+#   ['F-Secure Antivirus for Linux servers',
+#    ['/opt/f-secure/fsav/bin/fsav', 'fsav'],
+#    '--virus-action1=report --archive=yes --auto=yes '.
+#    '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8],
+#    qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ],
     # NOTE: internal archive handling may be switched off by '--archive=no'
     #   to prevent fsav from exiting with status 9 on broken archives
 
@@ -539,27 +539,27 @@ $banned_filename_re = new_RE(
 #   '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1],
 #   qr/\t\[L\]\t([^[ \t\015\012]+)/m ],
 
-  ['CAI InoculateIT', 'inocucmd',  # retired product
-    '-sec -nex {}', [0], [100],
-    qr/was infected by virus (.+)/m ],
+#  ['CAI InoculateIT', 'inocucmd',  # retired product
+#    '-sec -nex {}', [0], [100],
+#    qr/was infected by virus (.+)/m ],
   # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html
 
   ### http://www3.ca.com/Solutions/Product.asp?ID=156  (ex InoculateIT)
-  ['CAI eTrust Antivirus', 'etrust-wrapper',
-    '-arc -nex -spm h {}', [0], [101],
-    qr/is infected by virus: (.+)/m ],
+#  ['CAI eTrust Antivirus', 'etrust-wrapper',
+#    '-arc -nex -spm h {}', [0], [101],
+#    qr/is infected by virus: (.+)/m ],
     # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer
     # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783
 
   ### http://mks.com.pl/english.html
-  ['MkS_Vir for Linux (beta)', ['mks32','mks'],
-    '-s {}/*', [0], [1,2],
-    qr/--[ \t]*(.+)/m ],
+#  ['MkS_Vir for Linux (beta)', ['mks32','mks'],
+#    '-s {}/*', [0], [1,2],
+#    qr/--[ \t]*(.+)/m ],
 
   ### http://mks.com.pl/english.html
-  ['MkS_Vir daemon', 'mksscan',
-    '-s -q {}', [0], [1..7],
-    qr/^... (\S+)/m ],
+#  ['MkS_Vir daemon', 'mksscan',
+#    '-s -q {}', [0], [1..7],
+#    qr/^... (\S+)/m ],
 
 # ### http://www.nod32.com/,  version v2.52 (old)
 # ['ESET NOD32 for Linux Mail servers',
@@ -580,17 +580,17 @@ $banned_filename_re = new_RE(
 #   '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ],
 
   ### http://www.eset.com/, version 3.0
-  ['ESET Software ESETS Command Line Interface',
-    ['/usr/bin/esets_cli', 'esets_cli'],
-    '--subdir {}', [0], [1,2,3],
-    qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ],
+#  ['ESET Software ESETS Command Line Interface',
+#    ['/usr/bin/esets_cli', 'esets_cli'],
+#    '--subdir {}', [0], [1,2,3],
+#    qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ],
 
   ## http://www.nod32.com/,  NOD32LFS version 2.5 and above
-  ['ESET NOD32 for Linux File servers',
-    ['/opt/eset/nod32/sbin/nod32','nod32'],
-    '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '.
-    '-w -a --action=1 -b {}',
-    [0], [1,10], qr/^object=.*, virus="(.*?)",/m ],
+#  ['ESET NOD32 for Linux File servers',
+#    ['/opt/eset/nod32/sbin/nod32','nod32'],
+#    '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '.
+#    '-w -a --action=1 -b {}',
+#    [0], [1,10], qr/^object=.*, virus="(.*?)",/m ],
 
 # Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31
 # ['ESET Software NOD32 Client/Server (NOD32SS)',
@@ -599,17 +599,17 @@ $banned_filename_re = new_RE(
 #   qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ],
 
   ### http://www.norman.com/products_nvc.shtml
-  ['Norman Virus Control v5 / Linux', 'nvcc',
-    '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
-    qr/(?i).* virus in .* -> \'(.+)\'/m ],
+#  ['Norman Virus Control v5 / Linux', 'nvcc',
+#    '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
+#    qr/(?i).* virus in .* -> \'(.+)\'/m ],
 
   ### http://www.pandasoftware.com/
-  ['Panda CommandLineSecure 9 for Linux',
-    ['/opt/pavcl/usr/bin/pavcl','pavcl'],
-    '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}',
-    qr/Number of files infected[ .]*: 0+(?!\d)/m,
-    qr/Number of files infected[ .]*: 0*[1-9]/m,
-    qr/Found virus :\s*(\S+)/m ],
+#  ['Panda CommandLineSecure 9 for Linux',
+#    ['/opt/pavcl/usr/bin/pavcl','pavcl'],
+#    '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}',
+#    qr/Number of files infected[ .]*: 0+(?!\d)/m,
+#    qr/Number of files infected[ .]*: 0*[1-9]/m,
+#    qr/Found virus :\s*(\S+)/m ],
   # NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr'
   # before starting amavisd - the bases are then loaded only once at startup.
   # To reload bases in a signature update script:
@@ -631,15 +631,15 @@ $banned_filename_re = new_RE(
 # # (btw, assigning stdin to /dev/null causes RAV to fail)
 
   ### http://www.nai.com/
-  ['NAI McAfee AntiVirus (uvscan)', 'uvscan',
-    '--secure -rv --mime --summary --noboot - {}', [0], [13],
-    qr/(?x) Found (?:
-        \ the\ (.+)\ (?:virus|trojan)  |
-        \ (?:virus|trojan)\ or\ variant\ ([^ ]+)  |
-        :\ (.+)\ NOT\ a\ virus)/m,
+#  ['NAI McAfee AntiVirus (uvscan)', 'uvscan',
+#    '--secure -rv --mime --summary --noboot - {}', [0], [13],
+#    qr/(?x) Found (?:
+#        \ the\ (.+)\ (?:virus|trojan)  |
+#        \ (?:virus|trojan)\ or\ variant\ ([^ ]+)  |
+#        :\ (.+)\ NOT\ a\ virus)/m,
   # sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'},
   # sub {delete $ENV{LD_PRELOAD}},
-  ],
+#  ],
   # NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before
   # anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6
   # and then clear it when finished to avoid confusing anything else.
@@ -647,9 +647,9 @@ $banned_filename_re = new_RE(
   #  qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/
 
   ### http://www.virusbuster.hu/en/
-  ['VirusBuster', ['vbuster', 'vbengcl'],
-    "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
-    qr/: '(.*)' - Virus/m ],
+#  ['VirusBuster', ['vbuster', 'vbengcl'],
+#    "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
+#    qr/: '(.*)' - Virus/m ],
   # VirusBuster Ltd. does not support the daemon version for the workstation
   # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of
   # binaries, some parameters AND return codes have changed (from 3 to 1).
@@ -663,37 +663,37 @@ $banned_filename_re = new_RE(
 # # although the man-page tells a different story
 
   ### http://www.cyber.com/
-  ['CyberSoft VFind', 'vfind',
-    '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m,
+#  ['CyberSoft VFind', 'vfind',
+#    '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m,
   # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'},
-  ],
+#  ],
 
   ### http://www.avast.com/
-  ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
-    '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ],
+#  ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
+#    '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ],
 
   ### http://www.ikarus-software.com/
-  ['Ikarus AntiVirus for Linux', 'ikarus',
-    '{}', [0], [40], qr/Signature (.+) found/m ],
+#  ['Ikarus AntiVirus for Linux', 'ikarus',
+#    '{}', [0], [40], qr/Signature (.+) found/m ],
 
   ### http://www.bitdefender.com/
-  ['BitDefender', 'bdscan',  # new version
-    '--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m,
-    qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m,
-    qr/(?:suspected|infected)\s*:\s*(.*)(?:\033|$)/m ],
+#  ['BitDefender', 'bdscan',  # new version
+#    '--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m,
+#    qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m,
+#    qr/(?:suspected|infected)\s*:\s*(.*)(?:\033|$)/m ],
 
   ### http://www.bitdefender.com/
-  ['BitDefender', 'bdc',  # old version
-    '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m,
-    qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m,
-    qr/(?:suspected|infected): (.*)(?:\033|$)/m ],
+#  ['BitDefender', 'bdc',  # old version
+#    '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m,
+#    qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m,
+#    qr/(?:suspected|infected): (.*)(?:\033|$)/m ],
   # consider also: --all --nowarn --alev=15 --flev=15.  The --all argument may
   # not apply to your version of bdc, check documentation and see 'bdc --help'
 
   ### ArcaVir for Linux and Unix http://www.arcabit.pl/
-  ['ArcaVir for Linux', ['arcacmd','arcacmd.static'],
-    '-v 1 -summary 0 -s {}', [0], [1,2],
-    qr/(?:VIR|WIR):[ \t]*(.+)/m ],
+#  ['ArcaVir for Linux', ['arcacmd','arcacmd.static'],
+#    '-v 1 -summary 0 -s {}', [0], [1,2],
+#    qr/(?:VIR|WIR):[ \t]*(.+)/m ],
 
 # ### a generic SMTP-client interface to a SMTP-based virus scanner
 # ['av_smtp', \&ask_av_smtp,
@@ -715,6 +715,7 @@ $banned_filename_re = new_RE(
 # # NOTE: place file JpegTester.pm somewhere where Perl can find it,
 # #       for example in /usr/local/lib/perl5/site_perl
 
+  ['always-clean', sub {0}],
 );