AggiornamentiScandalo it's a very quick and simple mailfilter working as a wrapper for clamd, the famous
Clamav antivirus daemon.
It's distributed under the opensource GPL v2 licence, in source format.
Once integrated in maildrop or any MTA or MUA, it can quickly read your mails from standard input (ex. your
mailfilter software like maildrop, procmail or smtp server daemon) and directly send it to the clamd process
for virus scanning.
When a virus is found, the mail is marked with a header, so you can easily and happily setup your mailfilter
or MUA to drop, quarantine or move to a mailfolder the infected mail.
ex:
X-Virus-Ret: 1
X-Virus-stream: Eicar-Test-Signature FOUND
The scandalo's algorithm is designed to not load the complete mail in memory so you or your system administrator
can sleep without any trouble, also for CPU happyness and performance the mail will be scanned on a single pass.
Low CPU and memory usage and performace of scandalo make it suitable for mailserver with more than 5000 mail
users and high loaded servers.Scandalo search for clamav clamdscan executable in /usr/bin/clamdscan.
You can override this modifying the #define in scandalo.c at compile time or setting up a soft link.
You have to remember that clamd daemon must be running to get scandalo making the virus scan.
On errors (ex clamd is down), clamdscan will delivery the mail without virus scanning.
To get the mail on a single pass scan, scandalo uses a line buffer of 6*1024 characters, so any mail
with more than 6*1024 bytes in header or body will get line truncated.
This is also a security implementation. Most mailserver dameon have this kind of check, for example
Courier MTA, where the maximum characters per line is setted at compile time to 5000.
Any idea, comment, feature request is apprecated.
| Last released version: | Scandalo clamdscan frontend - 1.0 Stable |
| Subversion link | http://svn.tuxweb.it/SVN/projects/scandalo/ |
| Source .tar.gz | Scandalo clamdscan frontend - 1.0 Stable |