[Bug 151826] New: silently letting viruses through in case clamd is not (yet) running

Olivier Vitrat ovit.debian at gmail.com
Sat Nov 3 21:31:01 GMT 2007 

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
         
http://bugs.kde.org/show_bug.cgi?id=151826         
           Summary: silently letting viruses through in case clamd is not
                    (yet) running
           Product: kmail
           Version: unspecified
          Platform: Debian testing
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: general
        AssignedTo: kdepim-bugs kde org
        ReportedBy: ovit.debian gmail com


Version:            (using KDE KDE 3.5.5)
Installed from:    Debian testing/unstable Packages

Reported in Debian BTS at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435325

Package: kmail
Version: 3.5.5.dfsg.1-6
Severity: important

package clamav-daemon  in version 0.90.1-3etch4 contains program "clamdscan"
package kmail contains program kmail_clamav.sh

if you configure kmail to scan incoming email for viruses, it automatically 
adds filter rules for clamav by using the kmail_clamav.sh script.

when clamd is starting, it takes about 3 minutes until it is running.

so when a typical user starts his computer, loggs in to KDE, starts kmail, 
receives email, then all viruses silently pass through because 
kmail_clamav.sh just sais X-Virus-Flag: No in case clamdscan fails. and 
clamdscan fails in case clamd is not yet running. clamd is not yet running 
because it takes 3 minutes on each first start.

i think it is a fundamental problem with kmail filter scripts that they cannot 
report errors. if you add output to stderr in a kmail filter script and then 
return a error code, if you check the filter log in kmail, you see that the 
filter failed. but if you do not check the log, the filter just silently 
fails.

but it also is not a solution to change kmail_clamav.sh so that if anything 
fails it always adds X-Virus-Flag: Yes.

maybe kmail_clamav.sh should add a big header to the email saying that the 
virus check failed and it is unsure if this email contains a virus or not.


but the current behaviour of just silently passing unchecked data is not 
really good...



thx
cya
erik

More information about the Kdepim-bugs mailing list