diff --git a/package/sirkull/anomy-mailtools/anomy-mailtools.conf b/package/sirkull/anomy-mailtools/anomy-mailtools.conf new file mode 100644 index 000000000..a8aac7943 --- /dev/null +++ b/package/sirkull/anomy-mailtools/anomy-mailtools.conf @@ -0,0 +1,63 @@ +# --- ROCK-COPYRIGHT-NOTE-BEGIN --- +# +# This copyright note is auto-generated by ./scripts/Create-CopyPatch. +# Please add additional copyright information _after_ the line containing +# the ROCK-COPYRIGHT-NOTE-END tag. Otherwise it might get removed by +# the ./scripts/Create-CopyPatch script. Do not edit this copyright text! +# +# ROCK Linux: rock-src/package/sirkull/anomy-mailtools/anomy-mailtools.conf +# ROCK Linux is Copyright (C) 1998 - 2004 Clifford Wolf +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. A copy of the GNU General Public +# License can be found at Documentation/COPYING. +# +# Many people helped and are helping developing ROCK Linux. Please +# have a look at http://www.rocklinux.org/ and the Documentation/TEAM +# file for details. +# +# --- ROCK-COPYRIGHT-NOTE-END --- + +if [ $prefix_auto = 1 ] ; then + prefix="opt/anomy-mailtools" + set_confopt +fi + +anomy_custmain() { + # Create necessary directories + mkdir -p $root/$bindir/Anomy/Sanitizer + mkdir -p $root/$datadir/contrib + mkdir -p $root/$datadir/testcases/results.def + + # Install the executables + install -v -m 755 bin/*.pl contrib/check_for_virus $root/$bindir + install -v -m 644 bin/Anomy/*.pm $root/$bindir/Anomy + install -v -m 644 bin/Anomy/Sanitizer/*.pm $root/$bindir/Anomy/Sanitizer + + # Install the contributed files and testcases + install -v -m 644 contrib/* $root/$datadir/contrib + install -v -m 644 testcases/* $root/$datadir/testcases || true + install -v -m 644 testcases/results.def/* $root/$datadir/testcases/results.def + + # Install the docs + for I in CHANGELOG.sanitizer CREDITS README.sanitizer \ + sanitizer.html UNICODE.TXT + do + install -v -m 644 $I $root/$docdir + done + + # Install a sample config that uses ClamAV + install -v -m 644 $confdir/sanitizer.cfg $root/$sysconfdir + + # Set up the environment variable + echo "Creating /etc/profile.d/$pkg ..." + cat <<- EOT > $root/etc/profile.d/$pkg + export ANOMY=$root/opt/$pkg + EOT +} + +custmain="anomy_custmain" +createdocs=0 + diff --git a/package/sirkull/anomy-mailtools/anomy-mailtools.desc b/package/sirkull/anomy-mailtools/anomy-mailtools.desc new file mode 100644 index 000000000..b035a7433 --- /dev/null +++ b/package/sirkull/anomy-mailtools/anomy-mailtools.desc @@ -0,0 +1,54 @@ +[COPY] --- ROCK-COPYRIGHT-NOTE-BEGIN --- +[COPY] +[COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch. +[COPY] Please add additional copyright information _after_ the line containing +[COPY] the ROCK-COPYRIGHT-NOTE-END tag. Otherwise it might get removed by +[COPY] the ./scripts/Create-CopyPatch script. Do not edit this copyright text! +[COPY] +[COPY] ROCK Linux: rock-src/package/sirkull/anomy-mailtools/anomy-mailtools.desc +[COPY] ROCK Linux is Copyright (C) 1998 - 2004 Clifford Wolf +[COPY] +[COPY] This program is free software; you can redistribute it and/or modify +[COPY] it under the terms of the GNU General Public License as published by +[COPY] the Free Software Foundation; either version 2 of the License, or +[COPY] (at your option) any later version. A copy of the GNU General Public +[COPY] License can be found at Documentation/COPYING. +[COPY] +[COPY] Many people helped and are helping developing ROCK Linux. Please +[COPY] have a look at http://www.rocklinux.org/ and the Documentation/TEAM +[COPY] file for details. +[COPY] +[COPY] --- ROCK-COPYRIGHT-NOTE-END --- + +[I] An email vulnerability protector and sanitizer + +[T] The Anomy sanitizer is what most people would call "an email virus +[T] scanner". That description is not totally accurate, but it does cover +[T] one of the more important jobs that the sanitizer can do for you - it +[T] can scan email attachments for viruses. Other things it can do: +[T] +[T] * Disable potentially dangerous HTML code, such as javascript, +[T] within incoming email. +[T] +[T] * Protect you from email-based break-in attempts which exploit bugs +[T] in common email programs (Outlook, Eudora, ..). +[T] +[T] * Block or "mangle" attachments based on their file names. This way +[T] if you don't *need* to recieve e.g. visual basic scripts, then you +[T] don't have to worry about the security risk they imply. This lets +[T] you protect yourself and your users from whole classes of attacks, +[T] without relying on complex, resource intensive and outdated virus +[T] scanning solutions. + +[A] Bjarni R. Einarsson +[M] Chris Efant + +[C] extra/network extra/security + +[L] GPL +[S] Stable +[V] 1.68 +[P] X -----5---9 231.000 + +[D] 4122164238 anomy-sanitizer-1.68.tar.gz http://mailtools.anomy.net/dist/ + diff --git a/package/sirkull/anomy-mailtools/clamav.patch b/package/sirkull/anomy-mailtools/clamav.patch new file mode 100644 index 000000000..80061f404 --- /dev/null +++ b/package/sirkull/anomy-mailtools/clamav.patch @@ -0,0 +1,45 @@ +# --- ROCK-COPYRIGHT-NOTE-BEGIN --- +# +# This copyright note is auto-generated by ./scripts/Create-CopyPatch. +# Please add additional copyright information _after_ the line containing +# the ROCK-COPYRIGHT-NOTE-END tag. Otherwise it might get removed by +# the ./scripts/Create-CopyPatch script. Do not edit this copyright text! +# +# ROCK Linux: rock-src/package/sirkull/anomy-mailtools/clamav.patch +# ROCK Linux is Copyright (C) 1998 - 2004 Clifford Wolf +# +# This patch file is dual-licensed. It is available under the license the +# patched project is licensed under, as long as it is an OpenSource license +# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms +# of the GNU General Public License as published by the Free Software +# Foundation; either version 2 of the License, or (at your option) any later +# version. +# +# --- ROCK-COPYRIGHT-NOTE-END --- + +--- ./contrib/check_for_virus.orig 2001-08-13 12:10:10.000000000 -0400 ++++ ./contrib/check_for_virus 2003-08-25 10:17:26.000000000 -0400 +@@ -49,6 +49,23 @@ + logger "virus check for $1: ok" + echo "CLEAN : OK" + fi ++# ClamAV (Clam AntiVirus) ++elif test -x /usr/bin/clamdscan; then ++ STATUS= ++ /usr/bin/clamdscan --quiet "$1" ++ RETURNCODE=$? ++ if test $RETURNCODE -eq 1; then ++ STATUS="virus found" ++ RET=3 ++ fi ++ if test -n "$STATUS"; then ++ INFO=`/usr/bin/clamdscan --disable-summary --stdout "$1"|cut -f2 -d' '` ++ logger "virus check for $1: VIRUS FOUND!! - $INFO" ++ echo "VIRUS : $INFO" ++ else ++ logger "virus check for $1: ok" ++ echo "CLEAN : OK" ++ fi + # AVP (Kaspersky Anti-Virus for Linux) + elif test -x /usr/bin/kavscanner; then + STATUS= diff --git a/package/sirkull/anomy-mailtools/sanitizer.cfg b/package/sirkull/anomy-mailtools/sanitizer.cfg new file mode 100644 index 000000000..dac12fc02 --- /dev/null +++ b/package/sirkull/anomy-mailtools/sanitizer.cfg @@ -0,0 +1,105 @@ +# Do not log to STDERR: +feat_log_stderr = 0 +feat_log_inline = 0 +feat_log_xml = 0 + +# Advertisement to insert in each mail header: +header_info = X-Sanitizer: Anomy Mail Sanitizer +header_url = 0 +header_rev = 0 + +# Enable filename based policy decisions: +feat_files = 1 + +# Protect against buffer overflows and null values: +feat_lengths = 1 + +# Fix invalid and ambiguous MIME boundaries, if possible: +feat_fixmime = 1 + +# Trust signed and/or encrypted messages: +feat_trust_pgp = 1 +msg_pgp_warning = WARNING: Unsanitized content follows.\n + +# Defang shell scripts: +feat_scripts = 1 + +# Defang active HTML: +feat_html = 0 + +# Defang UUEncoded files: +feat_uuencoded = 1 + +# Sanitize forwarded content too: +feat_forwards = 1 + +# Testing? Set to 1 for testing, 0 for production: +feat_testing = 0 + +# Warn user about unscanned parts, etc. +feat_verbose = 1 + +# Force all parts (except text/html parts) to +# have file names. +feat_force_name = 1 + +# Disable web bug +feat_webbugs = 1 + +# Disable "score" based mail discarding: +score_panic = 0 +score_bad = 0 + +# Define message for dropped files + +msg_file_drop = \n*****\n +msg_file_drop += NOTE: An attachment named %FILENAME was deleted from this message\n +msg_file_drop += because it contained a windows executable or other potentially\n +msg_file_drop += dangerous file type.\n\n +msg_file_drop += Contact the system administrator for more information.\n + + +## +## File attachment name mangling rules: +## + +# Specify the Anomy temp file and quarantine directory +file_name_tpl = /var/opt/anomy/quarantine/att-$F-$T.$$ + +# Number of rulesets we are defining: +file_list_rules = 4 + +# Quarantine dangerous attachments: +file_list_1 = (?i)(winmail.dat)| +file_list_1 += (\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf +file_list_1 += |asd|cab|sh[sb]|scr|cpl|chm|ws[fhc]|hta|vcd|vcf|eml|nws))$ +file_list_1_policy = save +file_list_1_scanner = 0 + +# Allow through some safe file types +file_list_2 = (?i)\.(gif|jpe?g|pn[mg]|x[pb]m|dvi|e?ps|p(df|cx)|bmp +file_list_2 += |mp[32]|wav|au|ram? +file_list_2 += |avi|mov|mpe?g +file_list_2 += |t(xt|ex)|csv|l(og|yx)|sql|jtmpl +file_list_2 += |[ch](pp|\+\+)?|s|inc|asm|pa(tch|s)|java|php\d? +file_list_2 += |[ja]sp +file_list_2 += |patch|diff +file_list_2 += |can|pos|ux|reg|kbf|xal|\d+)(\.g?z|\.bz\d?)*$ +file_list_2_policy = accept +file_list_2_scanner = 0 + +# Scan potentially dangerous filetypes and quarantine if infected +file_list_3 = (?i)\.(xls|d(at|oc)|p(pt|l)|rtf|html|pdf +file_list_3 += |sxw|sxc +file_list_3 += |class|swf|upd|wp\d?|m?db +file_list_3 += |z(ip|oo)|ar[cj]|lha|[tr]ar|rpm|deb|slp|tgz +file_list_3 += )(\.g?z|\.bz\d?)*$ +file_list_3_policy = accept:accept:save:save +file_list_3_scanner = 0:2:3:/opt/anomy/bin/check_for_virus %FILENAME + +# Scan everyting else and mangle the file name (to prevent Outlook from +# auto-executing something) +file_list_4 = (?i)(.*) +file_list_4_policy = defang:defang:save:save +file_list_4_scanner = 0:2:3:/opt/anomy/bin/check_for_virus %FILENAME +