-
-
Notifications
You must be signed in to change notification settings - Fork 2
qscanq.8
qscanq - qmail virus scanner
qscanq [ prog arg1 arg2 arg3... ]
qscanq(8) allows indimail to initiate a scan on an incoming mail. It gets invoked by indimail programs using qmail-queue frontend when the QMAILQUEUE environment is set to qscanq or when passed as a command line argument having qscanq like below (which will have the message pass through qmail-dkim and qmail-qfilter).
QMAILQUEUE="/usr/sbin/qmail-dkim /usr/sbin/qscanq"
qscanq(8) initiates a scan on an incoming email, and returns the exit status of the scanner or of qmail-queue to the caller.
qscanq needs no arguments. It may be called with optional arguments, which will then be treated as a program to be called instead of qmail-queue. The arguments will be passed on to qscanq-stdin, which actually calls qmail-queue, if no arguments are given.
qscanq runs setuid to the qscand user. When invoked, it changes to the spool directory and creates a working directory based on a timestamp, the PID, and a counter, with the sticky bit set. It then changes to that directory and invokes qscanq-stdin. The spool directory is defined during compile time by the file conf-scandir. This can be overridden at run time by the environment variable SCANDIR.
After qscanq-stdin returns, qscanq unsets the sticky bit on its working directory, invokes run-cleanq and then returns the exit status of qscanq-stdin without waiting for run-cleanq to return. qscanq generates no output. The return codes are interpreted by the caller, which in turn generates any user output.
qscanq sets no environment variables. It does pass its environment to qscanq-stdin, which in turn passes them to qmail-queue (or prog, if supplied instead). This means that any qmail-queue wrapper called by qscanq must be able to handle its environment safely.
If the DEBUG environment variable is set to any value whatsoever, then qscanq will print diagnostic messages to stderr whenever an error occurs. This is for use in debugging a new configuration, and should never be used to capture "extra log information" during runtime.
The default scanner to be called is set during compilation in conf-scancmd. This can be overridden at run time by the environment variable SCANCMD. See qscanq-stdin(8)
qscanq can return any code returned by qmail-queue. In addition, it returns 71 (temporary refusal) if any runtime error occurs. The caller may also receive exit status 31 from qscanq-stdin, which is called by qscanq.
In a default install, the clamscan configuration file will be found at /etc/indimail/clamav.conf. Edit the file and follow the contained instructions, making sure that the following entries are set in their appropriate places:
* LogFile stderr * StreamSaveToDisk * User Gqscanq * Foreground * FixStaleSocket
The FixStaleSocket setting is intended to address a problem with clamdscan :
if the daemon crashes,it can leave a stale communications socket lying around. When launched, it detects this socket and refuses to start. When this happens, email will be deferred because scanning will fail; if it is not corrected in time, messages will start to bounce. The startup script supplied below also checks for this condition.
Make sure you are running freshclam in order to get the latest virus definitions in a timely way.
It is recommended that clamd be run as a supervise(8) service. If clamav was installed in the default manner, there should be a qscand user. You should not proceed until that user exists. Stop right now and install qscanq, or at least create the necessary users, and then come back to this step.
That should be it. This daemon will be running as qscand, and will be logging to /var/log/svc/clamd.
cleanq(8), run-cleanq(8), qscanq-stdin(8), qmail-queue(8), qmail-multi(8), clamd(8) clamav.conf(5) clamdscan(1) clamscan(1)