Kmail and Avast Scanner for Linux

Current version of Kmail has an antivirus wizard that sets up filters that are piped through to selected AV programs. They are:

Clam
Sophos
F-Prot
Anti-Vir

If the wizard detects any of the above AV programs installed than it will set up filters to scan using the selecting AV scanner to scan incoming or outgoing email. This doesn’t mean Avast cannot be used in the same manner. It does mean the proper filtering needs to be set up thus bypassing the antivirus wizard in Kmail.

For example. If F-prot is installed and selected than the wizard will set up the proper filters to “pipe through” a script called, kmail_fprot.sh, which is as follows:

TEMPFILE=`mktemp` 
if [ $? != 0 ] ; then 
    TEMPFILE=`mktemp /tmp/kmail.XXXXXX` 
fi 
export TEMPFILE
cat > $TEMPFILE
f-prot -archive 3 $TEMPFILE > /dev/null
RC=$?
if [ $RC -eq 0 ] ; then
    echo "X-Virus-Flag: no"
else
    case $RC in
        1 ) DESC="no - Unrecoverable error" ;;
        2 ) DESC="no - Selftest failed" ;;
        3 ) DESC="yes - Virus-infected object found" ;;
        4 ) DESC="no - Reserved" ;;
        5 ) DESC="no - Abnormal termination" ;;
        6 ) DESC="no - Virus was removed" ;;
        7 ) DESC="no - Error, out of memory" ;;
        8 ) DESC="yes - Something suspicious found" ;;
    esac
    echo "X-Virus-Flag: $DESC"
fi

cat $TEMPFILE
rm $TEMPFILE

And email messages using Clam would be piped through, kmail_clam.sh and looks like this

TEMPFILE=`mktemp` 
if [ $? != 0 ] ; then 
    TEMPFILE=`mktemp /tmp/kmail.XXXXXX` 
fi 
export TEMPFILE
cat > $TEMPFILE
if clamscan --stdout --no-summary --mbox $TEMPFILE | grep -q FOUND; then
echo "X-Virus-Flag: yes"
else
echo "X-Virus-Flag: no"
fi
cat $TEMPFILE
rm $TEMPFILE

And Anti-Vir is, kmail_antivir.sh

MPFILE=`mktemp` 
if [ $? != 0 ] ; then 
    TEMPFILE=`mktemp /tmp/kmail.XXXXXX` 
fi 
export TEMPFILE
cat > $TEMPFILE
if antivir --scan-in-archive --scan-in-mbox $TEMPFILE | grep -q ALERT; then
echo "X-Virus-Flag: yes"
else
echo "X-Virus-Flag: no"
fi
cat $TEMPFILE
rm $TEMPFILE

And Sophos is, kmail_sav.sh

EMPFILE=`mktemp` 
if [ $? != 0 ] ; then 
    TEMPFILE=`mktemp /tmp/kmail.XXXXXX` 
fi 
export TEMPFILE
cat > $TEMPFILE
if sweep -ss -mime $TEMPFILE | grep -q found; then
echo "X-Virus-Flag: yes"
else
echo "X-Virus-Flag: no"
fi
cat $TEMPFILE
rm $TEMPFILE

What we need for Avast to work (I think), is to create a, kmail_avast.sh. I’m no programmer by any means but as far as I can tell this is what we need to get Avast scanning email using KDE Kmail. Any suggestions would be productive.

Please see the attached images to view filtering rules using F-Prot.

It would be nice…
The absence of a GUI to update, run on-demand scannings, etc., makes avast for Linux very unatractive.
If you succeed making this script, it will be a very good thing in my opinion.

Nice to know you’re arround Culpeper 8)

We would need someone to write a script like the ones above to fit Avast. The best person to do this would be one of the Avast staff familar with Linux as well as Avast for Linux commands and syntax. It might be as simple as copying one of the scripts and changing the appropriate commands and syntax to fit Avast. I don’t know.

Here’s the script, please try it:


TEMPFILE=`mktemp` 
if [ $? != 0 ] ; then 
    TEMPFILE=`mktemp /tmp/kmail.XXXXXX` 
fi 
export TEMPFILE
cat > $TEMPFILE
avast -h >/dev/null 2>&1
if [ $? -eq  41 ]; then \
    avast -ai -t=A $TEMPFILE > /dev/null; \
else \
    avastcmd -ai -t=A $TEMPFILE > /dev/null; \
fi
RC=$?
if [ $RC -eq 0 ] ; then
    echo "X-Virus-Flag: no"
else
    case $RC in
        1 | 3 ) DESC="yes" ;;
        2 ) DESC="no - Virus was removed" ;;
        24 ) DESC="no - Encrypted" ;;
        * ) DESC="no - Failed" ;;
    esac
    echo "X-Virus-Flag: $DESC"
fi

cat $TEMPFILE
rm $TEMPFILE

Will do…Thanx!

dublin

Your script works testing with eicar.zip.

thx