############################################################################## ## This is a supplemental environmental setup file for Virus Snaggers(tm) ## ver. 2.x. It will be called from the Virus Snaggers INCLUDERC. Please ## clearly mark any changes you make! (And keep a backup of the original.) ############################################################################## ## LINES COMMENTED WITH "[+]" ARE INTENDED FOR YOUR CUSTOMIZATION. USE A ## UNIX-COMPATIBLE EDITOR ONLY! ## ## We will want to call a "standard" vars set, which ## can also be useful in general procmail coding ## outside of Virus Snaggers. If you have altered ## the name of the included file or placed it in a ## location other than the dir where Virus Snaggers ## lives, change the value of $VS_GENVARS here: # [+] the genvars file must be present VS_GENVARS = vsnag.genvars.rc ############################################################################## ## ## The vars in this section are all configurable. ## The $MYVIRUS var tells Virus Snaggers where to ## deliver tainted messages. Change the default ## value (filename "VIRUS", delivered to the ## current directory) if desired. For maildir ## format, append a slash ("/"). ## ## $VS_HOOK is for tweakers who want custom logs. ## ## $MYDOMAINSTUB can in most cases be left unset. ## Virus Snaggers will find the value from $HOST. ## If you accept mail from other domains, e.g., via ## .forward files, see the readme file for how to ## set this var. MYVIRUS = VIRUS # [+] filename where viruses will be saved # MYVIRUS = /dev/null # [+] only uncomment this one if you are very sure VS_HOOK # [+] DEFAULT is UNSET (don't run a pre-delivery rc) # VS_HOOK = myhook.rc # [+] if set, run a custom rc just before delivery MYDOMAINSTUB # [+] DEFAULT is UNSET (let VS guess based on $HOST) # MYDOMAINSTUB = foo # [+] an example: mail re-routed from server.foo.com MYDOMAIN_IP = # [+] let Vsnag guess, or set to your server's IP VS_SPAMMY # [+] non-infected, spammy-looking things go where? # VS_SPAMMY = SPAM # [+] uncomment/change to save such to this folder h # [+] DEFAULT is UNSET (full virus message saved) # h = h # [+] uncomment to save virus message headers only ############################################################################## ## ## "Boolean" vars below. Check the commented lines ## (#) and edit as desired. One of the paired lines ## must be uncommented for each var in this section. NONDELIVER = no # [+] DEFAULT (do not suppress delivery to $MYVIRUS) # NONDELIVER = yes # [+] suppress delivery (permit post-processing) VBELL = no # [+] DEFAULT (supress bell on virus) # VBELL = yes # [+] enable bell on virus (debugging aid) AGGRESSIVE = no # [+] DEFAULT won't block ranged ZIPs; sane sniffing # AGGRESSIVE = yes # [+] block ranged ZIPs and expand some scanning ############################################################################## ## ## [+] This section's lists define dangerous file- ## extensions that Virus Snaggers will look for and ## block. Change the lists if you wish and if you ## know what you are doing, by adding or deleting ## lines. Do not deviate from the format shown. ## No comments should go inside the lists. VS_NASTYEXT = 'bat|\ cmd|\ com|\ cpl|\ exe|\ hta|\ pif|\ scr|\ shs|\ vbs|\ vbe|\ wmf|\ wsf|\ wsh|\ ' # DO NOT delete this line! VS_NASTY64 = '52Ym[UVWX]|\ 52Yn[MNOP]|\ 53c2[YZab]|\ 53c2[ghij]|\ 56aX[ABCD]|\ 5CQV[QRST]|\ 5DT0[0123]|\ 5DTU[QRST]|\ 5DUE[wxyz]|\ 5FWE[UVWX]|\ 5IVE[EFGH]|\ 5QSU[YZab]|\ 5TQ1[IJKL]|\ 5TSF[MNOP]|\ 5WQk[UVWX]|\ 5WQl[MNOP]|\ 5XU0[YZab]|\ 5XU0[ghij]|\ 5aSV[ABCD]|\ 5iYX[QRST]|\ 5jb2[0123]|\ 5jbW[QRST]|\ 5jcG[wxyz]|\ 5leG[UVWX]|\ 5odG[EFGH]|\ 5waW[YZab]|\ 5zY3[IJKL]|\ 5zaH[MNOP]|\ LkJBV|\ LkNNR|\ LkNPT|\ LkNQT|\ LkVYR|\ LkhUQ|\ LlBJR|\ LlNDU|\ LlNIU|\ LlZCR|\ LlZCU|\ LldTR|\ LldTS|\ LlpJU|\ LmJhd|\ LmNtZ|\ LmNvb|\ LmNwb|\ LmV4Z|\ Lmh0Y|\ LnBpZ|\ LnNjc|\ LnNoc|\ LnZiZ|\ LnZic|\ LndzZ|\ Lndza|\ Lnppc|\ uQ01E|\ uQ09N|\ uQ1BM|\ uQkFU|\ uRVhF|\ uSFRB|\ uU0NS|\ uU0hT|\ uUElG|\ uV1NG|\ uV1NI|\ uVkJF|\ uVkJT|\ uWklQ|\ uY21k|\ uY29t|\ uY3Bs|\ uYmF0|\ uZXhl|\ uaHRh|\ uc2Ny|\ uc2hz|\ ucGlm|\ ud3Nm|\ ud3No|\ udmJl|\ udmJz|\ uemlw|\ ' # DO NOT delete this line! ############################################################################## ## ## Below are special numerical vars used by Virus ## Snaggers. Most here are also intended to be ## configurable. However, I urge you to try the ## defaults and only change them if you're sure. ## N.B.: DO NOTHING HERE IF YOU ARE NOT SURE! VS_ZIPMIN = 12287 # [+] 12k - 1 byte; change value if desired VS_ZIPMAX = 49153 # [+] 48k + 1 byte; change value if desired RCVD_THRESHOLD = 2 # [+] Received count *under* this considered local ############################################################################## ## ## Here are listed all other variables[1] that get ## set or changed within the Virus Snaggers main ## file, along with brief descriptions of their use. ## The asterisked ones "[*]" allow for custom ## overrides should you have duplicate functionality ## in your own rc. You might then want to set the ## varname here to point to your existing varname. ## N.B.: DO NOTHING IF YOU'RE NOT SURE! ## ## [1] Note that vars in the genvars file, q.v., ## augment these. _SELF = $_ # this line tests whether we've been to this file! ALOCK # conditional lockfile colon logtext # used for exit messages echoed to log H_CTYPE # [*] will hold the value of any Content-Type header # H_CTYPE = "$MYCTYPE" # [*] commented example for setting your own value H_FROM # [*] will hold the value of the From header H_MSGID # [*] will hold the value of the Message-ID header H_XMAILER # [*] will hold the value of the X-Mailer header H_BTM_CLIENT # the asserted original (bottom) sending client H_RCVD_COUNT # the count of standard Received headers VS_ATTACH # will mark files likely to contain attachments # VS_DIAGS # used by the vsnag.point-n-shoot.sh diags script # VS_DEBUG # set on in your rc before calling vsnag (see FAQs) VS_DELIVER # at delivery, takes value of $MYVIRUS or VS_SPAMMY VS_EXT # will hold the extension type of attachment found # VS_HOME # dir where Virus Snaggers lives; DO NOT UNCOMMENT! VS_SHELLMETAS # temporary repository for $SHELLMETAS while nulled # VS_OLDTRAP # store any prior $TRAP; DO NOT UNCOMMENT! # VS_OLDVERBOSE # store prior $VERBOSE setting; DO NOT UNCOMMENT! VS_OUT # will be set to $VS_VER:identifying_msg if "virusy" # VS_MINBUF # vsnag's min is 24K. It gets set if you have less VS_PATHFINDER # used to call genvars and myvars VS_VER = vsnag222b # identifies the current version of Vsnag in output ############################################################################## ## ## The $SHELL under which procmail is to run when it ## spawns processes should not be changed unless you ## know very well what you are doing. SHELL = /bin/sh # portable, predictable, parsimonious ############################################################################## # This file is copyright and incorporates by reference the notice of copy- # right and license agreement from the Virus Snaggers main and readme files. ##############################################################################