Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Small scripting task - Global file for /etc/antivirus.exim ?

Discussion in 'General Discussion' started by jols, Jun 1, 2007.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    3
    Trophy Points:
    168
    Am using the /etc/antivirus.exim file to filter out some persistant spammers.

    Got a few servers that should work with the exact same antivirus.exim file.

    Question - How could I get the antivirus.exim file to reference a web page, e.g. something like http://domain.com/filter.txt

    I would guess that I will need to cron a shell script to go out and bring in filter.txt every-so-many-minutes, then replace the content of antivirus.exim with the content of http://domain.com/filter.txt

    But I am hard pressed to find any scripting example of this kind of thing.

    Anyone?


    ----

    By the way, if this helps anyone, here is my current antivirus.exim file which seems to lower the spam rate by some degree:

    # Exim filter
    if error_message then finish endif
    if
    $message_headers contains "tpnet.pl"
    or $header_subject contains "SEXUALLY-EXPLICIT"
    or $message_body contains "tzakol"
    or $message_body contains "LegalRX"
    or $message_body contains "Anatrim"
    or $message_body contains "PostCard.exe"
    or $message_body contains "go.ro"
    or $message_body contains "Viagra"
    or $message_body contains "viagra"
    or $message_body contains "Stocks Alert"
    or $message_body contains "St0ck"
    or $message_body contains "H0T NEWS"
    or $message_body contains "Str0ng Buy"
    or $message_body contains "businesswire"
    or $message_body contains "BUSINESS WIRE"
    or $message_body contains "phentermine"
    or $message_body contains "Phentermine"
    or $message_body contains "your meds"
    then
    save "/dev/null" 660
    endif


    ------------------------------------

    Follow up question ---> Does anyone know of a way that I could make these rules caseUNsensitive, i.e. so I would not need two or more rules to cover caps, like this:

    or $message_body contains "Viagra"
    or $message_body contains "viagra"
     
  2. nazmy

    nazmy Member

    Joined:
    Oct 31, 2004
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    151
    actually "contains" is not case sensitive , if you wanna set a case sensitive rule use "CONTAINS"
     
  3. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    3
    Trophy Points:
    168
    Cool! Thanks very much for that.

    By the way, regarding the other question I am going to start experimenting with a shell script that looks something like this:


    #!/bin/bash
    cd /etc
    wget http://www.domain.com/antis.txt
    mv -f antivirus.exim antivirus.exim.backup
    mv -f antis.txt antivirus.exim
    chown root:root antivirus.exim
    service exim restart
    done


    Not sure if it'll work, we'll see.
     
  4. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    3
    Trophy Points:
    168

    Yup. Works, just needed to get rid of the "done". Full script then is like this:


    #!/bin/bash
    cd /etc
    wget http://www.domain.com/antis.txt
    mv -f antivirus.exim antivirus.exim.backup
    mv -f antis.txt antivirus.exim
    chown root:root antivirus.exim
    service exim restart
     
  5. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    3
    Trophy Points:
    168
    Here's a better version with a conditional, in case the imported file is not found:

    #!/bin/bash
    cd /etc
    if wget http://www.domain.com/antis.txt
    then
    mv -f antivirus.exim antivirus.exim.backup
    mv -f antis.txt antivirus.exim
    chown root:root antivirus.exim
    service exim restart
    else
    echo "Could not download file. Aborting." 1>&2
    exit 1
    fi


    Without the condition, we'd be removing the antivirus.exim file and restarting exim without it, IF the import file was not found.

    I know all this is shell scripting 101 for most here, but is certainly a new way to use this stuff for me.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice