The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Small scripting task - Global file for /etc/antivirus.exim ?

Discussion in 'General Discussion' started by jols, Jun 1, 2007.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Am using the /etc/antivirus.exim file to filter out some persistant spammers.

    Got a few servers that should work with the exact same antivirus.exim file.

    Question - How could I get the antivirus.exim file to reference a web page, e.g. something like http://domain.com/filter.txt

    I would guess that I will need to cron a shell script to go out and bring in filter.txt every-so-many-minutes, then replace the content of antivirus.exim with the content of http://domain.com/filter.txt

    But I am hard pressed to find any scripting example of this kind of thing.

    Anyone?


    ----

    By the way, if this helps anyone, here is my current antivirus.exim file which seems to lower the spam rate by some degree:

    # Exim filter
    if error_message then finish endif
    if
    $message_headers contains "tpnet.pl"
    or $header_subject contains "SEXUALLY-EXPLICIT"
    or $message_body contains "tzakol"
    or $message_body contains "LegalRX"
    or $message_body contains "Anatrim"
    or $message_body contains "PostCard.exe"
    or $message_body contains "go.ro"
    or $message_body contains "Viagra"
    or $message_body contains "viagra"
    or $message_body contains "Stocks Alert"
    or $message_body contains "St0ck"
    or $message_body contains "H0T NEWS"
    or $message_body contains "Str0ng Buy"
    or $message_body contains "businesswire"
    or $message_body contains "BUSINESS WIRE"
    or $message_body contains "phentermine"
    or $message_body contains "Phentermine"
    or $message_body contains "your meds"
    then
    save "/dev/null" 660
    endif


    ------------------------------------

    Follow up question ---> Does anyone know of a way that I could make these rules caseUNsensitive, i.e. so I would not need two or more rules to cover caps, like this:

    or $message_body contains "Viagra"
    or $message_body contains "viagra"
     
  2. nazmy

    nazmy Member

    Joined:
    Oct 31, 2004
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    actually "contains" is not case sensitive , if you wanna set a case sensitive rule use "CONTAINS"
     
  3. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Cool! Thanks very much for that.

    By the way, regarding the other question I am going to start experimenting with a shell script that looks something like this:


    #!/bin/bash
    cd /etc
    wget http://www.domain.com/antis.txt
    mv -f antivirus.exim antivirus.exim.backup
    mv -f antis.txt antivirus.exim
    chown root:root antivirus.exim
    service exim restart
    done


    Not sure if it'll work, we'll see.
     
  4. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38

    Yup. Works, just needed to get rid of the "done". Full script then is like this:


    #!/bin/bash
    cd /etc
    wget http://www.domain.com/antis.txt
    mv -f antivirus.exim antivirus.exim.backup
    mv -f antis.txt antivirus.exim
    chown root:root antivirus.exim
    service exim restart
     
  5. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Here's a better version with a conditional, in case the imported file is not found:

    #!/bin/bash
    cd /etc
    if wget http://www.domain.com/antis.txt
    then
    mv -f antivirus.exim antivirus.exim.backup
    mv -f antis.txt antivirus.exim
    chown root:root antivirus.exim
    service exim restart
    else
    echo "Could not download file. Aborting." 1>&2
    exit 1
    fi


    Without the condition, we'd be removing the antivirus.exim file and restarting exim without it, IF the import file was not found.

    I know all this is shell scripting 101 for most here, but is certainly a new way to use this stuff for me.
     
Loading...
Similar Threads - Small scripting task
  1. albatroz
    Replies:
    1
    Views:
    281

Share This Page