Bug#435325: marked as done (silently letting viruses through in case clamd is not (yet) running)
Your message dated Thu, 18 Jan 2018 16:02:01 +0100
with message-id
and subject line Re: silently letting viruses through in case clamd is not (yet) running
has caused the Debian Bug report #435325,
regarding silently letting viruses through in case clamd is not (yet) running
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
435325: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435325
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: silently letting viruses through in case clamd is not (yet) running
- From: Erik Thiele <erikyyy@erikyyy.de>
- Date: Tue, 31 Jul 2007 09:28:29 +0200
- Message-id: <200707310928.30809.erikyyy@erikyyy.de>
Package: kmail
Version: 3.5.5.dfsg.1-6
Severity: important
package clamav-daemon in version 0.90.1-3etch4 contains program "clamdscan"
package kmail contains program kmail_clamav.sh
if you configure kmail to scan incoming email for viruses, it automatically
adds filter rules for clamav by using the kmail_clamav.sh script.
when clamd is starting, it takes about 3 minutes until it is running.
so when a typical user starts his computer, loggs in to KDE, starts kmail,
receives email, then all viruses silently pass through because
kmail_clamav.sh just sais X-Virus-Flag: No in case clamdscan fails. and
clamdscan fails in case clamd is not yet running. clamd is not yet running
because it takes 3 minutes on each first start.
i think it is a fundamental problem with kmail filter scripts that they cannot
report errors. if you add output to stderr in a kmail filter script and then
return a error code, if you check the filter log in kmail, you see that the
filter failed. but if you do not check the log, the filter just silently
fails.
but it also is not a solution to change kmail_clamav.sh so that if anything
fails it always adds X-Virus-Flag: Yes.
maybe kmail_clamav.sh should add a big header to the email saying that the
virus check failed and it is unsure if this email contains a virus or not.
but the current behaviour of just silently passing unchecked data is not
really good...
thx
cya
erik
--- End Message ---
--- Begin Message ---
Dear bug submitter,
Thank you for reporthing this issue. The bug has been determined not to be
Debian specific, and therefore was reported in the KDE bugtracker; see
https://bugs.kde.org/show_bug.cgi?id=151826.
We are sorry it has not been resolved. However, the version in which the
issue was reported is now obsolete and the upstream tracker has closed the
issue. Thus we are also closing the issue in Debian bug tracker.
If you think the bug is still relevant to a KDE Pim version in Debian stable
(aka Stretch) or newer -- i.e. part of KDE Applications 15.08.0 or newer --
then please open a new bugreport upstream and add your new information in the
upstream bugreport.
Again, thank you for reporting the issue. If there are any questions feel free
to ask.
KDE upstream bug tracker closed their bug with following statement:
"This bug has only been reported for versions before 15.08.0, which have been
unsupported for at least two years now. Can anyone tell if this bug still
present?
If noone confirms this bug for a Framework-based version of kontact
(version 5.0 or later, as part of KDE Applications 15.08 or later),
it gets closed in about three months.
Just as announced in my last comment, I close this bug.
If you encounter it again in a recent version (at least 5.0 aka 15.08),
please open a new one unless it already exists. Thank you for all your input."
--- End Message ---
Reply to: