diff options
| author | Arne Fahrenwalde <macgeneral@macgeneral.de> | 2018-01-29 09:41:00 +0100 |
|---|---|---|
| committer | Arne Fahrenwalde <macgeneral@macgeneral.de> | 2018-01-29 09:41:00 +0100 |
| commit | e5140faeba18139e5f534919eead9aa2a0900fb3 (patch) | |
| tree | b8e522a0ea872ef6d39ed475fc3dfb7cc7fa040a /src/plugins/lua | |
| parent | 03cd15ca59b6d6e20537fb17ed9cf1b296fd78f5 (diff) | |
| download | rspamd-e5140faeba18139e5f534919eead9aa2a0900fb3.tar.gz rspamd-e5140faeba18139e5f534919eead9aa2a0900fb3.zip | |
[Fix] F-PROT Antivirus: only check return code to determine infection
F-PROT Antivirus uses return codes 1-3 (infected, suspicious, both) to signal an infection, while 4-255 are various error codes (including infected files were found before the error occured, but it's too complicated to handle all that edge case scenarios).
Diffstat (limited to 'src/plugins/lua')
| -rw-r--r-- | src/plugins/lua/antivirus.lua | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/plugins/lua/antivirus.lua b/src/plugins/lua/antivirus.lua index c35b8cfd6..4b69b8850 100644 --- a/src/plugins/lua/antivirus.lua +++ b/src/plugins/lua/antivirus.lua @@ -410,7 +410,9 @@ local function fprot_check(task, rule) rspamd_logger.infox(task, '%s [%s]: message is clean', rule['symbol'], rule['type']) end else - local vname = string.match(data, '^1 <.*infected.*: (.-)>') + -- returncodes: 1: infected, 2: suspicious, 3: both, 4-255: some error occured + -- see http://www.f-prot.com/support/helpfiles/unix/appendix_c.html for more detail + local vname = string.match(data, '^[1-3] <[%w%s]-: (.-)>') if not vname then rspamd_logger.errx(task, 'Unhandled response: %s', data) else |