Consulting djbware Publications

QMVC - Qmail Mail and Virus Control

QMVC

QMVC is an unidirectional Mail Filter and Virus Scanner for Qmail.

qmvc works in conjunction with the "dot-qmail" mechanism for qmail-local.

It is entirely designed for Qmail and there are no additional patches required for Qmail.

QMVC 1.7

Version 1.7 of QMVC provides the following new features (Release Notes):

Usage

qmvc is a Korn-shell script plug-in for qmail-local which is called in first order from a "dot-qmail" file. This may be a user-specific "dot-qmail" file ~/.qmail or ~/.qmail-default. If the Qmail MTA acts as an Internet E-Mail relay, qmvc is called from Qmail's alias user "dot-qmail" file, in particular thru /var/qmail/alias/.qmail-default.

Example:
.qmail-default:
|qmvc
#next instructions

qmvc accepts four arguments:

Example: For the virtual domain mapped to the local user with home directory /home/domain you define

.qmail-default:
|qmvc -uv-
./Maildir/

and /home/domain/qmvc/control may be a modified copy of the default /var/qmvc/control directory (see qmvc-control(5)).

qmvc runs with minimal permissions, by default user alias and group nofiles. In case qmvc is called from a specific user, it has the effective rights of this user.

Description

qmvc - invoked from a user's dot-qmail file - filters and scans incoming E-Mails (on descriptor 1). It exits with return code 0 Otherwise it exits 99 if the message was filtered or exits 100 if the message shall be bounced.

This means in the first case, that the E-Mail is processed by the next command or instruction defined in dot-qmail. In the latter case, qmail-local stopps the processing of the E-Mail, see qmail-command(8).

qmvc inherits the following functional blocks:

Dependencies

In order to use qmvc you have to have:

Supported UNIX Virus Scan Engines

QMVC has a built-in support for the following Virus Scan Engines:

Up to four Virus Scan Engines can be used mutually. They are only loaded into memory if a "positive" attachment is found.

Some more Features

QMVC's command-API

The command-API is in particular useful to call qmvc-internally anti-spam programs, ie. bogofilter. The command-API understands qmail-local's address variables ($LOCAL, $RECIPIENT etc.) and thus allows a flexible re-routing of spam emails to different users/mailboxes/Maildirs.

The plainmail utility - which facilitates the command-API - can be additionally used to strip-out plain/text and to translate text/HTML MIME parts of the message to be eventually forwarded to ie. BlackBerry PDAs.

Analysis Tools

QMVC includes a rich set of analysis tools showing qmvc's activity in HTML format.
Usually, those tools are called frequently by cron and the results maybe read by a HTTP daemon to be published.

QMVC's results may be published individually for specific users/virtual domains providing an optional anonymization of Sender/Recipient addresses.

Download and Installation

Documentation

In case of suggestions and/or problems, please contact Erwin Hoffmann