Ubuntu
amavisd-new package

amavisd-new not able to scan with bitdefender for unices

Bug #1525930 reported by S. W.
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
amavisd-new (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

amavisd-new -V
amavisd-new-2.7.1 (20120429)

lsb_release -rd
Description: Ubuntu 14.04.3 LTS
Release: 14.04

with the current pattern amavisd is not able to scan with bitdefender

pattern:
  ### http://www.bitdefender.com/
  ['BitDefender', 'bdscan', # new version
    '--action=ignore --no-list {}', qr/^Infected files *:0+(?!\d)/m,
    qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m,
    qr/(?:suspected|infected): (.*)(?:\033|$)/m ],

log:
Dec 14 14:41:56 mail amavis[31749]: (31749-01) (!)run_av (BitDefender) FAILED - unexpected exit 1, output="BitDefender Antivirus Scanner for Unices v7.90123 Linux-i586\nCopyright (C) 1996-2009 BitDefender. All rights reserved.\nTrial key found. 13 days remaining.\n\nInfected file action: ignore\nSuspected file action: ignore\n/var/lib/amavis/tmp/amavis-20151214T144148-31749-37ddK4m4/parts/p003 infected: EICAR-Test-File (not a virus)\n\n\nResults:\nFolders: 0\nFiles: 3\nPacked: 0\nArchives: 0\nInfected files: 1\nSuspect files: 0\nWarnings: 0\nIdentified viruses: 1\nI/O errors: 0\n"
Dec 14 14:41:56 mail amavis[31749]: (31749-01) (!)BitDefender av-scanner FAILED: /usr/bin/bdscan unexpected exit 1, output="BitDefender Antivirus Scanner for Unices v7.90123 Linux-i586\nCopyright (C) 1996-2009 BitDefender. All rights reserved.\nTrial key found. 13 days remaining.\n\nInfected file action: ignore\nSuspected file action: ignore\n/var/lib/amavis/tmp/amavis-20151214T144148-31749-37ddK4m4/parts/p003 infected: EICAR-Test-File (not a virus)\n\n\nResults:\nFolders: 0\nFiles: 3\nPacked: 0\nArchives: 0\nInfected files: 1\nSuspect files: 0\nWarnings: 0\nIdentified viruses: 1\nI/O errors: 0\n" at (eval 136) line 899.
Dec 14 14:41:56 mail amavis[31749]: (31749-01) (!)WARN: all primary virus scanners failed, considering backups
Dec 14 14:41:56 mail amavis[31749]: (31749-01) (!!)AV: ALL VIRUS SCANNERS FAILED
Dec 14 14:41:58 mail amavis[31749]: (31749-01) Passed UNCHECKED {RelayedTaggedInternal}, LOCAL [192.168.115.29]:44658 <email address hidden> -> <email address hidden>, Queue-ID: 5634D50E066, Message-ID: <email address hidden>, mail_id: 9iA5Kd5kqhiu, Hits: 0, size: 2910, queued_as: DFA1650E11C, 9623 ms

if the pattern is changed to:

 ### http://www.bitdefender.com/
  ['BitDefender', 'bdscan', # new version
    '--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m,
    qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m,
    qr/(?:suspected|infected)\s*:\s*(.*)(?:\033|$)/m ],

amavis starts to filter emails through bitdefender. greped for the mailinglist as of June 2009 (https://<email address hidden>/msg13822.html#)

Dec 14 14:49:21 mail amavis[31883]: (31883-01) Blocked INFECTED (EICAR-Test-File (not a virus)) {DiscardedInternal,Quarantined}, LOCAL [192.168.115.29]:44640 <xxx@x.de> -> <email address hidden>, quarantine: n/virus-nzfKHxBFj6hL, Queue-ID: 5711D50E02F, Message-ID: <email address hidden>, mail_id: nzfKHxBFj6hL, Hits: -, size: 2908, 6970 ms

maybe its time to merge the newer packages from Sid.

regards
sw

See original description
S. W. (cebit2006)
description: updated
description: updated
Revision history for this message
Joshua Powers (powersj) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. First apologies for not getting you a timely response.

I am however a little uncertain on what the ask is here. The link from the mailing list you have shows a fix for 2.6.4, however trusty has version 2.7.1.

Since there isn't enough information in your report to differentiate between a local configuration problem and a bug in Ubuntu, I'm marking this bug as Incomplete. If indeed this is a local configuration problem, you can find pointers to get help for this sort of problem here: http://www.ubuntu.com/support/community

Or if you believe that this is really a bug, then you may find it helpful to read "How to report bugs effectively" http://www.chiark.greenend.org.uk/~sgtatham/bugs.html. We'd be grateful if you would then provide a more complete description of the problem, explain why you believe this is a bug in Ubuntu rather than a problem specific to your system, and then change the bug status back to New.

Changed in amavisd-new (Ubuntu):
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for amavisd-new (Ubuntu) because there has been no activity for 60 days.]

Changed in amavisd-new (Ubuntu):
status: Incomplete → Expired
Revision history for this message
Sophie Schumann (sharkynoms) wrote :

# amavisd-new -V
amavisd-new-2.11.0 (20160426)

# lsb_release -rd
Description: Ubuntu 18.04 LTS
Release: 18.04

I also ran in to this issue with bdscan and the new (old) pattern from the 2009 mailing list post fixed it for me.

Manual diff of the pattern:

    + '--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m,
    - '--action=ignore --no-list {}', qr/^Infected files *:0+(?!\d)/m,

    + qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m,
    - qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m,

Apparently it only changed the whitespace matching, I'm not a RE pro but does ' *' actually work as a pattern? Maybe this behaviour changed in the underlaying language (perl I assume)?

Bzr is not something I'm familiar with but with a little digging[1] I found that the bdscan option was last updated in 3.4.1 -- but I can't figure out why the change from the mailing list in 2.6.4 was overwritten with this broken pattern.

[1] https://bazaar.launchpad.net/~ubuntu-branches/ubuntu/precise/amavisd-new/precise/annotate/head:/debian/etc/conf.d/15-av_scanners#L330

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.