[pmg-devel] [PATCH pmg-api] close #2324 - improve docs on encrypted archives

Thomas Lamprecht t.lamprecht at proxmox.com
Tue Aug 20 13:25:36 CEST 2019


On 8/20/19 1:19 PM, Thomas Lamprecht wrote:
> On 8/19/19 6:32 PM, Stoiko Ivanov wrote:
>> The option for ClamAV 'Block Encrypted Archives and Documents', actually
>> triggers a Heuristic match from ClamAV, which is used by PMG to rais the
>> spam score of a message by the value of 'Heuristic Score' configured
>> at the 'Spam Detector' settings.
>>
>> Since this has caused confusion (also for myself) a few times already, this
>> patch tries to address the issue by referring to the other option in the API
>> description of both properties
>>
>> Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
>> ---
>> We could additionally consider renaming the GUI presentation of
>> 'archiveblockencrypted' to 'Alert Encrypted Archives and Documents' in line
>> with ClamAVs recent change and deprecation of 'ArchiveBlockEncrypted'.
>>
>>  src/PMG/Config.pm | 4 ++--
>>  1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/src/PMG/Config.pm b/src/PMG/Config.pm
>> index 52dd7d0..2bffec8 100755
>> --- a/src/PMG/Config.pm
>> +++ b/src/PMG/Config.pm
>> @@ -169,7 +169,7 @@ sub properties {
>>  	    type => 'string',
>>  	},
>>  	clamav_heuristic_score => {
>> -	    description => "Score for ClamAV heuristics (Google Safe Browsing database, PhishingScanURLs, ...).",
>> +	    description => "Score for ClamAV heuristics (Encrypted Archives/Documents, Google Safe Browsing database, PhishingScanURLs, ...).",
> 
> OK.
> 
>>  	    type => 'integer',
>>  	    minimum => 0,
>>  	    maximum => 1000,
>> @@ -331,7 +331,7 @@ sub properties {
>>  	    default => 'database.clamav.net',
>>  	},
>>  	archiveblockencrypted => {
>> -	    description => "Whether to block encrypted archives and documents. Mark encrypted archives and documents as viruses.",
>> +	    description => "Whether to mark encrypted archives and documents. Mark encrypted archives and documents as heuristic virus match. Heuristic matches are treated by the Spam Detector as raising the Spam Score.",
> 
> IMO, above is still  confusing, with the repeating mark and wording.
> 
> Maybe something like:
> 
> "Whether to mark encrypted archives and documents heuristic virus match. A match does not necessarily result in an immediate block, it just raises the Spam Score."

Or, slightly improved:

"Whether to mark encrypted archives and documents as heuristic virus match. A match does not necessarily result in an immediate block, it just raises the Spam Score by 'clamav_heuristic_score'."

This would document the connection of both settings even a bit more, 
what do you think?

> 
> ?
> 
>>  	    type => 'boolean',
>>  	    default => 0,
>>  	},
>>



More information about the pmg-devel mailing list