Evolution + clamav + ruby

Quite a while ago I tied Evolution to clamav via ruby as an anti-virus measure ( I don't recall, but I most likely based this off of something similar, but not using ruby, that I found via Google ). I recently passed this setup on via the Evolution mailing list in reference to a posted request for examples. After a bit of back and forth, it appears to be working for the requestor. At his suggestion, I'm posting the configuration here also. The filter configuration is shown in the image, and the actual script is listed after. You'll want to make whatever minor adjustments necessary for it to work in your environment and you'll probably want to comment out the segments associated with creating the logfiles -- they will end up eating a lot of disk space( comment out the lines referencing fp and Time).

Click the image to see it clearly.


The script file -- rubyclamav.rb

#!/usr/bin/ruby
#
require 'socket'
fp = File.open("/var/log/rubyclamav/rubyoutclam_#{Process.pid}.log", "a")
START_TIME=Time.now
sendSock = UNIXSocket.open('/var/run/clamav/clamd.sock')
#sendSock = UNIXSocket.open('/var/run/clamav/clamd.ctl')
sendSock.puts("STREAM")
retStr = sendSock.gets
tag, val = retStr.split
sendSock1 = TCPSocket.open('localhost',"#{val}")
#res = $stdin.read
sendSock1.write($stdin.read)
sendSock1.close
retStr = sendSock.gets
pt = Time.now - START_TIME
#puts "#{retStr}"
#fp.write("#{res}\n")
fp.write("#{retStr}\n")
fp.write("ProcessTime = #{pt}\n")
fp.close
if retStr.match("FOUND") then
system("zenity --warning --title=\"Evolution: Virus detected\" --text=\"#{retStr}\" &")
exit 1
else
exit 0
end