#INSTALL IO-TTY (Requirement for Expect)
	perl -e 'if (require IO::Tty) { print "IO-Tty Version is: $IO::Tty::VERSION\n"; exit 0;} else {exit 1;}' || echo 'IO-Tty Not Present!'

        mkdir /tmp/20061112MIME
        cd /tmp/20061112MIME/
        wget http://www.peregrinehw.com/downloads/MIMEDefang/IO-Tty-1.07.tar.gz

        cd /usr/src
        rm -rf /usr/src/IO-Tty-1.07.tar.gz
        tar zxvf /tmp/20061112MIME/IO-Tty-1.07.tar.gz
        cd IO-Tty-1.07

        perl Makefile.PL
        make test && make install

#INSTALL EXPECT

	perl -e 'if (require Expect) { print "Expect Version is: $Expect::VERSION\n"; exit 0;} else {exit 1;}' || echo 'Expect Not Present!'

        mkdir /tmp/20061112MIME
        cd /tmp/20061112MIME/
        wget http://www.peregrinehw.com/downloads/MIMEDefang/Expect-1.21.tar.gz

        cd /usr/src
        rm -rf /usr/src/Expect-1.21
        tar zxvf /tmp/20061112MIME/Expect-1.21.tar.gz
        cd Expect-1.21

        perl Makefile.PL
        make test && make install


Modify the installation of /usr/local/bin/mimedefang.pl per http://www.mimedefang.org/kwiki/index.cgi?FasterNaiUvscan


Add this to the top:

use Expect;
my $NAIExpect;

Change the call to message_contains_virus_nai to message_contains_virus_nai_expect.

Add these lines:

sub initialize_nai_expect() {
    $NAIExpect = new Expect;
    $NAIExpect->raw_pty(1);
    if (!$NAIExpect->spawn($Features{'Virus:NAI'} . " --noboot --mime --secure --allole -f - 2>&1")) {
        md_syslog('err', "$MsgID: Failed to initialize Expect with NAI Virus Scan");
        return;
    }
    $NAIExpect->log_stdout(0);
}

sub item_contains_virus_nai_expect($) {
    my($path) = @_;
    my($msg) = '';

    $NAIExpect->send("$path\ncheckpoint\n");
    $NAIExpect->expect(undef, '-re', "No file or directory found matching .*/checkpoint\n");

    foreach (split(/\n/, $NAIExpect->before)) {
        $msg .= "$_\n" if /^\s+Found/;
    }

    $VirusScannerMessages .= $msg;
    $CurrentVirusScannerMessage = $msg;

    # If NAI child died, return that error code, and discard current Expect
    if (defined($NAIExpect->exitstatus())) {
        my($retcode) = $NAIExpect->exitstatus();
        md_syslog('err', 'uvscan child died with status ' . $retcode);
        undef $NAIExpect;
        return ($retcode, 'swerr', 'tempfail');

    # Otherwise, interpret virus scanner results.
    } else {

        # Code to extract virus name is modified from interpret_nai_code
        $VirusName = "EICAR-Test"
            if ($CurrentVirusScannerMessage =~ /^\s+Found: EICAR test file/m);
        $VirusName = $1
            if ($CurrentVirusScannerMessage =~ /^\s+Found the (\S+) .*(virus|trojan)/m);
        $VirusName = 'unknown-NAI-virus' if (($VirusName eq '') and
                ($CurrentVirusScannerMessage =~ /^\s+Found/m));

        # If we have a virus name, report it.  uvscan returns 13 on virus.
        if ($VirusName ne '') {
            return (13, 'virus', 'quarantine');

        # If there are no messages, or if they're harmless, return OK.
        } elsif ($CurrentVirusScannerMessage =~ /^((\/.*|\s+(file could not be opened\. |is password-protected\.|is a broken symbolic link|is corrupted\.))\n)*$/) {
            return (0, 'ok', 'ok');
        }

        # Unknown messages should be logged then tempfailed for safety.
        else {
            md_graphdefang_log('unknown_scanner_results',
                $CurrentVirusScannerMessage);
            return (-1, 'swerr', 'tempfail');
        }
    }
}

sub message_contains_virus_nai_expect() {
    defined($NAIExpect) or initialize_nai_expect();
    return (item_contains_virus_nai_expect("$CWD/Work"));
}