sophos-ide-update is a Perl program to carefully update virus signature .ide files from the Sophos web server, and optionally restart Sophie if .ide files were changed.


Mark Martinec <>, initial version December 2001
Copyright © 2001, 2002, 2003, 2006, 2007 Mark Martinec

Patches and problem reports are welcome.


The latest version of this program is available at:, in particular:

Previous versions:

Changes from 1.3 to 1.4:

2007-02-27    Mark Martinec
  - rise the size limit to 20 MB on downloaded * file,
    as recently the former 1 MB size limit was occasionally exceeded;
  - change the path for lsof from /usr/local/bin to /usr/local/sbin
    to match the default location on FreeBSD;

Changes from 1.2 to 1.3:

2006-12-20    Mark Martinec
  - trust PID from a pid file if found in a list of PIDs produced by
    lsof and the list contains more than one entry; seems like sophie
    keeps a parent to a daemonized process around, so lsof would find
    this process as the ultimate ancestor, although it expected that
    SIGHUP is sent to a process which is managing child processes;
  - add a $VERSION variable;

Changes from 1.1 to 1.2:

2003-10-28    Mark Martinec
  - change Perl path from /usr/local/bin/perl to the now more common
  - get_sophos_version: change a pattern to allow vdl versions with a
    letter appended (e.g. 3.75a) to fetch corresponding IDE zip named; thanks to Juergen "Louis" Fluk;
  - modified rmdir_with_files() (backported from amavisd-new) to be
    more careful with soft links to avoid being at the mercy of Sophos
    of not including strange stuff in their zip archives;
  - modified sanitize() to cope with characters with codes > 255;
  - delete environment variable IFS to avoid potential taint complaint;

Changes from 1.0 to 1.1:

2001-12-05	Mark Martinec
  - chop off trailing newline when printing exceptions' text
  - cosmetic changes;
2002-06-12	Mark Martinec
  - delete $ENV{'BASH_ENV'} to avoid 'unsafe dependency';
  - accommodate (old?) Sophos lib names: [number].[number][letter(s)].dat
    (thanks to Maciej Uhlig);
  - wait shortly between sending HUP to Sophie and sending notification;
  - as a courtesy to the Sophos web server, wait a random delay between
    0 and $max_wait_before_download seconds (default 45) to prevent
    thundering herd of this program incarnations to hit Sophos web server
    all at the same full minute, as would be common for a cron job

Terms and conditions

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

Other licensing terms are possible, please contact the author.


This is the sequence of steps the program goes through:

This program can be run periodically (e.g. from cron), or/and triggered on-demand by some other means, e.g. manually or run by MTA using an alias that pipes Sophos IDE update announcements to it (actual message on stdin is ignored, MTA pipe delivery is used only as a trigger).

For more detailed instructions see the beginning of the program.

Mailing list

There is a very low-traffic mailing list where announcements about new versions will be posted as well as warnings about threatening bugs if discovered. The posting is restricted to sophos-ide-update developer(s).

To subscribe to (or unsubscribe from) the mailing list please visit the list server's web page

You can also subscribe to the list by mailing the command SUBSCRIBE either in the subject or in the message body to the address . You will be asked for confirmation before subscription will be effective.

The list of members is only accessible to the list administrator, so there is no need for concern about automatic e-mail address gatherers.

Questions about the mailing list and concerns for the attention of a person should be sent to

There is no general discussion list about sophos-ide-update at the moment. Please send comments and suggestion to the author.


Last updated: 2007-02-27

Valid HTML 4.0!