[Postfixbuch-users] Amavis generiert ungewünschten SPAM-Blocker-Report
Leo Unglaub
leo.unglaub at gmx.at
Fr Jul 3 09:18:20 CEST 2009
Hallo,
> Macht er nicht, kann eigentlich nicht sein.
>
> Bitte vollständige Config aller Beteiligten zeigen, insb. aber auch die
> Orginal-Meldungen und/oder Logmeldungen dieser Vorgänge.
>
> Peer
>
Okay, hier kommen die ganzen wichtigen Files. Ich habe es mit folgendem
BSP nachgestellt:
Mailserver: mail.e-c-o.at.
Empfängeradresse: unglaub at e-c-o.at
Absenderadresse: leo.unglaub at gmx.at
Geblockt wird folgender Testeintrag von mir:
> /^Subject:.*postfixbuch-test/
> REJECT Header-Spamschutzregel special
Nun bekomme ich 2 E-Mails zurückgeliefert. Eines vom GMX Mailer-DAEMON
und eines von meinem Content-Filter.
Von Amavis:
> From - Fri Jul 03 08:53:38 2009
> X-Account-Key: account3
> X-UIDL: a394e855f44b15071a40175d4c5ad10d
> X-Mozilla-Status: 0001
> X-Mozilla-Status2: 10000000
> X-Mozilla-Keys:
> Return-Path: <>
> X-Flags: 0000
> Delivered-To: GMX delivery to leo.unglaub at gmx.at
> Received: (qmail invoked by alias); 03 Jul 2009 06:53:35 -0000
> Received: from mail.e-c-o.at (EHLO mail.e-c-o.at) [212.17.123.10]
> by mx0.gmx.net (mx054) with SMTP; 03 Jul 2009 08:53:35 +0200
> Content-Type: multipart/report; report-type=delivery-status;
> boundary="----------=_1246604012-23941-0"
> Content-Transfer-Encoding: 7bit
> MIME-Version: 1.0
> Subject: Undeliverable mail, TEMPFAIL
> Message-ID: <DSNgHY7HCcazH20 at mail.e-c-o.at>
> From: "Content-filter at mail.e-c-o.at" <postmaster at mail.e-c-o.at>
> To: <leo.unglaub at gmx.at>
> Date: Fri, 3 Jul 2009 08:53:24 +0200 (CEST)
> X-GMX-Antivirus: 0 (no virus found)
> X-GMX-Antispam: 0 (Mail was not recognized as spam)
> X-GMX-UID: 3Zx4ey1IbUko+iZWgWknjpFkZ2hlNwrA
>
> This is a multi-part message in MIME format...
>
> ------------=_1246604012-23941-0
> Content-Type: text/plain; charset="iso-8859-1"
> Content-Disposition: inline
> Content-Transfer-Encoding: 7bit
>
> The message WAS NOT relayed to:
> <unglaub at e-c-o.at>: [127.0.0.1] said:
> 550 5.7.1 Failed, id=23941-06, from MTA([127.0.0.1]:10025): 550 5.7.1 Header-Spamschutzregel special
>
> This nondelivery report was generated by the program amavisd-new at host
> mail.e-c-o.at. Our internal reference code for your message is
> 23941-06/gHY7HCcazH20
>
> Return-Path: <leo.unglaub at gmx.at>
> Message-ID: <4A4DAADC.6010701 at gmx.at>
> Subject: postfixbuch-test
>
>
> ------------=_1246604012-23941-0
> Content-Type: message/delivery-status; name="dsn_status"
> Content-Disposition: inline; filename="dsn_status"
> Content-Transfer-Encoding: 7bit
> Content-Description: Delivery error report
>
> Reporting-MTA: dns; mail.e-c-o.at
> Received-From-MTA: smtp; mail.e-c-o.at ([127.0.0.1])
> Arrival-Date: Fri, 3 Jul 2009 08:53:24 +0200 (CEST)
>
> Final-Recipient: rfc822;unglaub at e-c-o.at
> Action: failed
> Status: 5.7.1
> Remote-MTA: dns; 127.0.0.1
> Diagnostic-Code: smtp; 550 5.7.1 Header-Spamschutzregel special
> Last-Attempt-Date: Fri, 3 Jul 2009 08:53:24 +0200 (CEST)
> Final-Log-ID: 23941-06/gHY7HCcazH20
>
> ------------=_1246604012-23941-0
> Content-Type: text/rfc822-headers; name="header"
> Content-Disposition: inline; filename="header"
> Content-Transfer-Encoding: 7bit
> Content-Description: Message header section
>
> Return-Path: <leo.unglaub at gmx.at>
> Received: from mail.gmx.net (mail.gmx.net [213.165.64.20])
> by mail.e-c-o.at (Postfix) with SMTP
> for <unglaub at e-c-o.at>; Fri, 3 Jul 2009 08:53:19 +0200 (CEST)
> Received: (qmail invoked by alias); 03 Jul 2009 06:53:20 -0000
> Received: from mail.e-c-o.at (EHLO [127.0.0.1]) [212.17.123.10]
> by mail.gmx.net (mp014) with SMTP; 03 Jul 2009 08:53:20 +0200
> X-Authenticated: #28534032
> X-Provags-ID: V01U2FsdGVkX1/KBCFmP3jKqFuXP+JVr13kZejj0LPsdtP1i/zdxc
> zHCxQQEuOZzg8O
> Message-ID: <4A4DAADC.6010701 at gmx.at>
> Date: Fri, 03 Jul 2009 08:53:16 +0200
> From: Leo Unglaub <leo.unglaub at gmx.at>
> User-Agent: Thunderbird 2.0.0.22 (Windows/20090605)
> MIME-Version: 1.0
> To: test <unglaub at e-c-o.at>
> Subject: postfixbuch-test
> Content-Type: text/plain; charset=ISO-8859-15; format=flowed
> Content-Transfer-Encoding: 7bit
> X-Y-GMX-Trusted: 0
> X-FuHaFi: 0.00
>
> ------------=_1246604012-23941-0--
>
und von GMX:
> From - Fri Jul 03 08:53:37 2009
> X-Account-Key: account3
> X-UIDL: b4c630264c42abddbef2249a219b20fc
> X-Mozilla-Status: 0001
> X-Mozilla-Status2: 00000000
> X-Mozilla-Keys:
> Return-Path: <>
> X-Flags: 0000
> Delivered-To: GMX delivery to leo.unglaub at gmx.at
> Received: (qmail 4144 invoked for bounce); 3 Jul 2009 06:53:34 -0000
> Date: 3 Jul 2009 06:53:34 -0000
> From: MAILER-DAEMON at mail.gmx.net
> To: leo.unglaub at gmx.at
> Subject: failure notice
> Message-ID: <20090703065335.4156gmx1 at mp014.gmx.net>
> X-GMX-Antivirus: 0 (no virus found)
> X-GMX-Antispam: 0 (Mail was not recognized as spam)
> X-GMX-UID: i8MoC9RvfW4ouSo/xGRogo1mdmllcgUV
>
> Hi. This is the qmail-send program at mail.gmx.net.
> I'm afraid I wasn't able to deliver your message to the following addresses.
> This is a permanent error; I've given up. Sorry it didn't work out.
>
> <unglaub at e-c-o.at>:
> 212.17.123.10_failed_after_I_sent_the_message./Remote_host_said:_550_5.7.1_Failed,_id=23941-06,_from_MTA([127.0.0.1]:10025):_550_5.7.1_Header-Spamschutzregel_special/
>
> --- Below this line is a copy of the message.
>
> Return-Path: <leo.unglaub at gmx.at>
> Received: (qmail invoked by alias); 03 Jul 2009 06:53:20 -0000
> Received: from mail.e-c-o.at (EHLO [127.0.0.1]) [212.17.123.10]
> by mail.gmx.net (mp014) with SMTP; 03 Jul 2009 08:53:20 +0200
> X-Authenticated: #28534032
> X-Provags-ID: V01U2FsdGVkX1/KBCFmP3jKqFuXP+JVr13kZejj0LPsdtP1i/zdxc
> zHCxQQEuOZzg8O
> Message-ID: <4A4DAADC.6010701 at gmx.at>
> Date: Fri, 03 Jul 2009 08:53:16 +0200
> From: Leo Unglaub <leo.unglaub at gmx.at>
> User-Agent: Thunderbird 2.0.0.22 (Windows/20090605)
> MIME-Version: 1.0
> To: test <unglaub at e-c-o.at>
> Subject: postfixbuch-test
> Content-Type: text/plain; charset=ISO-8859-15; format=flowed
> Content-Transfer-Encoding: 7bit
> X-Y-GMX-Trusted: 0
> X-FuHaFi: 0.00
> X-GMX-Antivirus: 0 (no virus found)
>
> Das ist ein Testmail.
>
Nun zu den config-Files. Als erstes Postfix. Ich habe um den Fehler zu
finden meine config weg geworfen und die aus den neuen Postfixbuch
genommen, da ich von einem Fehler bei mir ausging, aber auch mit dem
leicht abgewandelten Musterbeispiel habe ich dieses Problem:
> mail:/etc/postfix# postconf -n
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> append_dot_mydomain = no
> biff = no
> broken_sasl_auth_clients = yes
> canonical_maps = hash:/etc/postfix/config/canonical
> config_directory = /etc/postfix
> header_checks = pcre:/etc/postfix/config/header_check
> html_directory = /usr/share/doc/postfix/html
> inet_interfaces = all
> inet_protocols = all
> local_recipient_maps = hash:/etc/postfix/config/local_recipient_maps
> mailbox_command =
> mailbox_size_limit = 0
> mailbox_transport = lmtp:unix:/var/run/cyrus/socket/lmtp
> message_size_limit = 61457280
> mydestination = $myhostname, localhost.$mydomain, $mydomain
> mydomain = e-c-o.at
> myhostname = mail.e-c-o.at
> mynetworks = 127.0.0.0/8 192.168.1.230 85.25.151.126
> myorigin = /etc/mailname
> readme_directory = /usr/share/doc/postfix
> recipient_delimiter = +
> sender_canonical_maps = hash:/etc/postfix/config/canonical
> smtp_sasl_auth_enable = no
> smtp_sasl_security_options = noanonymous
> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> smtpd_proxy_filter = 127.0.0.1:10024
> smtpd_recipient_limit = 3000
> smtpd_recipient_restrictions = reject_non_fqdn_sender,
> reject_non_fqdn_recipient, reject_unknown_sender_domain,
> reject_unknown_recipient_domain, permit_sasl_authenticated,
> permit_mynetworks, reject_rbl_client zen.spamhaus.org,
> reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client
> bl.spamcop.net, reject_rbl_client dnsbl.njabl.org,
> reject_rhsbl_client blackhole.securitysage.com
> reject_unverified_recipient, permit_mx_backup,
> reject_unauth_destination, permit
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain = %myhostname
> soft_bounce = no
> virtual_alias_domains = hash:/etc/postfix/config/virtual_alias_domains
> virtual_alias_maps = hash:/etc/postfix/config/virtual_alias_maps
> virtual_transport = lmtp:unix:/var/run/cyrus/socket/lmtp
Meine Master.cf
> smtp inet n - - - 5 smtpd
> pickup fifo n - - 60 1 pickup
> -o content_filter=
> -o receive_override_options=no_header_body_checks
> cleanup unix n - - - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> tlsmgr unix - - - 1000? 1 tlsmgr
> rewrite unix - - - - - trivial-rewrite
> bounce unix - - - - 0 bounce
> defer unix - - - - 0 bounce
> trace unix - - - - 0 bounce
> verify unix - - - - 1 verify
> flush unix n - - 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - - - - smtp
> showq unix n - - - - showq
> error unix - - - - - error
> discard unix - - - - - discard
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - - - 1 anvil
> scache unix - - - - 1 scache
>
> smtp-amavis unix - - - - 5 smtp
> -o smtp_data_done_timeout=1200
> -o smtp_send_xforward_command=yes
> -o disable_dns_lookups=yes
> -o max_use=20
>
> 127.0.0.1:10025 inet n - - - - smtpd
> -o content_filter=
> -o smtpd_proxy_filter=
> -o smtpd_authorized_xforward_hosts=127.0.0.0/8
> -o smtpd_client_restrictions=
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o smtpd_data_restrictions=
> -o mynetworks=127.0.0.0/8
> -o receive_override_options=no_unknown_recipient_checks
Nun zu Amavis. Da ich ein Debian-System einsetze folgen nun leider ein
paar Einzelfiles:
> use strict;
>
> # ADMINISTRATORS:
> # Debian suggests that any changes you need to do that should never
> # be "updated" by the Debian package should be made in another file,
> # overriding the settings in this file.
> #
> # The package will *not* overwrite your settings, but by keeping
> # them separate, you will make the task of merging changes on these
> # configuration files much simpler...
>
> # see /usr/share/doc/amavisd-new/examples/amavisd.conf-default for
> # a list of all variables with their defaults;
> # see /usr/share/doc/amavisd-new/examples/amavisd.conf-sample for
> # a traditional-style commented file
> # [note: the above files were not converted to Debian settings!]
> #
> # for more details see documentation in /usr/share/doc/amavisd-new
> # and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html
>
>
> # SETTINGS RARELY MODIFIED BY THE LOCAL ADMIN
>
> $ENV{PATH} = $path =
> '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
> $file = 'file';
> $gzip = 'gzip';
> $bzip2 = 'bzip2';
> $lzop = 'lzop';
> $rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
> $cabextract = 'cabextract';
> $uncompress = ['uncompress', 'gzip -d', 'zcat'];
> #$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat']; #disabled
> (non-free, no security support)
> $unfreeze = undef;
> $arc = ['nomarch', 'arc'];
> $unarj = ['arj', 'unarj'];
> #$unrar = ['rar', 'unrar']; #disabled (non-free, no security support)
> $unrar = undef;
> $zoo = 'zoo';
> #$lha = 'lha'; #disabled (non-free, no security support)
> $lha = undef;
> $pax = 'pax';
> $cpio = 'cpio';
> $ar = 'ar';
> $ripole = 'ripole';
> $dspam = 'dspam';
>
> 1; # ensure a defined return
> use strict;
>
> # $mydomain is used just for convenience in the config files and it is not
> # used internally by amavisd-new except in the default X_HEADER_LINE
> (which
> # Debian overrides by default anyway).
>
> chomp($mydomain = `head -n 1 /etc/mailname`);
>
> # amavisd-new needs to know which email domains are to be considered local
> # to the administrative domain. Only emails to "local" domains are
> subject
> # to certain functionality, such as the addition of spam tags.
> #
> # Default local domains to $mydomain and all subdomains. Remember to
> # override or redefine this if $mydomain is changed later in the config
> # sequence.
>
> @local_domains_acl = ( ".$mydomain", "e-c-o.at" );
>
> 1; # ensure a defined return
> use strict;
>
> # $myhostname is used by amavisd-new for node identification, and it is
> # important to get it right (e.g. for ESMTP EHLO, loop detection, and
> so on).
>
> chomp($myhostname = `hostname --fqdn`);
>
> # To manually set $myhostname, edit the following line with the
> correct Fully
> # Qualified Domain Name (FQDN) and remove the # at the beginning of
> the line.
> #
> #$myhostname = "mail.example.com"
>
> 1; # ensure a defined return
> use strict;
>
> ##
> ## AV Scanners (Debian version)
> ##
>
> @av_scanners = (
>
> # ### http://www.vanja.com/tools/sophie/
> # ['Sophie',
> # \&ask_daemon, ["{}/\n", '/var/run/sophie'],
> # qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
> # qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
>
> # ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/
> # ['Sophos SAVI', \&sophos_savi ],
>
> ### http://www.clamav.net/
> ['ClamAV-clamd',
> \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
> qr/\bOK$/, qr/\bFOUND$/,
> qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
> # NOTE: remember to add the clamav user to the amavis group, and
> # to properly set clamd to init supplementary groups
> # When running chrooted one may prefer: ["CONTSCAN
> {}\n","$MYHOME/clamd"],
>
> # ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred)
> # ['Mail::ClamAV', \&ask_clamav, "*", [0], [1], qr/^INFECTED: (.+)/],
>
> # ### http://www.openantivirus.org/
> # ['OpenAntiVirus ScannerDaemon (OAV)',
> # \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'],
> # qr/^OK/, qr/^FOUND: /, qr/^FOUND: (.+)/ ],
>
> # ### http://www.vanja.com/tools/trophie/
> # ['Trophie',
> # \&ask_daemon, ["{}/\n", '/var/run/trophie'],
> # qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
> # qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
>
> # ### http://www.grisoft.com/
> # ['AVG Anti-Virus',
> # \&ask_daemon, ["SCAN {}\n", '127.0.0.1:55555'],
> # qr/^200/, qr/^403/, qr/^403 .*?: ([^\r\n]+)/ ],
>
> # ### http://www.f-prot.com/
> # ['FRISK F-Prot Daemon',
> # \&ask_daemon,
> # ["GET {}/*?-dumb%20-archive%20-packed HTTP/1.0\r\n\r\n",
> # ['127.0.0.1:10200','127.0.0.1:10201','127.0.0.1:10202',
> # '127.0.0.1:10203','127.0.0.1:10204'] ],
> # qr/(?i)<summary[^>]*>clean<\/summary>/,
> # qr/(?i)<summary[^>]*>infected<\/summary>/,
> # qr/(?i)<name>(.+)<\/name>/ ],
>
> # ### http://www.sald.com/, http://www.dials.ru/english/,
> http://www.drweb.ru/
> # ['DrWebD', \&ask_daemon, # DrWebD 4.31 or later
> # [pack('N',1). # DRWEBD_SCAN_CMD
> # pack('N',0x00280001). # DONT_CHANGEMAIL, IS_MAIL, RETURN_VIRUSES
> # pack('N', # path length
> # length("$TEMPBASE/amavis-yyyymmddTHHMMSS-xxxxx/parts/pxxx")).
> # '{}/*'. # path
> # pack('N',0). # content size
> # pack('N',0),
> # '/var/drweb/run/drwebd.sock',
> # # '/var/amavis/var/run/drwebd.sock', # suitable for chroot
> # # '/usr/local/drweb/run/drwebd.sock', # FreeBSD drweb ports default
> # # '127.0.0.1:3000', # or over an inet socket
> # ],
> # qr/\A\x00[\x10\x11][\x00\x10]\x00/s, # IS_CLEAN,EVAL_KEY;
> SKIPPED
> # qr/\A\x00[\x00\x01][\x00\x10][\x20\x40\x80]/s, #
> KNOWN_V,UNKNOWN_V,V._MODIF
> # qr/\A.{12}(?:infected with )?([^\x00]+)\x00/s,
> # ],
> # # NOTE: If using amavis-milter, change length to:
> # # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx").
>
> ### http://www.kaspersky.com/ (kav4mailservers)
> ['KasperskyLab AVP - aveclient',
> ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
> '/opt/kav/bin/aveclient','aveclient'],
> '-p /var/run/aveserver -s {}/*', [0,3,6,8],
> qr/\b(INFECTED|SUSPICION)\b/,
> qr/(?:INFECTED|SUSPICION) (.+)/,
> ],
>
> ### http://www.kaspersky.com/
> ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
> '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ?
> qr/infected: (.+)/,
> sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
> sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
> ],
>
> ### The kavdaemon and AVPDaemonClient have been removed from Kasperky
> ### products and replaced by aveserver and aveclient
> ['KasperskyLab AVPDaemonClient',
> [ '/opt/AVP/kavdaemon', 'kavdaemon',
> '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
> '/opt/AVP/AvpTeamDream', 'AvpTeamDream',
> '/opt/AVP/avpdc', 'avpdc' ],
> "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/ ],
> # change the startup-script in /etc/init.d/kavd to:
> # DPARMS="-* -Y -dl -f=/var/amavis /var/amavis"
> # (or perhaps: DPARMS="-I0 -Y -* /var/amavis" )
> # adjusting /var/amavis above to match your $TEMPBASE.
> # The '-f=/var/amavis' is needed if not running it as root, so it
> # can find, read, and write its pid file, etc., see 'man kavdaemon'.
> # defUnix.prf: there must be an entry "*/var/amavis" (or whatever
> # directory $TEMPBASE specifies) in the 'Names=' section.
> # cd /opt/AVP/DaemonClients; configure; cd Sample; make
> # cp AvpDaemonClient /opt/AVP/
> # su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}"
>
> ### http://www.hbedv.com/ or http://www.centralcommand.com/
> ['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
> ['antivir','vexira'],
> '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
> qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
> (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
> # NOTE: if you only have a demo version, remove -z and add 214, as in:
> # '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/,
> # According to the documentations, the new version of Vexira has
> # reasonable defaults, one may consider: "--timeout=60
> --temp=$TEMPBASE {}"
>
> ### http://www.commandsoftware.com/
> ['Command AntiVirus for Linux', 'csav',
> '-all -archive -packed {}', [50], [51,52,53],
> qr/Infection: (.+)/ ],
>
> ### http://www.symantec.com/
> ['Symantec CarrierScan via Symantec CommandLineScanner',
> 'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
> qr/^Files Infected:\s+0$/, qr/^Infected\b/,
> qr/^(?:Info|Virus Name):\s+(.+)/ ],
>
> ### http://www.symantec.com/
> ['Symantec AntiVirus Scan Engine',
> 'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details
> -verbose {}',
> [0], qr/^Infected\b/,
> qr/^(?:Info|Virus Name):\s+(.+)/ ],
> # NOTE: check options and patterns to see which entry better applies
>
> ### http://www.f-secure.com/products/anti-virus/
> ['F-Secure Antivirus', 'fsav',
> '--dumb --mime --archive {}', [0], [3,8],
> qr/(?:infection|Infected|Suspected): (.+)/ ],
>
> # ### http://www.avast.com/
> # ['avast! Antivirus daemon',
> # \&ask_daemon, # greets with 220, terminate with QUIT
> # ["SCAN {}\015\012QUIT\015\012", '/var/run/avast4/mailscanner.sock'],
> # qr/\t\[\+\]/, qr/\t\[L\]\t/, qr/\t\[L\]\t([^[ \t\015\012]+)/ ],
>
> # ### http://www.avast.com/
> # ['avast! Antivirus - Client/Server Version', 'avastlite',
> # '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1],
> # qr/\t\[L\]\t([^[ \t\015\012]+)/ ],
>
> ['CAI InoculateIT', 'inocucmd', # retired product
> '-sec -nex {}', [0], [100],
> qr/was infected by virus (.+)/ ],
> # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html
>
> ### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT)
> ['CAI eTrust Antivirus', 'etrust-wrapper',
> '-arc -nex -spm h {}', [0], [101],
> qr/is infected by virus: (.+)/ ],
> # NOTE: requires suid wrapper around inocmd32; consider flag: -mod
> reviewer
> # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783
>
> ### http://mks.com.pl/english.html
> ['MkS_Vir for Linux (beta)', ['mks32','mks'],
> '-s {}/*', [0], [1,2],
> qr/--[ \t]*(.+)/ ],
>
> ### http://mks.com.pl/english.html
> ['MkS_Vir daemon', 'mksscan',
> '-s -q {}', [0], [1..7],
> qr/^... (\S+)/ ],
>
> ### http://www.nod32.com/
> ['ESET Software NOD32 Command Line Interface v 2.51', 'nod32cli',
> '--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/ ],
>
> # ### http://www.nod32.com/ old
> # ['ESET Software NOD32 - Client/Server Version', 'nod32cli',
> # '-a -r -d recurse --heur standard {}', [0], [10,11],
> # qr/^\S+\s+infected:\s+(.+)/ ],
>
> # ### http://www.nod32.com/ old
> # ['ESET Software NOD32', 'nod32',
> # '--arch --mail {}', [0], [1,10], qr/^object=.*, virus="(.*?)",/ ],
>
> # Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31
> # ['ESET Software NOD32 Client/Server (NOD32SS)',
> # \&ask_daemon2, # greets with 200, persistent, terminate with QUIT
> # ["SCAN {}/*\r\n", '127.0.0.1:8448' ],
> # qr/^200 File OK/, qr/^201 /, qr/^201 (.+)/ ],
>
> ### http://www.norman.com/products_nvc.shtml
> ['Norman Virus Control v5 / Linux', 'nvcc',
> '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
> qr/(?i).* virus in .* -> \'(.+)\'/ ],
>
> ### http://www.pandasoftware.com/
> ['Panda Antivirus for Linux', ['pavcl'],
> '-aut -aex -heu -cmp -nbr -nor -nso -eng {}',
> qr/Number of files infected[ .]*: 0+(?!\d)/,
> qr/Number of files infected[ .]*: 0*[1-9]/,
> qr/Found virus :\s*(\S+)/ ],
>
> # ### http://www.pandasoftware.com/
> # ['Panda Antivirus for Linux', ['pavcl'],
> # '-TSR -aut -aex -heu -cmp -nbr -nor -nso -eng {}',
> # [0], [0x10, 0x30, 0x50, 0x70, 0x90, 0xB0, 0xD0, 0xF0],
> # qr/Found virus :\s*(\S+)/ ],
>
> # GeCAD AV technology is acquired by Microsoft; RAV has been discontinued.
> # Check your RAV license terms before fiddling with the following two
> lines!
> # ['GeCAD RAV AntiVirus 8', 'ravav',
> # '--all --archive --mail {}', [1], [2,3,4,5], qr/Infected: (.+)/ ],
> # # NOTE: the command line switches changed with scan engine 8.5 !
> # # (btw, assigning stdin to /dev/null causes RAV to fail)
>
> ### http://www.nai.com/
> ['NAI McAfee AntiVirus (uvscan)', 'uvscan',
> '--secure -rv --mime --summary --noboot - {}', [0], [13],
> qr/(?x) Found (?:
> \ the\ (.+)\ (?:virus|trojan) |
> \ (?:virus|trojan)\ or\ variant\ (.+?)\s*! |
> :\ (.+)\ NOT\ a\ virus)/,
> # sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'},
> # sub {delete $ENV{LD_PRELOAD}},
> ],
> # NOTE1: with RH9: force the dynamic linker to look at
> /lib/libc.so.6 before
> # anything else by setting environment variable
> LD_PRELOAD=/lib/libc.so.6
> # and then clear it when finished to avoid confusing anything else.
> # NOTE2: to treat encrypted files as viruses replace the [13] with:
> # qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/
>
> ### http://www.virusbuster.hu/en/
> ['VirusBuster', ['vbuster', 'vbengcl'],
> # VirusBuster Ltd. does not support the daemon version for the
> workstation
> # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The
> names of
> # binaries, some parameters AND return codes have changed (from 3
> to 1).
> "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
> qr/: '(.*)' - Virus/ ],
>
> # ### http://www.virusbuster.hu/en/
> # ['VirusBuster (Client + Daemon)', 'vbengd',
> # # HINT: for an infected file it always returns 3,
> # # although the man-page tells a different story
> # '-f -log scandir {}', [0], [3],
> # qr/Virus found = (.*);/ ],
>
> ### http://www.cyber.com/
> ['CyberSoft VFind', 'vfind',
> '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/,
> # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'},
> ],
>
> ### http://www.avast.com/
> ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
> '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/ ],
>
> ### http://www.ikarus-software.com/
> ['Ikarus AntiVirus for Linux', 'ikarus',
> '{}', [0], [40], qr/Signature (.+) found/ ],
>
> ### http://www.bitdefender.com/
> ['BitDefender', 'bdc',
> '--arc --mail {}', qr/^Infected files *:0+(?!\d)/,
> qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
> qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
> # consider also: --all --nowarn --alev=15 --flev=15. The --all
> argument may
> # not apply to your version of bdc, check documentation and see 'bdc
> --help'
>
> # ['File::Scan', sub {Amavis::AV::ask_av(sub{
> # use File::Scan; my($fn)=@_;
> # my($f)=File::Scan->new(max_txt_size=>0, max_bin_size=>0);
> # my($vname) = $f->scan($fn);
> # $f->error ? (2,"Error: ".$f->error)
> # : ($vname ne '') ? (1,"$vname FOUND") : (0,"Clean")}, @_) },
> # ["{}/*"], [0], [1], qr/^(.*) FOUND$/ ],
>
> ### example: fully-fledged checker for JPEG marker segments of
> invalid length
> ['check-jpeg',
> sub { use JpegTester ();
> Amavis::AV::ask_av(\&JpegTester::test_jpeg, @_) },
> ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/ ],
> # NOTE: place file JpegTester.pm somewhere where Perl can find it,
> # for example in /usr/local/lib/perl5/site_perl
>
> );
>
>
> @av_scanners_backup = (
>
> ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
> ['ClamAV-clamscan', 'clamscan',
> "--stdout --disable-summary -r --tempdir=$TEMPBASE {}",
> [0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
>
> ### http://www.f-prot.com/ - backs up F-Prot Daemon
> ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
> '-dumb -archive -packed {}', [0,8], [3,6],
> qr/Infection: (.+)/ ],
>
> ### http://www.trendmicro.com/ - backs up Trophie
> ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'],
> '-za -a {}', [0], qr/Found virus/, qr/Found virus (.+) in/ ],
>
> ### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD
> ['drweb - DrWeb Antivirus',
> ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'],
> '-path={} -al -go -ot -cn -upn -ok-',
> [0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'],
>
> ['KasperskyLab kavscanner', ['/opt/kav/bin/kavscanner','kavscanner'],
> '-i1 -xp {}', [0,10,15], [5,20,21,25],
> qr/(?:CURED|INFECTED|CUREFAILED|WARNING|SUSPICION) (.*)/ ,
> sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"},
> sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
> ],
>
> # Commented out because the name 'sweep' clashes with Debian and FreeBSD
> # package/port of an audio editor. Make sure the correct 'sweep' is found
> # in the path when enabling.
> #
> # ### http://www.sophos.com/ - backs up Sophie or SAVI-Perl
> # ['Sophos Anti Virus (sweep)', 'sweep',
> # '-nb -f -all -rec -ss -sc -archive -cab -tnef --no-reset-atime {}',
> # [0,2], qr/Virus .*? found/,
> # qr/^>>> Virus(?: fragment)? '?(.*?)'? found/,
> # ],
> # # other options to consider: -mime -oe -idedir=/usr/local/sav
>
> # always succeeds (uncomment to consider mail clean if all other
> scanners fail)
> # ['always-clean', sub {0}],
>
> );
>
>
> 1; # ensure a defined return
> use strict;
>
> # You can modify this file to re-enable SPAM checking through spamassassin
> # and to re-enable antivirus checking.
>
> #
> # Default antivirus checking mode
> # Uncomment the two lines below to enable it back
> #
>
> @bypass_virus_checks_maps = (
> \%bypass_virus_checks, \@bypass_virus_checks_acl,
> \$bypass_virus_checks_re);
>
>
> #
> # Default SPAM checking mode
> # Uncomment the two lines below to enable it back
> #
>
> @bypass_spam_checks_maps = (
> \%bypass_spam_checks, \@bypass_spam_checks_acl,
> \$bypass_spam_checks_re);
>
> 1; # insure a defined return
> use strict;
>
> # ADMINSTRATORS:
> # Debian suggests that any changes you need to do that should never
> # be "updated" by the Debian package should be made in another file,
> # overriding the settings in this file.
> #
> # The package will *not* overwrite your settings, but by keeping
> # them separate, you will make the task of merging changes on these
> # configuration files much simpler...
>
> # see /usr/share/doc/amavisd-new/examples/amavisd.conf-default for
> # a list of all variables with their defaults;
> # see /usr/share/doc/amavisd-new/examples/amavisd.conf-sample for
> # a traditional-style commented file
> # [note: the above files were not converted to Debian settings!]
> #
> # for more details see documentation in /usr/share/doc/amavisd-new
> # and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html
>
> $QUARANTINEDIR = "/var/lib/amavis/virusmails";
>
> $log_recip_templ = undef; # disable by-recipient level-0 log entries
> $DO_SYSLOG = 1; # log via syslogd (preferred)
> $syslog_ident = 'amavis'; # syslog ident tag, prepended to all messages
> $syslog_facility = 'mail';
> $syslog_priority = 'info'; # switch to info to drop debug output, etc
>
> $enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP
> and nanny)
> $enable_global_cache = 1; # enable use of libdb-based cache if
> $enable_db=1
>
> $inet_socket_port = 10024; # default listenting socket
>
> $sa_spam_subject_tag = '***SPAM*** ';
> $sa_tag_level_deflt = -999; # add spam info headers if at, or above
> that level
> $sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
> $sa_kill_level_deflt = 6.31; # triggers spam evasive actions
> $sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
>
> $sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail
> is larger
> $sa_local_tests_only = 0; # only tests which do not require
> internet access?
>
> # Quota limits to avoid bombs (like 42.zip)
>
> $MAXLEVELS = 14;
> $MAXFILES = 1500;
> $MIN_EXPANSION_QUOTA = 100*1024; # bytes
> $MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes
>
> # You should:
> # Use D_DISCARD to discard data (viruses)
> # Use D_BOUNCE to generate local bounces by amavisd-new
> # Use D_REJECT to generate local or remote bounces by the calling MTA
> # Use D_PASS to deliver the message
> #
> # Whatever you do, *NEVER* use D_REJECT if you have other MTAs
> *forwarding*
> # mail to your account. Use D_BOUNCE instead, otherwise you are
> delegating
> # the bounce work to your friendly forwarders, which might not like it
> at all.
> #
> # On dual-MTA setups, one can often D_REJECT, as this just makes your own
> # MTA generate the bounce message. Test it first.
> #
> # Bouncing viruses is stupid, always discard them after you are sure
> the AV
> # is working correctly. Bouncing real SPAM is also useless, if you cannot
> # D_REJECT it (and don't D_REJECT mail coming from your forwarders!).
>
> $final_virus_destiny = D_REJECT; # (data not lost, see virus
> quarantine)
> $final_banned_destiny = D_REJECT; # D_REJECT when front-end MTA
> $final_spam_destiny = D_REJECT;
> $final_bad_header_destiny = D_PASS; # False-positive prone (for spam)
>
> $virus_admin = "postmaster\@$mydomain"; # due to D_DISCARD default
>
> # Leave empty (undef) to add no header
> $X_HEADER_LINE = "Debian $myproduct_name at $mydomain";
>
> # REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER
> ASSIGNMENTS
>
> #
> # DO NOT SEND VIRUS NOTIFICATIONS TO OUTSIDE OF YOUR DOMAIN. EVER.
> #
> # These days, almost all viruses fake the envelope sender and mail
> headers.
> # Therefore, "virus notifications" became nothing but undesired,
> aggravating
> # SPAM. This holds true even inside one's domain. We disable them all by
> # default, except for the EICAR test pattern.
> #
>
> @viruses_that_fake_sender_maps = (new_RE(
> [qr'\bEICAR\b'i => 0], # av test pattern name
> [qr/.*/ => 1], # true for everything else
> ));
>
> @keep_decoded_original_maps = (new_RE(
> # qr'^MAIL$', # retain full original message for virus checking (can
> be slow)
> qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains
> undecipherables
> qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
> # qr'^Zip archive data', # don't trust Archive::Zip
> ));
>
>
> # for $banned_namepath_re, a new-style of banned table, see
> amavisd.conf-sample
>
> $banned_filename_re = new_RE(
> # qr'^UNDECIPHERABLE$', # is or contains any undecipherable components
>
> # block certain double extensions anywhere in the base name
> qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
>
> qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Windows Class
> ID CLSID, strict
>
> qr'^application/x-msdownload$'i, # block these MIME
> types
> qr'^application/x-msdos-program$'i,
> qr'^application/hta$'i,
>
> # qr'^application/x-msmetafile$'i, # Windows Metafile MIME type
> # qr'^\.wmf$', # Windows Metafile file(1) type
>
> # qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME
> types
>
> # [ qr'^\.(Z|gz|bz2)$' => 0 ], # allow any in Unix-compressed
> # [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type
> archives
> # [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives
>
> qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
> # qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
> # inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|
> # ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
> # wmf|wsc|wsf|wsh)$'ix, # banned ext - long
>
> # qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip
> vulnerab.
>
> qr'^\.(exe-ms)$', # banned file(1) types
> # qr'^\.(exe|lha|tnef|cab|dll)$', # banned file(1) types
> );
> # See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
> # and http://www.cknow.com/vtutor/vtextensions.htm
>
>
> # ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING
>
> @score_sender_maps = ({ # a by-recipient hash lookup table,
> # results from all matching recipient tables
> are summed
>
> # ## per-recipient personal tables (NOTE: positive: black, negative:
> white)
> # 'user1 at example.com' => [{'bla-mobile.press at example.com' => 10.0}],
> # 'user3 at example.com' => [{'.ebay.com' => -3.0}],
> # 'user4 at example.com' => [{'cleargreen at cleargreen.com' => -7.0,
> # '.cleargreen.com' => -5.0}],
>
> ## site-wide opinions about senders (the '.' matches any recipient)
> '.' => [ # the _first_ matching sender determines the score boost
>
> new_RE( # regexp-type lookup table, just happens to be all
> soft-blacklist
> [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i
> => 5.0],
>
> [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
>
> [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
> [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i
> => 5.0],
> [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i
> => 5.0],
> [qr'^(your_friend|greatoffers)@'i
> => 5.0],
> [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i
> => 5.0],
> [qr'^(leo|sam)@'i => -50],
> ),
>
> # read_hash("/var/amavis/sender_scores_sitewide"),
>
> { # a hash-type lookup table (associative array)
> 'nobody at cert.org' => -3.0,
> 'cert-advisory at us-cert.gov' => -3.0,
> 'owner-alert at iss.net' => -3.0,
> 'slashdot at slashdot.org' => -3.0,
> 'securityfocus.com' => -3.0,
> 'ntbugtraq at listserv.ntbugtraq.com' => -3.0,
> 'security-alerts at linuxsecurity.com' => -3.0,
> 'mailman-announce-admin at python.org' => -3.0,
> 'amavis-user-admin at lists.sourceforge.net'=> -3.0,
> 'amavis-user-bounces at lists.sourceforge.net' => -3.0,
> 'spamassassin.apache.org' => -3.0,
> 'notification-return at lists.sophos.com' => -3.0,
> 'leo.unglaub at gmx.at' => -30,
> 'owner-postfix-users at postfix.org' => -3.0,
> 'owner-postfix-announce at postfix.org' => -3.0,
> 'owner-sendmail-announce at lists.sendmail.org' => -3.0,
> 'sendmail-announce-request at lists.sendmail.org' => -3.0,
> 'donotreply at sendmail.org' => -3.0,
> 'ca+envelope at sendmail.org' => -3.0,
> 'noreply at freshmeat.net' => -3.0,
> 'owner-technews at postel.acm.org' => -3.0,
> 'ietf-123-owner at loki.ietf.org' => -3.0,
> 'cvs-commits-list-admin at gnome.org' => -3.0,
> 'rt-users-admin at lists.fsck.com' => -3.0,
> 'clp-request at comp.nus.edu.sg' => -3.0,
> 'surveys-errors at lists.nua.ie' => -3.0,
> 'emailnews at genomeweb.com' => -5.0,
> 'yahoo-dev-null at yahoo-inc.com' => -3.0,
> 'returns.groups.yahoo.com' => -3.0,
> 'clusternews at linuxnetworx.com' => -3.0,
> lc('lvs-users-admin at LinuxVirtualServer.org') => -3.0,
> lc('owner-textbreakingnews at CNNIMAIL12.CNN.COM') => -5.0,
>
> # soft-blacklisting (positive score)
> 'sender at example.net' => 3.0,
> '.example.net' => 1.0,
>
> },
> ], # end of site-wide tables
> });
>
> 1; # insure a defined return
> use strict;
>
> ##
> ## Functionality required for amavis helpers like
> ## amavis-release.
> ##
>
> # Enable required AM.PDP protocol socket.
> #
> # this is incompatible with the old helpers, but one can
> # have multiple inet (not unix) sockets to overcome this
> # issue. Refer to the amavisd-new documentation for more
> # information
>
> $unix_socketname = "/var/lib/amavis/amavisd.sock";
>
> $interface_policy{'SOCK'} = 'AM.PDP-SOCK';
> $policy_bank{'AM.PDP-SOCK'} = {
> protocol => 'AM.PDP',
> auth_required_release => 0, # don't require secret-id for release
> };
>
> 1; # ensure a defined return
> use strict;
>
> # l10n (localization) of the AMaViSd-new DSN templates
> # Override or change as necessary
>
> # Select notifications text encoding when Unicode-aware Perl is converting
> # text from internal character representation to external encoding
> (charset
> # in MIME terminology). Used as argument to Perl Encode::encode
> subroutine.
> #
> # to be used in RFC 2047-encoded header field bodies, e.g. in Subject:
> #$hdr_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
> #
> # to be used in notification body text: its encoding and
> Content-type.charset
> #$bdy_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
>
> # Default template texts for notifications may be overruled by directly
> # assigning new text to template variables, or by reading template text
> # from files. A second argument may be specified in a call to read_text(),
> # specifying character encoding layer to be used when reading from the
> # external file, e.g. 'utf8', 'iso-8859-1', or often just $bdy_encoding.
> # Text will be converted to internal character representation by Perl
> 5.8.0
> # or later; second argument is ignored otherwise. See PerlIO::encoding,
> # Encode::PerlIO and perluniintro man pages.
> #
> # $notify_sender_templ = read_text('/var/amavis/notify_sender.txt');
> # $notify_virus_sender_templ=
> read_text('/var/amavis/notify_virus_sender.txt');
> # $notify_virus_admin_templ =
> read_text('/var/amavis/notify_virus_admin.txt');
> # $notify_virus_recips_templ=
> read_text('/var/amavis/notify_virus_recips.txt');
> # $notify_spam_sender_templ =
> read_text('/var/amavis/notify_spam_sender.txt');
> # $notify_spam_admin_templ =
> read_text('/var/amavis/notify_spam_admin.txt');
>
> # If notification template files are collectively available in some
> directory,
> # you can use read_l10n_templates which calls read_text for each known
> # template. Name the files as above, and include a file named
> "charset" with
> # the charset used in the files. This is how Debian ships l10n templates.
> #
> # syntax: read_l10n_templates(<directory>); OR
> # read_l10n_templates(<subdirectory>, <master directory>);
> #
> read_l10n_templates('en_US', '/etc/amavis');
>
> 1; # ensure a defined return
> use strict;
>
> #
> # Place your configuration directives here. They will override those in
> # earlier files.
> #
> # See /usr/share/doc/amavisd-new/ for documentation and examples of
> # the directives you can use in this file
> #
>
> $virus_quarantine_to = undef;
> $banned_quarantine_to = undef;
> $spam_quarantine_to = undef;
> $bad_header_quarantine_to = undef;
>
>
> #------------ Do not modify anything below this line -------------
> 1; # ensure a defined return
Vielen Dank im Voraus.
Viele Grüße
Leo
Mehr Informationen über die Mailingliste Postfixbuch-users