<html>
<head>
<meta content="text/html; charset=ISO-8859-15"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Am 03.11.2011 12:28, schrieb Florian Kaiser:
<blockquote cite="mid:16CF8F36E05548E6A76D8BF9410ED077@florian"
type="cite">
Wenn Du warn_offsite = 0 hast - denkt Amavis dann vielleicht, dass
Du ein
"local" sender bist? Denn dann werden die Reports afaik immer
verschickt.
Poste mal bitte deine vollständige 50-user.conf (oder wo auch
immer Deine
amavisd-new-Konfiguration ist).
Grüße
Florian
</blockquote>
<font size="-1"><tt><br>
<br>
Ich habe mal die einzelnen Configfiles zusammengefasst und die
Kommentare entfernt:<br>
<br>
use strict;<br>
<br>
$ENV{PATH} = $path =
'/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';<br>
$file = 'file';<br>
$gzip = 'gzip';<br>
$bzip2 = 'bzip2';<br>
$lzop = 'lzop';<br>
$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];<br>
$cabextract = 'cabextract';<br>
$uncompress = ['uncompress', 'gzip -d', 'zcat'];<br>
#$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
#disabled (non-free, no security support)<br>
$unfreeze = undef; <br>
$arc = ['nomarch', 'arc'];<br>
$unarj = ['arj', 'unarj'];<br>
#$unrar = ['rar', 'unrar']; #disabled (non-free, no
security support)<br>
$unrar = undef; <br>
$zoo = 'zoo';<br>
#$lha = 'lha'; #disabled (non-free, no security support)<br>
$lha = undef;<br>
$pax = 'pax';<br>
$cpio = 'cpio';<br>
$ar = 'ar';<br>
$ripole = 'ripole';<br>
$dspam = 'dspam';<br>
<br>
1; # ensure a defined return<br>
use strict;<br>
<br>
chomp($mydomain = `head -n 1 /etc/mailname`);<br>
<br>
@local_domains_acl = ( ".$mydomain" );<br>
<br>
1; # ensure a defined return<br>
use strict;<br>
<br>
chomp($myhostname = `hostname --fqdn`);<br>
<br>
1; # ensure a defined return<br>
use strict;<br>
<br>
##<br>
## AV Scanners (Debian version)<br>
##<br>
<br>
@av_scanners = (<br>
<br>
<br>
### <a class="moz-txt-link-freetext" href="http://www.clamav.net/">http://www.clamav.net/</a><br>
['ClamAV-clamd',<br>
\&ask_daemon, ["CONTSCAN {}\n",
"/var/run/clamav/clamd.ctl"],<br>
qr/\bOK$/, qr/\bFOUND$/,<br>
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],<br>
# NOTE: remember to add the clamav user to the amavis group,
and<br>
# to properly set clamd to init supplementary groups<br>
# When running chrooted one may prefer: ["CONTSCAN
{}\n","$MYHOME/clamd"],<br>
<br>
# ### <a class="moz-txt-link-freetext" href="http://www.clamav.net/">http://www.clamav.net/</a> and CPAN (memory-hungry! clamd is
preferred)<br>
# ['Mail::ClamAV', \&ask_clamav, "*", [0], [1],
qr/^INFECTED: (.+)/],<br>
<br>
### example: fully-fledged checker for JPEG marker segments of
invalid length<br>
['check-jpeg',<br>
sub { use JpegTester ();
Amavis::AV::ask_av(\&JpegTester::test_jpeg, @_) },<br>
["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/ ],<br>
# NOTE: place file JpegTester.pm somewhere where Perl can find
it,<br>
# for example in /usr/local/lib/perl5/site_perl<br>
<br>
);<br>
<br>
<br>
@av_scanners_backup = (<br>
<br>
### <a class="moz-txt-link-freetext" href="http://www.clamav.net/">http://www.clamav.net/</a> - backs up clamd or Mail::ClamAV<br>
['ClamAV-clamscan', 'clamscan',<br>
"--stdout --disable-summary -r --tempdir=$TEMPBASE {}",<br>
[0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*)
FOUND$/ ],<br>
<br>
);<br>
<br>
<br>
1; # ensure a defined return<br>
use strict;<br>
<br>
@bypass_virus_checks_maps = (<br>
\%bypass_virus_checks, \@bypass_virus_checks_acl,
\$bypass_virus_checks_re);<br>
<br>
@bypass_spam_checks_maps = (<br>
\%bypass_spam_checks, \@bypass_spam_checks_acl,
\$bypass_spam_checks_re);<br>
<br>
1; # ensure a defined return<br>
use strict;<br>
<br>
<br>
$QUARANTINEDIR = "$MYHOME/virusmails";<br>
$quarantine_subdir_levels = 1; # enable quarantine dir hashing<br>
<br>
$log_recip_templ = undef; # disable by-recipient level-0 log
entries<br>
$DO_SYSLOG = 1; # log via syslogd (preferred)<br>
$syslog_ident = 'amavis'; # syslog ident tag, prepended to
all messages<br>
$syslog_facility = 'mail';<br>
$syslog_priority = 'info'; # switch to info to drop debug
output, etc<br>
<br>
$enable_db = 1; # enable use of BerkeleyDB/libdb
(SNMP and nanny)<br>
$enable_global_cache = 1; # enable use of libdb-based cache
if $enable_db=1<br>
<br>
$inet_socket_port = 10024; # default listening socket<br>
<br>
$sa_spam_subject_tag = '***SPAM*** ';<br>
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or
above that level<br>
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at
that level<br>
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions<br>
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is
not sent<br>
<br>
$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if
mail is larger<br>
$sa_local_tests_only = 0; # only tests which do not require
internet access?<br>
<br>
# Quota limits to avoid bombs (like 42.zip)<br>
<br>
$MAXLEVELS = 14;<br>
$MAXFILES = 1500;<br>
$MIN_EXPANSION_QUOTA = 100*1024; # bytes<br>
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes<br>
<br>
$final_virus_destiny = D_REJECT; # (data not lost, see
virus quarantine)<br>
$final_banned_destiny = D_REJECT; # D_REJECT when
front-end MTA<br>
$final_spam_destiny = D_REJECT;<br>
$final_bad_header_destiny = D_PASS; # False-positive prone
(for spam)<br>
<br>
$virus_admin = <a class="moz-txt-link-rfc2396E" href="mailto:server.beckett\@googlemail.com">"server.beckett\@googlemail.com"</a>; # due to
D_DISCARD default<br>
<br>
# Set to empty ("") to add no header<br>
$X_HEADER_LINE = "Debian $myproduct_name at $mydomain";<br>
<br>
@viruses_that_fake_sender_maps = (new_RE(<br>
[qr'\bEICAR\b'i => 0], # av test pattern name<br>
[qr/.*/ => 1], # true for everything else<br>
));<br>
<br>
@keep_decoded_original_maps = (new_RE(<br>
qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains
undecipherables<br>
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,<br>
<br>
));<br>
<br>
<br>
# for $banned_namepath_re, a new-style of banned table, see
amavisd.conf-sample<br>
<br>
$banned_filename_re = new_RE(<br>
<br>
# block certain double extensions anywhere in the base name<br>
qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,<br>
<br>
qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Windows
Class ID CLSID, strict<br>
<br>
qr'^application/x-msdownload$'i, # block
these MIME types<br>
qr'^application/x-msdos-program$'i,<br>
qr'^application/hta$'i,<br>
<br>
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension
- basic<br>
<br>
qr'^\.(exe-ms)$', # banned file(1) types<br>
);<br>
# See
<a class="moz-txt-link-freetext" href="http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631">http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631</a><br>
# and <a class="moz-txt-link-freetext" href="http://www.cknow.com/vtutor/vtextensions.htm">http://www.cknow.com/vtutor/vtextensions.htm</a><br>
<br>
<br>
# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING<br>
<br>
@score_sender_maps = ({ # a by-recipient hash lookup table,<br>
# results from all matching recipient
tables are summed<br>
<br>
## site-wide opinions about senders (the '.' matches any
recipient)<br>
'.' => [ # the _first_ matching sender determines the
score boost<br>
<br>
new_RE( # regexp-type lookup table, just happens to be all
soft-blacklist<br>
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i
=> 5.0],<br>
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=>
5.0],<br>
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=>
5.0],<br>
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i
=> 5.0],<br>
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i
=> 5.0],<br>
[qr'^(your_friend|greatoffers)@'i
=> 5.0],<br>
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i
=> 5.0],<br>
),<br>
<br>
# read_hash("/var/amavis/sender_scores_sitewide"),<br>
<br>
{ # a hash-type lookup table (associative array)<br>
'<a class="moz-txt-link-abbreviated" href="mailto:nobody@cert.org">nobody@cert.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:cert-advisory@us-cert.gov">cert-advisory@us-cert.gov</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:owner-alert@iss.net">owner-alert@iss.net</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:slashdot@slashdot.org">slashdot@slashdot.org</a>' => -3.0,<br>
'securityfocus.com' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:ntbugtraq@listserv.ntbugtraq.com">ntbugtraq@listserv.ntbugtraq.com</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:security-alerts@linuxsecurity.com">security-alerts@linuxsecurity.com</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:mailman-announce-admin@python.org">mailman-announce-admin@python.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:amavis-user-admin@lists.sourceforge.net">amavis-user-admin@lists.sourceforge.net</a>'=> -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:amavis-user-bounces@lists.sourceforge.net">amavis-user-bounces@lists.sourceforge.net</a>' => -3.0,<br>
'spamassassin.apache.org' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:notification-return@lists.sophos.com">notification-return@lists.sophos.com</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:owner-postfix-users@postfix.org">owner-postfix-users@postfix.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:owner-postfix-announce@postfix.org">owner-postfix-announce@postfix.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:owner-sendmail-announce@lists.sendmail.org">owner-sendmail-announce@lists.sendmail.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:sendmail-announce-request@lists.sendmail.org">sendmail-announce-request@lists.sendmail.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:donotreply@sendmail.org">donotreply@sendmail.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:ca+envelope@sendmail.org">ca+envelope@sendmail.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:noreply@freshmeat.net">noreply@freshmeat.net</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:owner-technews@postel.acm.org">owner-technews@postel.acm.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:ietf-123-owner@loki.ietf.org">ietf-123-owner@loki.ietf.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:cvs-commits-list-admin@gnome.org">cvs-commits-list-admin@gnome.org</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:rt-users-admin@lists.fsck.com">rt-users-admin@lists.fsck.com</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:clp-request@comp.nus.edu.sg">clp-request@comp.nus.edu.sg</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:surveys-errors@lists.nua.ie">surveys-errors@lists.nua.ie</a>' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:emailnews@genomeweb.com">emailnews@genomeweb.com</a>' => -5.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:yahoo-dev-null@yahoo-inc.com">yahoo-dev-null@yahoo-inc.com</a>' => -3.0,<br>
'returns.groups.yahoo.com' => -3.0,<br>
'<a class="moz-txt-link-abbreviated" href="mailto:clusternews@linuxnetworx.com">clusternews@linuxnetworx.com</a>' => -3.0,<br>
lc('<a class="moz-txt-link-abbreviated" href="mailto:lvs-users-admin@LinuxVirtualServer.org">lvs-users-admin@LinuxVirtualServer.org</a>') => -3.0,<br>
lc('<a class="moz-txt-link-abbreviated" href="mailto:owner-textbreakingnews@CNNIMAIL12.CNN.COM">owner-textbreakingnews@CNNIMAIL12.CNN.COM</a>') => -5.0,<br>
<br>
# soft-blacklisting (positive score)<br>
'<a class="moz-txt-link-abbreviated" href="mailto:sender@example.net">sender@example.net</a>' => 3.0,<br>
'.example.net' => 1.0,<br>
<br>
},<br>
], # end of site-wide tables<br>
});<br>
<br>
1; # ensure a defined return<br>
use strict;<br>
<br>
##<br>
## Functionality required for amavis helpers like<br>
## amavis-release.<br>
##<br>
<br>
$unix_socketname = "/var/lib/amavis/amavisd.sock";<br>
<br>
$interface_policy{'SOCK'} = 'AM.PDP-SOCK';<br>
$policy_bank{'AM.PDP-SOCK'} = {<br>
protocol => 'AM.PDP',<br>
auth_required_release => 0, # don't require secret-id for
release<br>
};<br>
<br>
1; # ensure a defined return<br>
<br>
use strict;<br>
<br>
#<br>
# Place your configuration directives here. They will override
those in<br>
# earlier files.<br>
#<br>
# See /usr/share/doc/amavisd-new/ for documentation and examples
of<br>
# the directives you can use in this file<br>
#<br>
<br>
$warnbadhrecip = 0;<br>
$warnbadhsender = 0;<br>
$warn_offsite = 0;<br>
$warnvirussender = 0;<br>
$warnvirusrecip = 0;<br>
$warnbannedrecip = 0;<br>
%warnsender_by_ccat = 0; <br>
<br>
#------------ Do not modify anything below this line
-------------<br>
1; # ensure a defined return<br>
<br>
<br>
</tt></font>
</body>
</html>