Am Donnerstag, 3. Juli 2003 13:39 schrieb Giuseppe Ghibò:
Martin Fahrendorf ha scritto:
Am Donnerstag, 3. Juli 2003 08:18 schrieb Michael Scherer:
So you have to start a process for every single massage. That is wat I want to avoid. It is no problem while you are receiving only few messages per hour. But else, the overhead is to much. A daemon talking smtp is prefered (and that is waht amavisd-new does).
But, IIRC, amavis forks a new spamassasin in the backgroung for each message, so, this is almost the same ?
No, amavisd-new runs as a daemon and is written in perl. It loads the Mail::Spamassassin perl module at starttime. No external process is started (besides the virus scanner not speaking smtp).
Martin
I've currently packaged that here:
http://peoples.mandrakesoft.com/~ghibo/amavisd-new-0.20030616-1mdk.src.rpm
looks nice. I will it test tomorrow.
But, before posting to contrib, I'm currently trying to find how to modify amavisd.conf so that:
- local "recipient" users is warned about receiving virus mail (with virus ID) - sender is warned about sending a mail with virus, but only if sender is relaying from LAN (it's a nonsense to warn non-local sender because 99.9% in case of virus, the sender is fake).
There is a flag called warnvirusrecip. But this will warn all recipients
That's bad, because remote user shouldn't be warned because generally address are FAKE, so you'll send the mail to the wrong person, or you'll have the queue full of non deliverable mails. Plain amavis-0.3.12 (in contrib) can do this, simply placing the localdomain into /etc/amavis-localdomains.conf.
regardless of local user or not. So the easyest way is to use different mailserver for sending out and receiving in.
Why a different mail server? One needs that the mail Sent containing a virus should be blocked, but the LAN sender should be warned that he was sending a virus...; Indeed this should be done in a more powerful way because generally if the Sender takes a virus (like SoBig,BugBear, etc.), generally it would fake addresses even if coming from LAN. So an effective way for doing this would a double checking:
a) Send Warning Mail to Sender address only if the address is in the local domain (at most this will warn wrong user but not to wrong domain)
b) Have a MAP between client IP addresses and client mail, so to warn the right user.
Maybe this could be a feature request for Amavis-new authors...
- let spam pass to users (but with X-Spam-Status) and at the same time collect all the recognized spam to a repository for further bayes learning.
Tis is done by default if you configure final_spam_destiny as D_PASS. every spam mail over the sa_kill_level_deflt value will be copied to /var/spool/amavisd/viruses
Yes, but for viruses the Warning messages doesn't contain the ID of the file, like it happens in amavis-0.3.12.
Bye. Giuseppe.
