Hi everybody,
I´ve just installed Amavisd-new 2.3.3 in an RHEL 4.0 with
postfix-2.1.5-2.3.RHEL4.1 and NAI antivirus.
Without amavis, everything works ok.
I´ve followed de INSTALL file that comes with amavis, installing de perl
modules requirede, it starts ok.
Then I try it with:
# telnet 127.0.0.1 10024 // and get the follow.
Trying 127.0.0.1...
Connected to mail2.mg.trt.gov.br (127.0.0.1).
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
// Then I type the command ehlo and get the following:
250-[127.0.0.1]
250-PIPELINING
250-SIZE
250-8BITMIME
250-ENHANCEDSTATUSCODES
250 XFORWARD NAME ADDR PROTO HELO
// THEN I TYPE quit and the following message apears and do not disconnect..
locking the terminal.
221 2.0.0 [127.0.0.1] (amavisd-new) closing transmission channel
Below is the log sent to screen since I started amavis with some notes in
caps letter from myself
and after my amavisd.conf
====== AFTER AMAVIS START
[EMAIL PROTECTED] amavis]# /aplic/amavis/amavisd -c /etc/amavis/amavisd.conf
debug
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: starting.
/aplic/amavis/amavisd at mail2.mg.trt.gov.br
amavisd-new-2.3.3 (20050822), Unicode aware, LC_ALL=C, LANG=C
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: user=,
EUID: 0 (0); group=, EGID: 0 10 6 4 3 2 1 0 (0 10 6 4 3 2 1 0)
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Perl
version 5.008005
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Net::Server: 2006/03/14-11:34:58 Amavis (type
Net::Server::PreForkSimple) starting! pid(6654)
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Net::Server: Binding to TCP port 10024 on host 127.0.0.1
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Net::Server: Setting gid to "506 506"
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Net::Server: Setting uid to "506"
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Net::Server: Setting up serialization via flock
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Amavis::Conf 2.043
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Archive::Tar 1.29
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Archive::Zip 1.16
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
BerkeleyDB 0.27
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Compress::Zlib 1.41
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Convert::TNEF 0.17
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Convert::UUlib 1.06
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
MIME::Entity 5.419
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
MIME::Parser 5.419
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
MIME::Tools 5.419
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Mail::Header 1.74
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Mail::Internet 1.74
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Net::Cmd 2.26
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Net::SMTP 2.29
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Net::Server 0.91
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Time::HiRes 1.87
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Module
Unix::Syslog 0.99
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Amavis::DB
code loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Amavis::Cache code loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: SQL base
code NOT loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: SQL::Log
code NOT loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
SQL::Quarantine NOT loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Lookup::SQL
code NOT loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Lookup::LDAP code NOT loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: AM.PDP prot
code NOT loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: SMTP-in
prot code loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Courier
protocol code NOT loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: ANTI-VIRUS
code loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: ANTI-SPAM
code NOT loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Unpackers
code loaded
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found $file
at /usr/bin/file
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: No $dspam,
not using it
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Internal
decoder for .mail
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Internal
decoder for .asc
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Internal
decoder for .uue
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Internal
decoder for .hqx
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Internal
decoder for .ync
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: No decoder
for .F tried: unfreeze, freeze -d, melt, fcat
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
decoder for .Z at /usr/bin/gzip -d
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Internal
decoder for .gz
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
decoder for .gz at /usr/bin/gzip -d (backup, not used)
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
decoder for .bz2 at /usr/bin/bzip2 -d
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: No decoder
for .lzo tried: lzop -d
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
decoder for .rpm at /usr/bin/rpm2cpio
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
decoder for .cpio at /bin/tar
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
decoder for .tar at /bin/tar
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Internal
decoder for .tar (backup, not used)
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
decoder for .deb at /usr/bin/ar
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Internal
decoder for .zip
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: No decoder
for .rar tried: rar, unrar
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: No decoder
for .arj tried: arj, unarj
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: No decoder
for .arc tried: nomarch, arc
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: No decoder
for .zoo tried: zoo
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
decoder for .lha at /usr/bin/lha
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: No decoder
for .cab tried: cabextract
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: No decoder
for .tnef tried: tnef
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Internal
decoder for .tnef
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
decoder for .exe at /usr/bin/lha
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Found
primary av scanner NAI McAfee AntiVirus (uvscan) at
/usr/local/bin/uvscan
Mar 14 11:34:58 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]: Creating db
in /var/amavis/db/; BerkeleyDB 0.27, libdb 4.2
Mar 14 11:34:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Net::Server: Beginning prefork (2 processes)
Mar 14 11:34:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Net::Server: Starting "2" children
Mar 14 11:34:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]:
Net::Server: Child Preforked (6655)
Mar 14 11:34:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6656]:
Net::Server: Child Preforked (6656)
Mar 14 11:34:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6654]:
Net::Server: Parent ready for children.
Mar 14 11:34:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: TIMING
[total 9 ms] - bdb-open: 9 (100%)100, rundown: 0 (0%)100
Mar 14 11:34:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6656]: TIMING
[total 7 ms] - bdb-open: 7 (100%)100, rundown: 0 (0%)100
======= AFTER TELNET AND EHLO COMMAND
Mar 14 11:36:43 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]:
Net::Server: 2006/03/14-11:36:43 CONNECT TCP Peer: "127.0.0.1:34817"
Local: "127.0.0.1:10024"
Mar 14 11:36:43 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: loaded base
policy bank
Mar 14 11:36:43 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]:
lookup_ip_acl (inet_acl): key="127.0.0.1" matches "127.0.0.1", result=1
Mar 14 11:36:43 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]:
prolong_timer after new request - timer reset: remaining time = 480 s
Mar 14 11:36:43 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]:
process_request: suggested_protocol="" on TCP
Mar 14 11:36:43 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
SMTP> 220 [127.0.0.1] ESMTP amavisd-new service ready
Mar 14 11:36:43 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
idle_proc, 4: was busy, 7.5 ms, total idle 0.000 s, busy
0.008 s
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
idle_proc, 5: was idle, 13556.6 ms, total idle 13.557 s,
busy 0.008 s
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
prolong_timer after reading SMTP command: remaining time =
466 s
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
SMTP< ehlo\r\n
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
ESMTP> 250-[127.0.0.1]
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
ESMTP> 250-PIPELINING
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
ESMTP> 250-SIZE
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
ESMTP> 250-8BITMIME
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
ESMTP> 250-ENHANCEDSTATUSCODES
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
ESMTP> 250 XFORWARD NAME ADDR PROTO HELO
Mar 14 11:36:57 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
idle_proc, 6: was busy, 2.3 ms, total idle 13.557 s, busy
0.010 s
========= AFTER QUIT COMMAND
Mar 14 11:37:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
idle_proc, 5: was idle, 62688.2 ms, total idle 76.245 s,
busy 0.010 s
Mar 14 11:37:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
prolong_timer after reading SMTP command: remaining time =
403 s
Mar 14 11:37:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
ESMTP< QUIT\r\n
Mar 14 11:37:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
ESMTP> 221 2.0.0 [127.0.0.1] (amavisd-new) closing
transmission channel
Mar 14 11:37:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
post_process_request_hook: timer stopped
Mar 14 11:37:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
idle_proc, bye: was busy, 3.6 ms, total idle 76.245 s, busy
0.013 s
Mar 14 11:37:59 mail2.mg.trt.gov.br /aplic/amavis/amavisd[6655]: (06655-01)
load: 0 %, total idle 76.245 s, busy 0.013 s
===========
========== AMAVISD.CONF
use strict;
@bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code
$max_servers = 2; # number of pre-forked children (2..15 is
common)
$daemon_user = 'amavis'; # (no default; customary: vscan or amavis)
$daemon_group = 'amavis'; # (no default; customary: vscan or amavis)
$myhostname = 'mail2.mg.trt.gov.br';
$mydomain = 'mg.trt.gov.br'; # a convenient default for other settings
$MYHOME = '/var/amavis'; # a convenient default for other settings
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created
manually
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = '/var/virusmails';
$db_home = "$MYHOME/db";
$helpers_home = "$MYHOME/var"; # prefer $MYHOME clean and owned by root?
$pid_file = "$MYHOME/var/amavisd.pid";
$lock_file = "$MYHOME/var/amavisd.lock";
$smtpd_greeting_banner = '${helo-name} ${protocol} amavisd-new service
ready';
$smtpd_quit_banner = '${helo-name} (amavisd-new) closing transmission
channel';
@local_domains_maps = ( [".$mydomain"] );
@mynetworks = qw( 127.0.0.0/8 [::1] 10.0.0.0/8 201.x.x.x/x);
$log_level = 5; # verbosity 0..5
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and
nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if
$enable_db=1
$inet_socket_port = 10024; # listen on this local TCP port(s) (see
$protocol)
$inet_socket_bind = '127.0.0.1';
@inet_acl = qw(127.0.0.1 [::1]);
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that
level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is
larger
$sa_local_tests_only = 0; # only tests which do not require internet
access?
$sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant
# for SA 3.0, cf option is
'use_auto_whitelist')
$virus_admin = "[EMAIL PROTECTED]"; # notifications
recip.
$mailfrom_notify_admin = "[EMAIL PROTECTED]"; # notifications
sender
$mailfrom_notify_recip = "[EMAIL PROTECTED]"; # notifications
sender
$mailfrom_notify_spamadmin = "[EMAIL PROTECTED]"; # notifications
sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if
undef
@addr_extension_virus_maps = ('virus');
@addr_extension_spam_maps = ('spam');
@addr_extension_banned_maps = ('banned');
@addr_extension_bad_header_maps = ('badh');
$path =
'/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin:/aplic/dspam/bin:/aplic/amavis';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not
enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not
enforced)
$sa_spam_subject_tag = '[SPAM] ';
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter!
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
@viruses_that_fake_sender_maps = (new_RE(
[qr/^/ => 1], # true for everything else
));
@keep_decoded_original_maps = (new_RE(
qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains
undecipherables
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
# block certain double extensions anywhere in the base name
qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
qr'^\.(exe-ms)$', # banned file(1) types
);
@score_sender_maps = ({ # a by-recipient hash lookup table,
# results from all matching recipient tables are
summed
## site-wide opinions about senders (the '.' matches any recipient)
'.' => [ # the _first_ matching sender determines the score boost
new_RE( # regexp-type lookup table, just happens to be all
soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i =>
5.0],
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=>
5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=>
5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i =>
5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i =>
5.0],
[qr'^(your_friend|greatoffers)@'i =>
5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i =>
5.0],
),
{ # a hash-type lookup table (associative array)
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'bugtraq@securityfocus.com' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]'=> -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -5.0,
'[EMAIL PROTECTED]' => -3.0,
'returns.groups.yahoo.com' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
lc('[EMAIL PROTECTED]') => -3.0,
lc('[EMAIL PROTECTED]') => -5.0,
# soft-blacklisting (positive score)
'[EMAIL PROTECTED]' => 3.0,
'.example.net' => 1.0,
},
], # end of site-wide tables
});
@decoders = (
['mail', \&do_mime_decode],
['asc', \&do_ascii],
['uue', \&do_ascii],
['hqx', \&do_ascii],
['ync', \&do_ascii],
['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ],
['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ],
['gz', \&do_gunzip],
['gz', \&do_uncompress, 'gzip -d'],
['bz2', \&do_uncompress, 'bzip2 -d'],
['lzo', \&do_uncompress, 'lzop -d'],
['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ],
['cpio', \&do_pax_cpio, ['tar','pax','gcpio','cpio'] ],
['tar', \&do_pax_cpio, ['tar','pax','gcpio','cpio'] ],
['tar', \&do_tar],
['deb', \&do_ar, 'ar'],
['zip', \&do_unzip],
['rar', \&do_unrar, ['rar','unrar'] ],
['arj', \&do_unarj, ['arj','unarj'] ],
['arc', \&do_arc, ['nomarch','arc'] ],
['zoo', \&do_zoo, 'zoo'],
['lha', \&do_lha, 'lha'],
['cab', \&do_cabextract, 'cabextract'],
['tnef', \&do_tnef_ext, 'tnef'],
['tnef', \&do_tnef],
['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ],
);
@av_scanners = (
['NAI McAfee AntiVirus (uvscan)', 'uvscan',
'--secure -rv --mime --summary --noboot - {}', [0], [13],
qr/(?x) Found (?:
\ the\ (.+)\ (?:virus|trojan) |
\ (?:virus|trojan)\ or\ variant\ ([^ ]+) |
:\ (.+)\ NOT\ a\ virus)/,
# sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'},
# sub {delete $ENV{LD_PRELOAD}},
]
##### RETIREI , do fim da linha anterior
# NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6
before
# anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6
# and then clear it when finished to avoid confusing anything else.
# NOTE2: to treat encrypted files as viruses replace the [13] with:
# qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/
### http://www.virusbuster.hu/en/
);
@av_scanners_backup = (
### http://www.f-prot.com/ - backs up F-Prot Daemon
### http://www.trendmicro.com/ - backs up Trophie
### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD
);
1; # insure a defined return
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid0944&bid$1720&dat1642
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/