Ian, > > Yes, by-recipients setting is available: > > @bypass_header_checks_maps = ( list of lookup tables as usual ); > > So the lookup table is simply regex matched?
If you use a regexp-type of a lookup table, then yes. All types of availabe lookups are explainded in README.lookups . > I.E. I could even do something like: > > @bypass_header_checks_maps = ( { "\.com" => 1 } ); > or > @bypass_header_checks_maps = ( { "\.(com|edu)" => 1 } ); You are showing a hash-type lookup, and hash doesn't do regexp. But for the above simple cases you don't need regexp-type lookup, a simple hash-type or a list-type (acl) lookup table would do. The following are all equivalent: @bypass_header_checks_maps = ( { ".com" => 1, ".edu" => 1 } ); # hash @bypass_header_checks_maps = ( [ ".com", ".edu" ] ); # list (acl) @bypass_header_checks_maps = ( [ qw(.com .edu) ); @bypass_header_checks_maps = ( new_RE( qr(\.(com|edu)$) )); # regexp The last one is the trickiest to get right (quoting dots, anchoring, not not allowing another @ in domain name, case sensitivity, ...) the slowest, and the most rarely needed. More examples in amavisd.conf-sample . > > Archival quarantine works independently of mail content type: > > okay, another non-intuitive thing happening again. I've got settings > that tell amavisd not to quarantine here: > $sa_quarantine_cutoff_level = 10; The $sa_quarantine_cutoff_level setting tells not to quarantine SPAM to a SPAM quarantine if its score level is above the specified score. It has no effect on any other quarantine type. > yet it will still be quarantined, because there is more than one > quarantine or because there is more than one content type? The purpose or archival quarantine is to quarantine everything. If you want to be more selective, pick other quarantine types. As already quoted: This archive is independent from other quarantining, i.e. if spam quarantining and archival quarantining are both enabled, two copies will be stored to quarantine. Archive quarantine is somewhat special in that it works independently and in addition to other quarantining, as stated. Other quarantine types are chosen according to a category of mail content, and there is only one final verdict on a mail content category (therefore only one quarantine type chosen, besides archival quarantine), in the following priority: CC_VIRUS CC_BANNED CC_UNCHECKED CC_SPAM # kill_level CC_SPAMMY # tag2_level (and: tag3_level = "CC_SPAMMY,1") CC_BADH CC_OVERSIZED CC_MTA # trouble passing mail back to MTA CC_CLEAN # tag_level = "CC_CLEAN,1" CC_CATCHALL Actually it is slightly more complicated for multi-recipient mail, but the above should do for a general understanding. For full control there are two general settings: $quarantine_method_by_ccat and $quarantine_to_maps_by_ccat, if unusual need arises. RELEASE_NOTES tells more on _by_ccat and content categories concept, although it is rarelly necessary to modify these defaults. Here are some further details: amavisd-new-2.5.0 release notes - added a new concept of a 'blocking contents category', which in most cases corresponds to a familiar 'main contents category' (the highest ranking category of contents pertaining to a message, e.g. virus, blocked, spam, spammy, bad header ...). The difference between the two arises when recipients are declared to be 'lovers' of some higher-ranking contents, or when a higher ranking contents category has its *_destiny set to D_PASS. For example: a message contains a banned part, but is also spam and may even have a bad header. Its contents categories are (simplified): CC_BANNED, CC_SPAM and CC_BADH, in this order. The main contents category of a message is CC_BANNED, which usually is also a reason for blocking a message, yielding a blocking ccat to also be CC_BANNED. But if some recipient is banned_files_lover (or if $final_banned_destiny is set to D_PASS), then the main ccat remains to be CC_BANNED, but the blocking ccat is CC_SPAM, i.e. the next in the list which is responsible for actually blocking the mail. If recipient would also be a spam lover, the blocking ccat might be CC_BADH (if $final_bad_header_destiny were not D_PASS); If a message is not being blocked, the 'blocking contents category' (i.e. a blocking_ccat attribute of a per-message or a per-recipient object) remains empty (undefined). For convenience some internal routines and some new macros fall back to showing the main contents category in this case. Almost all processing decisions, DSN, notification assembling, quarantining, logging etc. is now based on 'blocking contents category' when a message is being blocked, and on 'main contents category' (as before) when a message is not being blocked. There is a new macro 'ccat' which is useful in notification and logging templates, which can query the blocking contents category, as well as a main contents category. It provides access to information that was formerly available through macros ccat_maj, ccat_min, ccat_name, plus access to additional information. Macros ccat_maj, ccat_min and ccat_name are still available, but their use is deprecated, as their functionality has been incorporated into the new macro 'ccat'. Macro 'ccat' takes two optional fixed-string arguments, which are interpreted case-insensitively. In their absence it expands to a string "(maj,min)" which shows a major and a minor contents category number of a blocking ccat for a blocked message, and of a main contents category for a passed message. [...] > Note that what shows up in the sql DB is not addressed > to "[EMAIL PROTECTED]". You mean the SQL logging, like: select quar_loc from msgs where mail_id='nZodEgK55xCd'; --> spam/n/nZodEgK55xCd.gz ? To reduce clutter, I left out the quarantine location from SQL and the log when quarantine method is smtp: or lmtp:, as in your case. I'll put it back with the next version for consistency, so you will see in the log: (67201-05-4) Blocked SPAM, [...] [...] <...> -> <...>, quarantine: [EMAIL PROTECTED], spam/s/ss1DM3Kb-sYE.gz, Message-ID: ..., mail_id: ... The patch to 2.5.2 is trivial, if you need it immediately: --- amavisd.orig Mon Sep 10 02:02:39 2007 +++ amavisd Fri Sep 21 11:47:25 2007 @@ -14945,4 +14945,5 @@ $r->recip_remote_mta_smtp_response($smtp_resp); $r->recip_smtp_response($smtp_resp); $r->recip_done(2); + $r->recip_mbxname($r->recip_final_addr) if $smtp_resp =~ /^2/; } if ($first) { # fetch an uncollected response @@ -15041,4 +15042,5 @@ if (!$r->recip_done) { # mark it as done $r->recip_smtp_response($smtp_response); $r->recip_done(2); + $r->recip_mbxname($r->recip_final_addr) if $smtp_response =~ /^2/; } elsif ($any_valid_recips_and_data_sent && $r->recip_smtp_response =~ /^452/) { Also note, as quoted in my previous mail: Note that logging to SQL has only one field to store quarantine location, so in case of multiple quarantine locations only the first is remembered. The usual logging however reports all quarantine locations with the main log entry. > That is set like this: > $archive_quarantine_to = "[EMAIL PROTECTED]"; > $archive_quarantine_method = 'smtp:[127.0.0.1]:10025'; > > Which I assume the method to mean NOT to use sql. Are you referring to SQL logging or to SQL quarantining here? You may do quarantining to SQL is you like, just as with any quarantine type: $archive_quarantine_method = 'sql:'; or just for clean mail: $clean_quarantine_method = 'sql:'; Mark ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/