Ian,
> > Yes, by-recipients setting is available:
> > @bypass_header_checks_maps = ( list of lookup tables as usual );
>
> So the lookup table is simply regex matched?
If you use a regexp-type of a lookup table, then yes.
All types of availabe lookups are explainded in README.lookups .
> I.E. I could even do something like:
>
> @bypass_header_checks_maps = ( { "\.com" => 1 } );
> or
> @bypass_header_checks_maps = ( { "\.(com|edu)" => 1 } );
You are showing a hash-type lookup, and hash doesn't do regexp.
But for the above simple cases you don't need regexp-type lookup,
a simple hash-type or a list-type (acl) lookup table would do.
The following are all equivalent:
@bypass_header_checks_maps = ( { ".com" => 1, ".edu" => 1 } ); # hash
@bypass_header_checks_maps = ( [ ".com", ".edu" ] ); # list (acl)
@bypass_header_checks_maps = ( [ qw(.com .edu) );
@bypass_header_checks_maps = ( new_RE( qr(\.(com|edu)$) )); # regexp
The last one is the trickiest to get right (quoting dots, anchoring,
not not allowing another @ in domain name, case sensitivity, ...)
the slowest, and the most rarely needed.
More examples in amavisd.conf-sample .
> > Archival quarantine works independently of mail content type:
>
> okay, another non-intuitive thing happening again. I've got settings
> that tell amavisd not to quarantine here:
> $sa_quarantine_cutoff_level = 10;
The $sa_quarantine_cutoff_level setting tells not to quarantine SPAM
to a SPAM quarantine if its score level is above the specified score.
It has no effect on any other quarantine type.
> yet it will still be quarantined, because there is more than one
> quarantine or because there is more than one content type?
The purpose or archival quarantine is to quarantine everything.
If you want to be more selective, pick other quarantine types.
As already quoted:
This archive is independent from other quarantining, i.e. if
spam quarantining and archival quarantining are both enabled,
two copies will be stored to quarantine.
Archive quarantine is somewhat special in that it works independently
and in addition to other quarantining, as stated.
Other quarantine types are chosen according to a category of mail
content, and there is only one final verdict on a mail content
category (therefore only one quarantine type chosen, besides archival
quarantine), in the following priority:
CC_VIRUS
CC_BANNED
CC_UNCHECKED
CC_SPAM # kill_level
CC_SPAMMY # tag2_level (and: tag3_level = "CC_SPAMMY,1")
CC_BADH
CC_OVERSIZED
CC_MTA # trouble passing mail back to MTA
CC_CLEAN # tag_level = "CC_CLEAN,1"
CC_CATCHALL
Actually it is slightly more complicated for multi-recipient mail,
but the above should do for a general understanding.
For full control there are two general settings:
$quarantine_method_by_ccat and $quarantine_to_maps_by_ccat,
if unusual need arises. RELEASE_NOTES tells more on _by_ccat
and content categories concept, although it is rarelly necessary
to modify these defaults.
Here are some further details:
amavisd-new-2.5.0 release notes
- added a new concept of a 'blocking contents category', which in most cases
corresponds to a familiar 'main contents category' (the highest ranking
category of contents pertaining to a message, e.g. virus, blocked, spam,
spammy, bad header ...). The difference between the two arises when
recipients are declared to be 'lovers' of some higher-ranking contents,
or when a higher ranking contents category has its *_destiny set to D_PASS.
For example: a message contains a banned part, but is also spam
and may even have a bad header. Its contents categories are (simplified):
CC_BANNED, CC_SPAM and CC_BADH, in this order. The main contents
category of a message is CC_BANNED, which usually is also a reason
for blocking a message, yielding a blocking ccat to also be CC_BANNED.
But if some recipient is banned_files_lover (or if $final_banned_destiny
is set to D_PASS), then the main ccat remains to be CC_BANNED, but the
blocking ccat is CC_SPAM, i.e. the next in the list which is responsible
for actually blocking the mail. If recipient would also be a spam lover,
the blocking ccat might be CC_BADH (if $final_bad_header_destiny were
not D_PASS);
If a message is not being blocked, the 'blocking contents category'
(i.e. a blocking_ccat attribute of a per-message or a per-recipient object)
remains empty (undefined). For convenience some internal routines
and some new macros fall back to showing the main contents category
in this case.
Almost all processing decisions, DSN, notification assembling, quarantining,
logging etc. is now based on 'blocking contents category' when a message
is being blocked, and on 'main contents category' (as before) when a
message is not being blocked.
There is a new macro 'ccat' which is useful in notification and logging
templates, which can query the blocking contents category, as well
as a main contents category. It provides access to information that
was formerly available through macros ccat_maj, ccat_min, ccat_name,
plus access to additional information. Macros ccat_maj, ccat_min and
ccat_name are still available, but their use is deprecated, as their
functionality has been incorporated into the new macro 'ccat'.
Macro 'ccat' takes two optional fixed-string arguments, which are
interpreted case-insensitively. In their absence it expands to a
string "(maj,min)" which shows a major and a minor contents category
number of a blocking ccat for a blocked message, and of a main contents
category for a passed message.
[...]
> Note that what shows up in the sql DB is not addressed
> to "[EMAIL PROTECTED]".
You mean the SQL logging, like:
select quar_loc from msgs where mail_id='nZodEgK55xCd';
-->
spam/n/nZodEgK55xCd.gz
?
To reduce clutter, I left out the quarantine location from SQL and
the log when quarantine method is smtp: or lmtp:, as in your case.
I'll put it back with the next version for consistency, so you will
see in the log:
(67201-05-4) Blocked SPAM, [...] [...] <...> -> <...>,
quarantine: [EMAIL PROTECTED], spam/s/ss1DM3Kb-sYE.gz,
Message-ID: ..., mail_id: ...
The patch to 2.5.2 is trivial, if you need it immediately:
--- amavisd.orig Mon Sep 10 02:02:39 2007
+++ amavisd Fri Sep 21 11:47:25 2007
@@ -14945,4 +14945,5 @@
$r->recip_remote_mta_smtp_response($smtp_resp);
$r->recip_smtp_response($smtp_resp); $r->recip_done(2);
+ $r->recip_mbxname($r->recip_final_addr) if $smtp_resp =~ /^2/;
}
if ($first) { # fetch an uncollected response
@@ -15041,4 +15042,5 @@
if (!$r->recip_done) { # mark it as done
$r->recip_smtp_response($smtp_response); $r->recip_done(2);
+ $r->recip_mbxname($r->recip_final_addr) if $smtp_response =~ /^2/;
} elsif ($any_valid_recips_and_data_sent
&& $r->recip_smtp_response =~ /^452/) {
Also note, as quoted in my previous mail:
Note that logging to SQL has only one field to store quarantine location,
so in case of multiple quarantine locations only the first is remembered.
The usual logging however reports all quarantine locations with the main
log entry.
> That is set like this:
> $archive_quarantine_to = "[EMAIL PROTECTED]";
> $archive_quarantine_method = 'smtp:[127.0.0.1]:10025';
>
> Which I assume the method to mean NOT to use sql.
Are you referring to SQL logging or to SQL quarantining here?
You may do quarantining to SQL is you like, just as with any
quarantine type:
$archive_quarantine_method = 'sql:';
or just for clean mail:
$clean_quarantine_method = 'sql:';
Mark
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
