Is there a way to configure amavisd to completely ignore X-Spam-* headers that may have previously been applied by an earlier pass through amavisd on a different host? I realize that this could be a Very Bad Thing, but here's my problem:
We send mail to several customer domains across private connections that do not traverse the internet. For various security reasons, many of these customers require dedicated relays for their mail. The problem lies with one of those private networks (actually several of them, but we'll focus on one.) Let's call it bar.com. All outbound mail from our domain (foo.com) is delivered to bar.com via a private connection, and some of the inbound mail from bar.com is returned via the same path. No problem there. But some divisions within the super maga corp bar.com don't route outbound mail back across this private line... they route mail across the internet. In accordance with the agreements made with some divisions of bar.com, our outbound mail to their domain may not traverse any internet-connected relay. This is only an issue with respect to amavis' penpal support. Inbound replies sent in response to messages that went out across the private line do not benefit from the penpal score reduction because the original messages were never seen and logged by the internet-facing relays. We use sql logging, so my solution is to insert a dummy amavisd on one of the common internal mail exchanger hosts and log all traffic to a common database. This dummy amavisd has the virus scanners and spamassassin disabled, but it's destroying the X-Spam headers for inbound internet-originated mail that was scanned on its way in by our internet-facing amavisd/SA machines. The original headers are replaced with this: X-Spam-Flag: NO X-Spam-Score: 0 X-Spam-Level: X-Spam-Status: No, score=x tests=[] The dummy amavisd appears to be inserting these header lines even if they don't already exist. The penpal feature is very important to us because this particular customer domain is very commonly forged by spammers and the contents of their legitimate communications are very sensitive to spam filters (their messages are often quite spam-like.) So, how can I get amavisd to leave pre-existing X-Spam headers alone AND not insert them if they don't already exist? Basically, to completely ignore these headers. Here are what I believe are the relevant portions of the amavisd.conf file on the dummy server: @bypass_virus_checks_maps = (1); @bypass_spam_checks_maps = (1); $bypass_decode_parts = 1; $mydomain = 'foo.com'; @local_domains_maps = ( ['.foo.com'] ); @mynetworks = qw( 127.0.0.0/8 192.168.2.0/23 192.168.4.0/24 ); $sa_tag_level_deflt = undef; $sa_tag2_level_deflt = undef; $sa_kill_level_deflt = undef; $sa_dsn_cutoff_level = undef; $sa_crediblefrom_dsn_cutoff_level = undef $final_spam_destiny = D_PASS; I've also tried arbitrarily high values (1000) for the various sa_tag settings with no effect. Blanking @mynetworks also had no effect. SpamAssassin isn't even installed on the machine with the dummy amavisd. We're using amavisd-new 2.6.0pre1. Any thoughts? I could probably do what I want by hacking on the amavisd script itself, but I'd rather not do that if I don't have to. On an unrelated note, has anyone thought of using the penpals feature to check inbound NDRs for a corresponding outbound message? If the message ID contained within the inbound NDR doesn't match a valid message ID from the apparent sender, such messages could be dropped. Parsing the inbound NDR for the message ID might be difficult, but I don't think that it would be impossible. This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
