> One thing that I can do after I have separated traffic originating > inside my network, from the other traffic passing through my mail > gateway, is to stop to analyse that traffic agaist viruses. > > Indeed, I then realized that I would like to continue to scan email > originating from my network and destined still to my network. > > A policy compliant with the my aim could be to omit virus scanning > for outbound messages.
|> The idea is to present a bypass_virus_checks='N' for all local |> domains, and provide a default of a yes for the rest (either by |> an SQL record or by a statical default). > So, > > $sql_clause{'sel_policy'} = \$sql_select_policy; This assignment isn't necesary in a config file, it is already done at amavisd initialization time. > $sql_select_policy = "select policy.virus_lover as virus_lover from > (SELECT 1 as virus_lover, domain FROM domain where active=1 and domain > in (%k)) as policy left join domain on (policy.domain=domain.domain)"; > > Could be ok? > > PS: The query returns: > +-------------+ > | virus_lover | > +-------------+ > | 1 | > +-------------+ > If domain is local and > > +-------------+ > | virus_lover | > +-------------+ > Otherwise. Don't you want just the opposite? You said you wanted all outbound mail to pass without virus checking, which means your local domains (inbound or internal-to-internal mail) need a virus_lover false, and everybody else (outbound) needs a true, |> Also table names do not matter. > $sql_select_policy = "select policy.virus_lover as virus_lover from As mentioned, table names in the final result do not matter (DBI module strips them off, returning only bare field names), so the above AS alias is unnecessary, a "SELECT virus_lover FROM ..." suffices. So now we have a: SELECT virus_lover FROM ( SELECT 0 as virus_lover, domain FROM domain WHERE active=1 AND domain IN (%k) ) AS policy LEFT JOIN domain ON (policy.domain=domain.domain) As you are not interested in other fields being returned, I don't see a need for a LEFT JOIN domain. It appears to me that a simple select would do the job as well: SELECT 0 as virus_lover FROM domain WHERE active=1 AND domain IN (%k) Now what is still needed is to return a true for a virus_lover for everybody else. It could be done by a SQL (a wildcard record for a domain '@.'), but in this particular case it is simpler to do without a catchall record and just use a statical lookup table as a fallback, e.g. push(@virus_lovers_maps, 1); or the old style, if you prefer: %virus_lovers = ('.' => 1); Btw, I assume your SQL table 'domain' really contains only domain names and not also some individual full email addresses, as otherwise you'd need to introduce a priority filed and sort on it. Make sure to have the $sql_lookups_no_at_means_domain set correctly: release notes: - added global configuration variables $sql_lookups_no_at_means_domain and $ldap_lookups_no_at_means_domain, both false by default. They control whether a database mail address field with no '@' character represents a local username, or a domain name. By default (value false) it indicates a username in SQL and LDAP lookups (but represents a domain in hash and acl lookups), so domain names in SQL and LDAP should be specified as '@domain'. Setting these to true will cause 'xxx' to be interpreted as a domain name, just like in hash or acl lookups, which may facilitate interoperability with databases from other applications; Set it to true: $sql_lookups_no_at_means_domain = 1; if your domains in SQL table look like 'example.com' or '.example.com'. Set it to false (or leave at a default), if your domains in SQL table look like '@example.com' or '@.example.com'. Mark ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/