Stephen, > Following is an excerpt from my mail log when a virus is detected > by amavisd-new-2.7.0 and amavisd-milter-1.5.0. > What might be wrong with my config? [...] > $inet_socket_port = 10026; # listen on this local TCP port(s) > $notify_method = 'smtp:[127.0.0.1]:10026'; [...] > Feb 12 12:22:28 mustang amavis[9071]: (09071) Request: AM.PDP > /var/amavis/tmp/afq1C1qKLZ012522: > <[email protected]> -> <[email protected]> > Feb 12 12:22:28 mustang amavis[9071]: (09071) > Checking: cM4dH5-zzumM AM.PDP-SOCK [81.176.77.242] > <[email protected]> -> <[email protected]> [...] > Feb 12 12:22:28 mustang amavis[9070]: (09070-04) ESMTP::10026 > /var/amavis/tmp/amavis-20120212T122228-09070-52jpecv4: > <[email protected]> -> <[email protected]> > [email protected] [...] > Feb 12 12:22:29 mustang amavis[9070]: (09070-04) Passed CLEAN > {AcceptedInternal}, ORIGINATING > <[email protected]> -> <[email protected]>, > Message-ID: <[email protected]>, > mail_id: BciVU7H-sYYI, Hits: 0, size: 2410, 868 ms > Feb 12 12:22:29 mustang amavis[9070]: (09070-04) (!!)TROUBLE in > process_request: NOT ALL RECIPIENTS DONE, EMPTY DELIVERY_METHOD! > > The "smtp server" at 10026 is amavisd.
This isn't right: $inet_socket_port = 10026; $notify_method = 'smtp:[127.0.0.1]:10026'; Notifications as generated by amavisd are not supposed to be fed back to itself. They should be fed to an MTA, preferably on a port where content filtering is disabled, otherwise one runs a risk of blocking own notifications. In case of Postfix this is achieved by having a dedicated smtpd service (often on port 10025) which has content filtering disabled, e.g. by cleaning these two options on a service: -o smtpd_milters= -o content_filter= I'm not sure what is the most convenient way to do so with sendmail. One clean way is to have two MTA instances, where the front-end instance has content filtering enabled, while the back-end instance has it disabled. The $notify_method should then point to the second MTA instance. What happened in your case was the notification was fed via SMTP protocol back to amavisd, where a policy bank sitting on that port did not have $forward_method configured, so amavisd did not know how to forward the message - which should explain the message you received. Mark
