Hi All, I'm exploring the options available within the different detection results (spam, banned, virus, bad header, unchecked), and would like to mangle-but-pass the 'banned contents' emails along to users. Nearly all the traffic picked up by the banned routines (98%+) is from spammers with what I can only presume to be some sort of malware payload.
On detection, I'd like: * Quarantine pristine/original email * All attachments removed * Information inserted into the email body stating all attachments were removed, contact postmaster for release * Subject line to prepend "(ATTACHMENTS QUARANTINED)". * Altered email passed along to the user In short, just in case the email and attachments are legitimate, I'd like the stripping to be fully obvious. And since most aren't legitimate, minimize annoyance ($warnbannedrecip = 0;). I have the following in /etc/amavis/conf.d/50-user: > $final_banned_destiny = D_PASS; > $defang_banned='altermime'; As for the altermime args, the following works from the command line: altermime --verbose --input=test-email --htmltoo --disclaimer-html=/etc/amavis/banned-disclaimer.html --disclaimer=/etc/amavis/banned-disclaimer.txt --alter-header="Subject" --alter-with="(ATTACHMENTS QUARANTINED)" --alter-mode=prefix However, it does not work (no Subject rewrite) when used in @altermime_args_defang. The only option that appears to work is the --disclaimer. Am I trying to abuse the amavis/altermime interaction in a way it doesn't support? Thank you, Josh
