[AMaViS-user] Amavis in pre-queue mode
Hello, i have a problem. I have a mailserver (postfix), and amavis is working. I am receiving mail for several domains. Some customers want the spam delivering mode taganddeliver or reject. I have this realized with policy banks. Amavis in post-queue mode works fine. Due to a law, I must use amavis in pre-queue mode. Thats the problem. In the past it was the following: Postfix receives the mail, and depend on a lookup table, the mail is given to amavis on several ports. One port is for taganddeliver, an one port is for reject. If a mail comes to amavis throug the defined port, amavis loads the policy. Will I use amavis in pre-queue mode, all mails must going to amavis. Amavis must load the right policy for taganddeliver or reject. My current config is @local_domains_maps = ( [.$mydomain,localhost], read_hash(/etc/postfix/virtual_domains) ); I need 3 hashes. One for the domains there is reject used One for the domains there is taganddeliver used One for the domains there is nofilter used. Howe can I realize that? Thanks and greetings Ralf -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] warnsender_by_ccat doen't work
On Mon, Dec 15, 2008 at 05:04:19PM +0100, Mark Martinec wrote:
Emiliano,
I'd like to use warnsender_by_ccat in order to advise the sender
that there are virus in their outgoing mails.
This should not be done lightly. Practically all viruses
and other malware nowadays fake a sender address. Responding
to it by a NDN or by a warning sends a bounce to an innocent
bystander, and is a major contributor to backscatter.
Hi Mark, thank you for answering.
I want to advise only sender coming from my local network.
I prefere to use this command instead of warnvirusssender because
the second one doesn't work in a policy bank, nevertheless
I am not able to make warnsender_by_ccat work nor
in the main section nor in a policy_bank section.
These commands work properly (main section):
$warnvirussender = 1;
$warnrecip_maps_by_ccat{+CC_VIRUS} = [ 1 ];
but this one doesn't work:
$warnsender_by_ccat{+CC_VIRUS} = [ 1 ];
I am using amavis 2.4.2-6.1 and postfix 2.3.8-2+etch1
The above should work, even though it would be more
correct to say:
$warnsender_by_ccat{+CC_VIRUS} = 1;
because (unlike %warnrecip_maps_by_ccat) the %warnsender_by_ccat
is not a by-recipient map, so its values are plain booleans
and not lists of lookup tables.
But what is probably happening in your case is suppression of
sender notifications by the @viruses_that_fake_sender_maps list,
which by default returns true for any virus name, thus NDN or a
sender warning in response to viruses is always suppressed.
Try this:
@viruses_that_fake_sender_maps = (new_RE(
[qr'^(EICAR|Joke\.|Junk\.)'i = 0],
[qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i = 0],
[qr/^/ = 1], # true for everything else
));
and be VERY conservative what virus names you add
to the list as 'sincere'.
I tried it but it still doesn't work; however I don't think it's a problem
concerning @viruses_that_fake_sender_maps because
$warnvirussender = 1;
works right.
Any ideas?
Thanks,
Emiliano
--
Un uomo sano di mente è uno che tiene sotto
chiave il pazzo interiore - Paul Valéry
--
SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
The future of the web can't happen without you. Join us at MIX09 to help
pave the way to the Next Web now. Learn more and register at
http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] altermime and amavis
Michael Scheidell wrote: hi, i was trying to insert automatic disclaimer to all outgoing emails from our domain. but it caused all spam to be delivered to mail boxes in our server. like emails would skip filtering through the amavis. i obviously did something wrong... could you please help? i am using postfix and altermime which is called by script (i found this nice howto: http://www.howtoforge.com/add-disclaimers-to-outgoing-emails-with-altermime- po stfix-debian-etch) Skip that, amavisd-new supports it directly in amavisd- (2.5*) if you also need dkim signed disclaimed email you need amavisd 2.6.2 RC code. hi, thank you. would you have any page how to configure this in amavisd-new or other? sorry i cannot find way how to do this... regards, Wojtek Download amavisd 2.6.2.. Its in the docs. -- Michael Scheidell, CTO |SECNAP Network Security Winner 2008 Network Products Guide Hot Companies FreeBSD SpamAssassin Ports maintainer _ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ _ -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] altermime and amavis
Michael Scheidell wrote: hi, i was trying to insert automatic disclaimer to all outgoing emails from our domain. but it caused all spam to be delivered to mail boxes in our server. like emails would skip filtering through the amavis. i obviously did something wrong... could you please help? i am using postfix and altermime which is called by script (i found this nice howto: http://www.howtoforge.com/add-disclaimers-to-outgoing-emails-with-altermime-po stfix-debian-etch) Skip that, amavisd-new supports it directly in amavisd- (2.5*) if you also need dkim signed disclaimed email you need amavisd 2.6.2 RC code. hi, thank you. would you have any page how to configure this in amavisd-new or other? sorry i cannot find way how to do this... regards, Wojtek -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis in pre-queue mode
Ralf Heidenreich a écrit : Hello, i have a problem. I have a mailserver (postfix), and amavis is working. I am receiving mail for several domains. Some customers want the spam delivering mode taganddeliver or reject. I have this realized with policy banks. Amavis in post-queue mode works fine. Due to a law, I must use amavis in pre-queue mode. Thats the problem. In the past it was the following: Postfix receives the mail, and depend on a lookup table, the mail is given to amavis on several ports. One port is for taganddeliver, an one port is for reject. If a mail comes to amavis throug the defined port, amavis loads the policy. Will I use amavis in pre-queue mode, all mails must going to amavis. Amavis must load the right policy for taganddeliver or reject. My current config is @local_domains_maps = ( [.$mydomain,localhost], read_hash(/etc/postfix/virtual_domains) ); I need 3 hashes. One for the domains there is reject used One for the domains there is taganddeliver used One for the domains there is nofilter used. Howe can I realize that? If you have multiple IPs, the simplest solution would be to use different MXes. Otherwise, one problem is what to do if a single mail is destined to multiple recipients with different actions: you can't reject and deliver at the same time! A somewhat related discussion: http://marc.info/?l=amavis-userm=104639986104274w=2 -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] altermime and amavis
Wojtek, Skip that, amavisd-new supports it directly in amavisd- (2.5*) if you also need dkim signed disclaimed email you need amavisd 2.6.2 RC code. hi, thank you. would you have any page how to configure this in amavisd-new or other? sorry i cannot find way how to do this... regards, See RELEASE_NOTES, search for: - provided interface code to allow mangling/defanging/sanitation to be performed by an external utility, either by directly calling a Perl module Anomy Sanitizer (within the same process, avoiding startup cost), or by invoking a program 'altermime' (or by internal defanging code as before). [...] Mark -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis in pre-queue mode
Exactly What does law say, When you use postfix in postquee trafic is this: -postfix1(smtp)-amavis-postfix2(smpt) (10026/tcp for example)- Postfix1 can be used to stop and do any prefiltering, therefore, amavis wont have heavy load after postfix1 has discard some basic rules. There is not difference using postfix because it is a daemon, ifyou want to use amavis in prequeue you should use a milter. The problem is that here, amavis will have all load and then postfix will only relay mail. On Tuesday 16 December 2008 08:08:08 Ralf Heidenreich wrote: Hello, i have a problem. I have a mailserver (postfix), and amavis is working. I am receiving mail for several domains. Some customers want the spam delivering mode taganddeliver or reject. I have this realized with policy banks. Amavis in post-queue mode works fine. Due to a law, I must use amavis in pre-queue mode. Thats the problem. In the past it was the following: Postfix receives the mail, and depend on a lookup table, the mail is given to amavis on several ports. One port is for taganddeliver, an one port is for reject. If a mail comes to amavis throug the defined port, amavis loads the policy. Will I use amavis in pre-queue mode, all mails must going to amavis. Amavis must load the right policy for taganddeliver or reject. My current config is @local_domains_maps = ( [.$mydomain,localhost], read_hash(/etc/postfix/virtual_domains) ); I need 3 hashes. One for the domains there is reject used One for the domains there is taganddeliver used One for the domains there is nofilter used. Howe can I realize that? Thanks and greetings Ralf --- --- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com / ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
