Re: [AMaViS-user] Question about @spam_subject_tag2_maps
On 1/4/11, Peter Sørensen wrote:
> Hi,
>
> I have followin defined and a policybank for MYNETS like :
>
> $sa_spam_subject_tag = "TAGGED SPAM";
>
> $sa_spam_modifies_subj = 1;
> @spam_modifies_subj_maps =(\$sa_spam_modifies_subj);
> @spam_subject_tag2_maps[' some other text'];
>
> $policy_bank{'MYNETS'} = {
> Originating => 1,
> spam_subject_tag2_maps => [ " some text"],
> spam_admin_maps => ["mym...@<mailto:mym...@>"],
> .
> };
>
> When sending SPAM from a local user to a local user I get the text "some
> text" as expected.
>
> When sending SPAM from an external user to a local user i would like the
> "some other text" to appear
> But I get what's in sa_spam_subject_tag.
>
> So what am I doing wrong here ?
>
> Regards
>
> Peter Sørensen/Univ.Of.South Denmark/email:mas...@sdu.dk
Your syntax for @spam_subject_tag2_maps does not look right to me (but
I really do not know Perl).
I would try:
#$sa_spam_subject_tag = "TAGGED SPAM";
@spam_subject_tag2_maps = ('some other text ');
Or simply:
$sa_spam_subject_tag = 'some other text ';
--
Gary V
--
Gaining the trust of online customers is vital for the success of any company
that requires sensitive data to be transmitted over the Web. Learn how to
best implement a security strategy that keeps consumers' information secure
and instills the confidence they need to proceed with transactions.
http://p.sf.net/sfu/oracle-sfdevnl
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
Re: [AMaViS-user] Remove banned attachement, delvier EMail normally or notify receipient
On 12/7/10, Florian Thiessenhusen wrote: > Okay, thanks. > > Is there any chance to let the receipient inform, that there is a mail in > quarantine? Right now, only the administrator gets an information. Would be > nice, when the receipient gets the same Mail. > > Florian > Possibly: # Notify virus (or banned files or bad headers) RECIPIENT? # (not very useful, but some policies demand it) #$warnvirusrecip = 1; # (defaults to false (undef)) #$warnbannedrecip = 1; # (defaults to false (undef)) #$warnbadhrecip = 1;# (defaults to false (undef)) -- Gary V -- What happens now with your Lotus Notes apps - do you make another costly upgrade, or settle for being marooned without product support? Time to move off Lotus Notes and onto the cloud with Force.com, apps are easier to build, use, and manage than apps on traditional platforms. Sign up for the Lotus Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] Amavisd-new with postfix spamassassin
:10024, delay=14, delays=14/0.01/0.01/0.42, > dsn=2.0.0, status=sent (250 2.0.0 Ok, id=27379-01, from > MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9E7893EF51) > Dec 6 15:55:40 mail2 postfix/qmgr[27334]: 36F1D3EF49: removed > Dec 6 15:55:40 mail2 postfix/virtual[27394]: 9E7893EF51: to=< > fbo...@domain.com>, relay=virtual, delay=0.03, delays=0.01/0.01/0/0.01, > dsn=2.0.0, status=sent (delivered to maildir) > Dec 6 15:55:40 mail2 postfix/qmgr[27334]: 9E7893EF51: removed > -- In amavisd.conf, set: $DO_SYSLOG = 1; so the amavis entries are shown in your maillog along with the postfix entries. Looks like you have configured both pre-queue and after-queue filtering. For the time being, comment this out in master.cf: # -o smtpd_proxy_filtering=smtp-amavis:[127.0.0.1]:10024 Make sure the recipient domain is listed in @local_domains_maps in amavisd.conf: @local_domains_maps = ( [ ".$mydomain", '.example.net', '.example.com' ] ); amavisd-new will not write X-Spam headers or rewrite the subject line unless the domain is considered local. You can see that Postfix is complaining: "warning: do not list domain domain.com in BOTH mydestination and virtual_mailbox_domains" So, remove the recipient domain from mydestination since you are using virtual_mailbox_domains for this domain. Why use telnet? Why not simply temporarily reconfigure the SMTP Server setting of an email client (MUA) to deliver mail to your IP address? See how things go after making these changes. -- Gary V -- What happens now with your Lotus Notes apps - do you make another costly upgrade, or settle for being marooned without product support? Time to move off Lotus Notes and onto the cloud with Force.com, apps are easier to build, use, and manage than apps on traditional platforms. Sign up for the Lotus Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] How to disable bayes syncing?
On 11/11/10, Karl Meyer wrote: > > Hello, > > currently the spamassassin bayes database learns automatically (autolearn). > New learned information are put into the journal file and syncronized to the > database automatically. How can I disable the "sa-learn --sync" (or what > ever it's done by amavis) to stop the automatic syncing (not the whole > autolearn feature!). I want to sync myself via cronjob. > > I use amavisd-new-2.6.4 on CentOS5. > > Regards. I think you would place this in local.cf: bayes_auto_expire 0 -- Gary V -- Centralized Desktop Delivery: Dell and VMware Reference Architecture Simplifying enterprise desktop deployment and management using Dell EqualLogic storage and VMware View: A highly scalable, end-to-end client virtualization framework. Read more! http://p.sf.net/sfu/dell-eql-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] 2.7.0-pre7 and amavisd reload
On 10/30/10, Mark Martinec wrote: > For the archive: > >> I can repro this on two out of two Debian lenny machines so far. I did >> not change any of the settings mentioned in prior posts. This happens >> without making any config file changes whatsoever. Here are more >> details on the two machines: > > It was a permission problem on a config file. A warm reload implies > that the new daemon process inherits the UID under which its parent run, > so it cannot read files accessible only to root - and neither can it > log the problem unfortunately, as it has no controlling terminal > not is it able to read the logging configuration settings. > > Mark > Indeed, changing my amavisd.conf from root:root 0640 to root:amavis 0640 allowed me to keep prying eyes from amavisd.conf and allowed 'amavisd reload' to function as designed in my various setups. I understand that repurposing 'reload' is the only logical choice for the command, but I imagine there are a lot of people who place the command in scripts (amavisd reload after sa-update for example) that may encounter the same issue I had. Like me, people don't always read the release notes, or when they do, they tend to skim through them looking for salient points and don't immediately recognize the implications of a change of this nature. Kind of like what dogs hear when humans speak to them: blah blah blah blah Lassie blah blah blah -- Gary V -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] amavisd-new-2.7.0-pre8 is available
>>> what about owned by the amavisd user? >>> (that is what happens, ) you chg owner when starting and that owner >>> needs to be able to read all the files. >>> >> >> According to: http://www.ijs.si/software/amavisd/INSTALL.txt >> >> chown root:amavis /etc/amavisd.conf >> chmod 640 /etc/amavisd.conf >> >> Yeah, that works. Thanks Michael. For previous versions of >> amavisd-new, package maintainers that I've seen so far have it set to >> 0644 and root:root. Hopefully they will make the change (or suffer a >> bug report). >> > > Mark, may I assume that you will consider a note in RELEASE NOTES or > possibly even some code to check for and log incompatible > ownership/permissions? > Or, maybe I could actually read the release notes, that might be a good idea too: "A downside is that a HUP-ed daemon has already dropped root privileges during its initial start, so it must restart as a nonprivileged user (typically 'vscan' or 'amavis'), which rules out its capability to chroot, and requires that configuration files, DKIM signing keys files, and perl modules must be readable by this GID or UID, otherwise restart fails and a daemon process no longer exists" -- Gary V -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] amavisd-new-2.7.0-pre8 is available
> On 10/30/10, Michael Scheidell wrote: >> On 10/30/10 12:12 PM, Gary V wrote: >>> Got it. File permissions for amavisd.conf (or for Debian '50-user' or >>> other file) cannot be set to 0600 or 0640; they must be set to at >>> least 0644 which means that SQL passwords cannot be hidden from prying >>> eyes. >> what about owned by the amavisd user? >> (that is what happens, ) you chg owner when starting and that owner >> needs to be able to read all the files. >> > > According to: http://www.ijs.si/software/amavisd/INSTALL.txt > > chown root:amavis /etc/amavisd.conf > chmod 640 /etc/amavisd.conf > > Yeah, that works. Thanks Michael. For previous versions of > amavisd-new, package maintainers that I've seen so far have it set to > 0644 and root:root. Hopefully they will make the change (or suffer a > bug report). > Mark, may I assume that you will consider a note in RELEASE NOTES or possibly even some code to check for and log incompatible ownership/permissions? -- Gary V -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] amavisd-new-2.7.0-pre8 is available
On 10/30/10, Michael Scheidell wrote: > On 10/30/10 12:12 PM, Gary V wrote: >> Got it. File permissions for amavisd.conf (or for Debian '50-user' or >> other file) cannot be set to 0600 or 0640; they must be set to at >> least 0644 which means that SQL passwords cannot be hidden from prying >> eyes. > what about owned by the amavisd user? > (that is what happens, ) you chg owner when starting and that owner > needs to be able to read all the files. > According to: http://www.ijs.si/software/amavisd/INSTALL.txt chown root:amavis /etc/amavisd.conf chmod 640 /etc/amavisd.conf Yeah, that works. Thanks Michael. For previous versions of amavisd-new, package maintainers that I've seen so far have it set to 0644 and root:root. Hopefully they will make the change (or suffer a bug report). -- Gary V -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] amavisd-new-2.7.0-pre8 is available
> On 10/29/10, Gary V wrote: >> On 10/28/10, Mark Martinec wrote: >>> The amavisd-new-2.7.0-pre8 pre-release is available at: >>> >>> http://www.ijs.si/software/amavisd/amavisd-new-2.7.0-pre8.tar.gz >>> >>> with updated release notes at: >>> >>> http://www.ijs.si/software/amavisd/release-notes.txt >>> >>> Main changes since -pre7: >>> >>> - per-recipient (instead of per-message) attributes: >>> spam_level(), spam_tests(), delivery_method() >>> >>> - per-recipient (or per- policy bank) SpamAssassin configuration files >>> are supported (@sa_userconf_maps), and per-recipient SQL Bayes >>> database >>> usernames (@sa_username_maps); >>> >>> - per-recipient forwarding method (@forward_method_maps); >>> >>> - @listen_sockets setting offers a unified configuration of listening >>> sockets; >>> >>> - new macro 'mime2utf8' >>> >>> - added SQL template placeholders: %l, %u, %e, and %d >>> >>> - incompatibility: dropped %forward_method_by_ccat >>> and introduced %forward_method_maps_by_ccat >>> >>> - some bugfixes >>> >>> >>> Mark >>> >> >> I still have not discovered why 'amavisd-new reload' (or amavisd >> reload) does not bring amavis back to life on any of my Debian test >> machines. I fired up a Fedora Core 12 box and it works fine there. Any >> other Debian (or Ubuntu) users out there that are experiencing the >> same thing? >> > > Odd. I replaced the executable on three machines, rebooted, and all > have the same symptoms. Amavisd-new loads and runs fine, but dies at > 'amavisd-new reload'. On one machine I thought I would test by > replacing amavisd.conf with a version that I initially use on Debian > machines. After doing so, amavisd-new reloads fine. I reverted to my > previous amavisd.conf and now it reloads fine too. So far I cannot > find what my generic amavisd.conf triggered that now makes it possible > for my other version to work. Still investigating. > Got it. File permissions for amavisd.conf (or for Debian '50-user' or other file) cannot be set to 0600 or 0640; they must be set to at least 0644 which means that SQL passwords cannot be hidden from prying eyes. -- Gary V -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] amavisd-new-2.7.0-pre8 is available
On 10/29/10, Gary V wrote: > On 10/28/10, Mark Martinec wrote: >> The amavisd-new-2.7.0-pre8 pre-release is available at: >> >> http://www.ijs.si/software/amavisd/amavisd-new-2.7.0-pre8.tar.gz >> >> with updated release notes at: >> >> http://www.ijs.si/software/amavisd/release-notes.txt >> >> Main changes since -pre7: >> >> - per-recipient (instead of per-message) attributes: >> spam_level(), spam_tests(), delivery_method() >> >> - per-recipient (or per- policy bank) SpamAssassin configuration files >> are supported (@sa_userconf_maps), and per-recipient SQL Bayes database >> usernames (@sa_username_maps); >> >> - per-recipient forwarding method (@forward_method_maps); >> >> - @listen_sockets setting offers a unified configuration of listening >> sockets; >> >> - new macro 'mime2utf8' >> >> - added SQL template placeholders: %l, %u, %e, and %d >> >> - incompatibility: dropped %forward_method_by_ccat >> and introduced %forward_method_maps_by_ccat >> >> - some bugfixes >> >> >> Mark >> > > I still have not discovered why 'amavisd-new reload' (or amavisd > reload) does not bring amavis back to life on any of my Debian test > machines. I fired up a Fedora Core 12 box and it works fine there. Any > other Debian (or Ubuntu) users out there that are experiencing the > same thing? > Odd. I replaced the executable on three machines, rebooted, and all have the same symptoms. Amavisd-new loads and runs fine, but dies at 'amavisd-new reload'. On one machine I thought I would test by replacing amavisd.conf with a version that I initially use on Debian machines. After doing so, amavisd-new reloads fine. I reverted to my previous amavisd.conf and now it reloads fine too. So far I cannot find what my generic amavisd.conf triggered that now makes it possible for my other version to work. Still investigating. -- Gary V -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] amavisd-new-2.7.0-pre8 is available
On 10/28/10, Mark Martinec wrote: > The amavisd-new-2.7.0-pre8 pre-release is available at: > > http://www.ijs.si/software/amavisd/amavisd-new-2.7.0-pre8.tar.gz > > with updated release notes at: > > http://www.ijs.si/software/amavisd/release-notes.txt > > Main changes since -pre7: > > - per-recipient (instead of per-message) attributes: > spam_level(), spam_tests(), delivery_method() > > - per-recipient (or per- policy bank) SpamAssassin configuration files > are supported (@sa_userconf_maps), and per-recipient SQL Bayes database > usernames (@sa_username_maps); > > - per-recipient forwarding method (@forward_method_maps); > > - @listen_sockets setting offers a unified configuration of listening > sockets; > > - new macro 'mime2utf8' > > - added SQL template placeholders: %l, %u, %e, and %d > > - incompatibility: dropped %forward_method_by_ccat > and introduced %forward_method_maps_by_ccat > > - some bugfixes > > > Mark > I still have not discovered why 'amavisd-new reload' (or amavisd reload) does not bring amavis back to life on any of my Debian test machines. I fired up a Fedora Core 12 box and it works fine there. Any other Debian (or Ubuntu) users out there that are experiencing the same thing? -- Gary V -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] amavisd-new-2.7.0-pre8 is available
On 10/28/10, Mark Martinec wrote: > The amavisd-new-2.7.0-pre8 pre-release is available at: > > http://www.ijs.si/software/amavisd/amavisd-new-2.7.0-pre8.tar.gz > > with updated release notes at: > > http://www.ijs.si/software/amavisd/release-notes.txt > > Main changes since -pre7: > > - per-recipient (instead of per-message) attributes: > spam_level(), spam_tests(), delivery_method() > > - per-recipient (or per- policy bank) SpamAssassin configuration files > are supported (@sa_userconf_maps), and per-recipient SQL Bayes database > usernames (@sa_username_maps); > > - per-recipient forwarding method (@forward_method_maps); > > - @listen_sockets setting offers a unified configuration of listening > sockets; > > - new macro 'mime2utf8' > > - added SQL template placeholders: %l, %u, %e, and %d > > - incompatibility: dropped %forward_method_by_ccat > and introduced %forward_method_maps_by_ccat > > - some bugfixes > > > Mark > I still have not discovered why 'amavisd-new reload' (or amavisd reload) does not bring amavis back to life on any of my Debian test machines. I fired up a Fedora Core 12 box and it works fine there. Any other Debian (or Ubuntu) users out there that are experiencing the same thing? -- Gary V -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] Disclaimer doesn't work
On 10/29/10, Zhang Huangbin wrote: > > On Oct 30, 2010, at 2:29 AM, Mark Martinec wrote: > >> In your case the $allow_disclaimers was false. Seems like the >> policy ORIGINATING was not invoked. > > I have below settings in postfix main.cf: > > content_filter = smtp-amavis:[127.0.0.1]:10024 > > In postfix master.cf: > > If i change the port to 10026, it works: > > content_filter = smtp-amavis:[127.0.0.1]:10026 > > What's the difference between port 10024 and 10026? Changing to content_filter = smtp-amavis:[127.0.0.1]:10026 is a mistake. This is the port you have configured to use the ORIGINATING policy bank. That policy bank is bypassing banned files checks, allowing everyone in the world to send you banned files. Port 10024 is typically the "normal" amavisd-new port. Other ports can be opened and configured to use policy banks. Policy banks are used to override current "normal" settings. You need to send mail from the outside world to port 10024 and mail from your client to port 10026 (or add their IP addresses or network address to @mynetworks as you did at one time). Typically if the clients are not in @mynetworks then you would have remote clients use SMTP AUTH and configure Postfix to send their messages to a policy back (like the ORIGINATING one you configured on port 10026). Here is an example of a snippet from Postfix master.cf where a message submitted to port 587 will use amavisd-new port 10026: submission inet n - - - - smtpd -o smtpd_tls_security_level=may -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o content_filter=smtp-amavis:[127.0.0.1]:10026 Of course this requires that you also set up SMTP AUTH and then have the client change the way their users send mail to you. What objection did you have to adding their network address to @mynetworks and using the MYNETS policy bank? Seems like the simple solution to me and you said it works. If they are relaying all their mail from from a single server then you would only need to add the IP address of their server. -- Gary V -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] Skipping SPAM checks for local mail
On 10/14/10, Danilo Godec wrote:
> On 14.10.2010 13:04, Patrick Ben Koetter wrote:
>> * Danilo Godec :
>>> is it possible (or what's the simple way) to skip SPAM checks for all
>>> mail, that originates from and is destined for local delivery?
>>>
>>> Is this something that can be done within Amavisd-new (2.6.4)? Or will I
>>> need to do something on Postfix?
>> If you know all local client IP addresses
>> - define all networks in amavis' @mynetworks
>> - Create the policy bank MYNETS in amavis and configure it to skip SPAM
>> checks.
>> - use XFORWARD in Postfix to tell amavis the clients real IP
>
> Yes, I know all local IP's, but this prevents spam checks even for
> outgoing mail (which is not quite what we want)...
>
> I still want (at least try) to prevent our computers sending spam OUT,
> but I don't care if local users send spam or whatever to each other...
>
>Danilo
I think basically you could add your internal domains to spam lovers:
$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
spam_lovers_maps => [[qw( .example.com .example.net )]],
};
Optionally bypass scanning. The internal spam messages would not get
marked as spam if this is chosen. This qualifies as "skip spam checks
for local mail":
$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
bypass_spam_checks_maps => [[qw( .example.com .example.net )]],
spam_lovers_maps => [[qw( .example.com .example.net )]],
};
or generate additional notification traffic:
$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
spam_admin_maps => ["postmast...@$mydomain"], # alert of internal spam
spam_kill_level_maps => [7.0],
final_spam_destiny => D_BOUNCE, # notify sender of internal spam
spam_lovers_maps => [[qw( .example.com .example.net )]],
spam_dsn_cutoff_level_maps => [],
spam_dsn_cutoff_level_bysender_maps => [],
};
--
Gary V
--
Download new Adobe(R) Flash(R) Builder(TM) 4
The new Adobe(R) Flex(R) 4 and Flash(R) Builder(TM) 4 (formerly
Flex(R) Builder(TM)) enable the development of rich applications that run
across multiple browsers and platforms. Download your free trials today!
http://p.sf.net/sfu/adobe-dev2dev
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
Re: [AMaViS-user] spam_admin unknown field in policy_bank
On 10/8/10, Christian Rößner wrote:
> Hi,
>
> a simple question:
>
> I would like to notify my postmaster, if some of the MYUSERS users are trying
> to send spam to the outside. Therefor I modified the policy_bank MYUSERS and
> tried to add the spam_admin option. Unfortunately amavis is telling me in the
> logs that this is an unknown field.
>
> Oct 8 12:29:15 mx0 amavis[32204]: (!)loading policy bank "MYUSERS": unknown
> field "spam_admin"
>
> So, how can I specify spam_admin and how can I enable notification in certain
> policy_banks?
>
> Thanks in advance
>
> Best regards
> Christian
An example:
$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
originating => 1,
os_fingerprint_method => undef,
spam_admin_maps => ["postmast...@$mydomain"], # alert of internal spam
final_spam_destiny => D_BOUNCE, # so the sender knows they are a spammer
spam_kill_level_maps => [9.0],
spam_dsn_cutoff_level_maps => [],
spam_dsn_cutoff_level_bysender_maps => [],
};
--
Gary V
--
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend less time writing and rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
http://p.sf.net/sfu/beautyoftheweb
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
Re: [AMaViS-user] 2.7.0-pre7 and amavisd reload
On 10/5/10, Mark Martinec wrote: > > a configuration of listen sockets must not be changed between > > warm reloads (@listen_sockets, $inet_socket_port, $unix_socketname) > > ... and $inet_socket_bind > > Mark I can repro this on two out of two Debian lenny machines so far. I did not change any of the settings mentioned in prior posts. This happens without making any config file changes whatsoever. Here are more details on the two machines: http://www200.pair.com/mecham/spam/pre7.txt -- Gary V -- Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
[AMaViS-user] 2.7.0-pre7 and amavisd reload
I was trying out 2.7.0-pre7 on a Debian machine with Perl 5.10.0 and Net::Server 0.97and when I do "amavisd reload" it dies. Oct 4 14:02:30 msa amavis[4859]: Valid PID file (younger than sys uptime 0 0:10:00) Oct 4 14:02:30 msa amavis[3833]: Net::Server: 2010/10/04-14:02:30 Server closing! Oct 4 14:02:30 msa amavis[3833]: Net::Server: Sending children hup signal during HUP on prefork server Oct 4 14:02:30 msa amavis[4859]: Signalling a SIGHUP to a running daemon [3833] Oct 4 14:02:30 msa amavis[3833]: (!)Net::Server: 2010/10/04-14:02:30 HUP'ing server I have to manually start it back up. -- Gary V -- Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] Problem bypassing content filter
On 9/20/10, Fugtruck wrote: > In my Postfix + Amavisd-new + Spamassassin setup, I am trying to bypass the > content filtering for specific senders. Messages that match my header checks > are producing an error in the maillog, "warning: connect to transport > 127.0.0.1: > No such file or directory" and the message just sits in the queue. Messages > that don't match the header checks process normally, so I'm sure it has to do > with my transport:desitnation syntax, but for the life of me I can't figure > out > what I've done wrong. Any suggestions? > > Inside my master.cf, I have the following: > smtp inet n - n - - smtpd > -o cleanup_service_name=pre-cleanup > > pre-cleanup unixn - n - 0 cleanup > -o virtual_alisas_maps= > pickupfifo n - n 60 1 pickup > -o cleanup_service_name=pre-cleanup > cleanup unix n - n - 0 cleanup > -o mime_header_checks= > -o nested_header_checks= > -o body_checks= > -o header_checks= > [...] > amavisfeed unix - - n - 6 lmtp > -o lmtp_data_done_timeout=1200 > -o lmtp_send_xforward_command=yes > -o disable_dns_lookups=yes > -o max_use=20 > > 127.0.0.1:10025 inet n - n - - smtpd > -o content_filter= > -o smtpd_delay_reject=no > -o smtpd_client_restrictions=permit_mynetworks,reject > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o smtpd_data_restrictions=reject_unauth_pipelining > -o smtpd_end_of_data_restrictions= > -o smtpd_restriction_classes= > -o mynetworks=127.0.0.0/8 > -o smtpd_error_sleep_time=0 > -o smtpd_soft_error_limit=1001 > -o smtpd_hard_error_limit=1000 > -o smtpd_client_connection_count_limit=0 > -o smtpd_client_connection_rate_limit=0 > -o > receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters > > -o local_header_rewrite_clients= > > In my main.cf, I have the following: > content_filter=amavisfeed:[127.0.0.1]:10024 > header_checks=pcre:/etc/postfix/whitelist > > > Inside my whitelist file, I have > /sen...@somedomain/ FILTER 127.0.0.1:10025 Try: /sen...@somedomain/ FILTER smtp:[127.0.0.1]:10025 Of course sender the address can be forged. it would be nice to at least do a virus scan. There are options to assist with limiting damage: http://www200.pair.com/mecham/spam/bypassing.html#6 http://www200.pair.com/mecham/spam/bypassing.html#7 -- Gary V -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
Re: [AMaViS-user] Banned bypass
On 7/28/10, Luc MAIGNAN wrote:
> Hi,
>
> still no way for me to let my whitelist work with
> bypass_banned_checks_maps...
>
> Has anyone an idea and/or a example that works ???
>
> Many thanks
When you say "my whitelist", are you referring to a list of sender
addresses? If so, what format is your whitelist in? Provide sample or
explain. There a number of ways to create a whitelist. You need to be
much more explicit in what it is you are trying to accomplish. Are you
trying to allow senders to be able to bypass banned checks? If so,
that is not what you said. You said "to whitelist all banned that are
sent to this email address". That means recipients.
bypass_banned_checks_maps works for recipients, not senders. If you
are talking about senders, then read #6 and #7 in this document:
http://www200.pair.com/mecham/spam/bypassing.html
Example #6 is not secure. Example #7 is more secure.
> Le 22/07/10 03:53, Gary V a écrit :
> > On 7/21/10, Luc MAIGNAN wrote:
> >> Hi,
> >>
> >> I configure amavisd.conf as :
> >>
> >> @bypass_banned_checks_maps = ( {'[n...@domain.com]' => 1,});
> >>
> >> to whitelist all banned that are sent to this email address/ But
> >> unfortunaly, it doesn't work...
> >>
> >> Is it the good method ?
> >>
> >> If yes, what's wrong ?
> >>
> >> Thanks for any help
> >>
> >> BR
> > Try:
> > @bypass_banned_checks_maps = ( [qw( u...@example.com )] );
> >
> > This syntax is like the sample provided in amavisd.conf-sample
> >
You need to show evidence of what it happening. "It doesn't work" does
not substitute for evidence. A useful tool is to place the sender in
@debug_sender_maps and send a test message then show the detailed log
entries.
# If sender matches ACL, turn debugging fully up, just for this one message
#...@debug_sender_maps = ( ["test-send...@$mydomain"] );
#...@debug_sender_maps = ( [qw( de...@example.com de...@example.net )] );
--
Gary V
--
The Palm PDK Hot Apps Program offers developers who use the
Plug-In Development Kit to bring their C/C++ apps to Palm for a share
of $1 Million in cash or HP Products. Visit us here for more details:
http://p.sf.net/sfu/dev2dev-palm
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
Re: [AMaViS-user] Banned bypass
On 7/22/10, Gary V wrote:
> On 7/22/10, Luc MAIGNAN wrote:
> > I've tried your syntax, but it doesn't work ... :-(
> >
> > Le 22/07/10 03:53, Gary V a écrit :
> > > On 7/21/10, Luc MAIGNAN wrote:
> > >> Hi,
> > >>
> > >> I configure amavisd.conf as :
> > >>
> > >> @bypass_banned_checks_maps = ( {'[n...@domain.com]' => 1,});
> > >>
> > >> to whitelist all banned that are sent to this email address/ But
> > >> unfortunaly, it doesn't work...
> > >>
> > >> Is it the good method ?
> > >>
> > >> If yes, what's wrong ?
> > >>
> > >> Thanks for any help
> > >>
> > >> BR
> > > Try:
> > > @bypass_banned_checks_maps = ( [qw( u...@example.com )] );
> > >
> > > This syntax is like the sample provided in amavisd.conf-sample
> > >
>
> If the message is sent to more than one recipient, the scan may still
> take place so it's also a good idea to set a corresponding lovers map:
>
> @banned_files_lovers_maps = @bypass_banned_checks_maps = ( [qw(
> u...@example.com )] );
Also read your log file to see if the message was stopped for some
other reason (spam, virus, bad header). Make sure that it really was
"Blocked BANNED".
--
Gary V
--
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
Re: [AMaViS-user] Banned bypass
On 7/22/10, Luc MAIGNAN wrote:
> I've tried your syntax, but it doesn't work ... :-(
>
> Le 22/07/10 03:53, Gary V a écrit :
> > On 7/21/10, Luc MAIGNAN wrote:
> >> Hi,
> >>
> >> I configure amavisd.conf as :
> >>
> >> @bypass_banned_checks_maps = ( {'[n...@domain.com]' => 1,});
> >>
> >> to whitelist all banned that are sent to this email address/ But
> >> unfortunaly, it doesn't work...
> >>
> >> Is it the good method ?
> >>
> >> If yes, what's wrong ?
> >>
> >> Thanks for any help
> >>
> >> BR
> > Try:
> > @bypass_banned_checks_maps = ( [qw( u...@example.com )] );
> >
> > This syntax is like the sample provided in amavisd.conf-sample
> >
If the message is sent to more than one recipient, the scan may still
take place so it's also a good idea to set a corresponding lovers map:
@banned_files_lovers_maps = @bypass_banned_checks_maps = ( [qw(
u...@example.com )] );
--
Gary V
--
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
Re: [AMaViS-user] Banned bypass
On 7/21/10, Luc MAIGNAN wrote:
> Hi,
>
> I configure amavisd.conf as :
>
> @bypass_banned_checks_maps = ( {'[n...@domain.com]' => 1,});
>
> to whitelist all banned that are sent to this email address/ But
> unfortunaly, it doesn't work...
>
> Is it the good method ?
>
> If yes, what's wrong ?
>
> Thanks for any help
>
> BR
Try:
@bypass_banned_checks_maps = ( [qw( u...@example.com )] );
This syntax is like the sample provided in amavisd.conf-sample
--
Gary V
--
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
Re: [AMaViS-user] Quarantine some messages, but leaving final destination as D_PASS
On 7/19/10, Michael Scheidell wrote:
> On 7/19/10 11:39 AM, Martín Ferco wrote:
> > But that would imply that I would need to create records for *EVERY*
> > user, right? Can't I leave the default as "wants spam", and then only
> > insert the ones that want their spam quarantined? Is there also a way
> > to do it *without* sql?
> >
> >
> set your defaults., use the '@.' user for defaults.
> only set up users who want spam in sql, the policy sql queries will look
> for a specific user first, then the @. if they don't find it.
>
> --
> Michael Scheidell, CTO
Here is a possibility. Spam quarantine is triggered when a message
scores at kill_level or higher. If you set kill_level high enough
( for example), you could set:
$final_spam_destiny = D_DISCARD;
and then use something like the sample in amavisd.conf-sample:
$sa_kill_level_deflt = ; # default set high enough to pass all spam
@spam_kill_level_maps = (
{ 'us...@example.com' => 6.5,
'us...@exmaple.com' => 6.5,
'us...@example.com' => 8 },
\$sa_kill_level_deflt, # catchall default
);
I assume you have configured a spam quarantine. The disadvantage of
using static maps is that you must reload amavisd-new after making
changes. If you are not familiar with SQL then it would be much harder
to set up, but the advantage is that changes are dynamic and do not
require you to reload amavisd-new.
Do you have a spam quarantine configured? If so, what do you currently
have $sa_kill_level_deflt set at? If you had (for example):
$final_spam_destiny = D_PASS;
$sa_kill_level_deflt = 5.0;
Then all spam would be passed the the recipients, AND a copy of spam
that scores at 5.0 or higher would go to your quarantine.
Look in your amavisd.conf-sample
--
Gary V
--
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
Re: [AMaViS-user] How to get any mail from quarantine
On 4/28/10, osmcr...@gmail.com wrote: > Hello, > > i want to get some of my quarantained mails off quarantine that why amavis > is marking some legitimate emails as spam > > The quarantine-directory is /var/lib/amavis/virusmails/--- > > There are the maildir-files. > > amavisd-release do not have any manpages. > How do i release the mails from quarantine. > > Any idea what I could do to re-injectect these emails into the system ? > > > > Thanks, http://www.ijs.si/software/amavisd/amavisd-new-docs.html#quar-release http://www.freespamfilter.org/forum/viewtopic.php?f=7&t=380&p=2066 -- Gary V -- ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Issues using clamd without socket
On 4/25/10, The Doctor wrote:
> Right, I have to either disable av_scanner or get
> amavis to work with port 3310.
>
>
> What nneds to be done and NO I will not use a socket for clamd.
>
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", '127.0.0.1:3310'],
qr/\bOK$/m, qr/\bFOUND$/m,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
in clamd.conf:
Comment out LocalSocket:
# LocalSocket /var/run/clamav/clamd.sock
Add TCPSocket if it's missing:
TCPSocket 3310
You need this:
AllowSupplementaryGroups yes
The clamav user needs to a member of the same group that the
amavisd-new user belongs to.
You must be running clamav 0.95 or newer. Older versions will not start up.
--
Gary V
--
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] timed out after few minutes
On 3/19/10, Gary V wrote: > On 3/19/10, Jorge Armando Medina wrote: > > Sasa wrote: > > > If I have understood correctly the value of 'smtp-amavis' must be always > > > equal or less of 'max_servers', in my configuration I have: > > > > > > $max_servers = 10; > > > and > > > smtp-amavis unix - - n - 5 smtp > > > > > > or pheraps these value must always equal ? > > > Thanks. > > > > > > -- > > > > > >Salvatore. > > Since you are using Maia, they should be equal. If you were using > amavisd-release (which you are not) a person may set $max_servers to > one more than maxproc so there is a spare instance available for > amavisd-release to use should all the others be busy. > > You are wasting memory if you load 10 instances of Maia into memory, > and then only actually use 5. If you were at 2 before, I would not > make such a large increase, as you may start swap thrashing (if you > are not already). I would start by setting both to 3 (50% more than > you had before) and then monitor the situation. It might also be a > good idea to temporarily increase $log_level to 2 and then provide a > sample or two of the TIMING line. > > > filter:~# tail -f /var/log/mail.log | grep TIMING > > Mar 19 14:50:34 filter amavis[3633]: (03633-01) TIMING [total 478 ms] > - sql-prepare: 13 (3%), SMTP EHLO: 10 (2%), SMTP pre-MAIL: 4 (1%), > mkdir tempdir: 1 (0%), create email.txt: 1 (0%), sql-connect: 9 (2%), > lookup_sql: 6 (1%), SMTP pre-DATA-flush: 5 (1%), SMTP DATA: 14 (3%), > body_hash: 2 (0%), maia_connect: 6 (1%), maia_read_system_config: 3 > (1%), maia_get_mysql_size_limit: 2 (0%), mkdir parts: 1 (0%), > lookup_sql: 4 (1%), mime_decode: 30 (6%), get-file-type1: 135 (28%), > decompose_part: 2 (0%), parts_decode: 0 (0%), update_cache: 5 (1%), > maia_store_mail: 29 (6%), deal_with_mail_size: 4 (1%), > maia_record_tests: 6 (1%), maia_delete_mail_recipient_reference: 4 > (1%), fwd-connect: 47 (10%), fwd-mail-from: 3 (1%), fwd-rcpt-to: 5 > (1%), write-header: 9 (2%), fwd-data: 1 (0%), fwd-data-end: 49 (10%), > fwd-rundown: 19 (4%), main_log_entry: 37 (8%), update_snmp: 4 (1%), > maia_delete_mail: 7 (2%), maia_cleanup: 0 (0%), maia_disconnect: 1 > (0%), unlink-1-files: 3 (1%), rundown: 1 (0%) > > > If you have not had problems before, disabling the cache will hurt > rather that help. > $enable_db = 1; > $enable_global_cache = 1; > > What does the top of 'top' say? For example: > > top - 14:51:53 up 6 min, 1 user, load average: 0.14, 0.37, 0.23 > Tasks: 63 total, 1 running, 62 sleeping, 0 stopped, 0 zombie > Cpu(s): 0.3%us, 0.0%sy, 0.0%ni, 99.7%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st > Mem:775728k total, 450604k used, 325124k free,24340k buffers > Swap: 240932k total,0k used, 240932k free, 159924k cached > You might take a look at: http://www.maiamailguard.com/maia/wiki/SATimeouts and also try to look for amavis errors in your log: egrep "(TROUBLE|Can't|TIMED|timed|ERROR|Error|abort|error|fatal|PRESERVING|FAILED)" /var/log/maillog | grep amavis -- Gary V -- Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] timed out after few minutes
On 3/19/10, Jorge Armando Medina wrote: > Sasa wrote: > > If I have understood correctly the value of 'smtp-amavis' must be always > > equal or less of 'max_servers', in my configuration I have: > > > > $max_servers = 10; > > and > > smtp-amavis unix - - n - 5 smtp > > > > or pheraps these value must always equal ? > > Thanks. > > > > -- > > > >Salvatore. Since you are using Maia, they should be equal. If you were using amavisd-release (which you are not) a person may set $max_servers to one more than maxproc so there is a spare instance available for amavisd-release to use should all the others be busy. You are wasting memory if you load 10 instances of Maia into memory, and then only actually use 5. If you were at 2 before, I would not make such a large increase, as you may start swap thrashing (if you are not already). I would start by setting both to 3 (50% more than you had before) and then monitor the situation. It might also be a good idea to temporarily increase $log_level to 2 and then provide a sample or two of the TIMING line. filter:~# tail -f /var/log/mail.log | grep TIMING Mar 19 14:50:34 filter amavis[3633]: (03633-01) TIMING [total 478 ms] - sql-prepare: 13 (3%), SMTP EHLO: 10 (2%), SMTP pre-MAIL: 4 (1%), mkdir tempdir: 1 (0%), create email.txt: 1 (0%), sql-connect: 9 (2%), lookup_sql: 6 (1%), SMTP pre-DATA-flush: 5 (1%), SMTP DATA: 14 (3%), body_hash: 2 (0%), maia_connect: 6 (1%), maia_read_system_config: 3 (1%), maia_get_mysql_size_limit: 2 (0%), mkdir parts: 1 (0%), lookup_sql: 4 (1%), mime_decode: 30 (6%), get-file-type1: 135 (28%), decompose_part: 2 (0%), parts_decode: 0 (0%), update_cache: 5 (1%), maia_store_mail: 29 (6%), deal_with_mail_size: 4 (1%), maia_record_tests: 6 (1%), maia_delete_mail_recipient_reference: 4 (1%), fwd-connect: 47 (10%), fwd-mail-from: 3 (1%), fwd-rcpt-to: 5 (1%), write-header: 9 (2%), fwd-data: 1 (0%), fwd-data-end: 49 (10%), fwd-rundown: 19 (4%), main_log_entry: 37 (8%), update_snmp: 4 (1%), maia_delete_mail: 7 (2%), maia_cleanup: 0 (0%), maia_disconnect: 1 (0%), unlink-1-files: 3 (1%), rundown: 1 (0%) If you have not had problems before, disabling the cache will hurt rather that help. $enable_db = 1; $enable_global_cache = 1; What does the top of 'top' say? For example: top - 14:51:53 up 6 min, 1 user, load average: 0.14, 0.37, 0.23 Tasks: 63 total, 1 running, 62 sleeping, 0 stopped, 0 zombie Cpu(s): 0.3%us, 0.0%sy, 0.0%ni, 99.7%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st Mem:775728k total, 450604k used, 325124k free,24340k buffers Swap: 240932k total,0k used, 240932k free, 159924k cached -- Gary V -- Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] does amavis invoke spamassassin?
On 1/30/10, Dave McGuire wrote: > On Jan 30, 2010, at 7:09 PM, Gary V wrote: > >> I installed my mail server using ISPConfig3 on Ubntu9.10 Server... > >> I'm interested in using the two-level spam treatment configuring > >> SPAM tag > >> level,SPAM tag2 level and SPAM kill level... > >> > >> The server works perfectly but the mail that it receives don't > >> show the > >> effects of the spamassassin's intervention such as the X-Spam > >> Level header, > >> etc. > >> So I'm not sure that the antispam check works really fine > >> In the log file I can't find any messages about spamassassin... > >> Generally I created the same thing using postfix+procmail > >> +spamassassin and > >> it worked well but in that case spamassassin is invoked as command > >> line > >> executable.. > >> > >> How can I make me sure that every check is executed ? > >> Thanks.. > > > > I have no idea how ISPConfig3 configures amavisd-new, but I can tell > > you that amavisd-new calls the Mail::SpamAssassin Perl module, so > > there is no need to run spamc, spamd, or spamassassin. See if you have > > entries in your mail log for amavis, as opposed to spamassassin: > > > > cat /var/log/mail.log | grep amavis > > Oh good heavens. > > grep amavis /var/log/mail.log > > -- > Dave McGuire > Port Charlotte, FL Yeah, sorry about that, but it looks like ISPConfig3 does configure amavisd-new to use SQL with a custom database and custom queries. In the dbispconfig database, spamfilter.policy table, the default spam_tag_level is set to 3, so only spam that scores over 3 will include X-Spam headers. This can be modified of course so that all local mail will get tagged. I'm going to assume that if the recipient is in the database, and spam filtering is enabled for the user, that the user is considered local. This is how you might change the policies: Log into mysql: mysql -p and set spam_tag_level for all 7 policies to -999 UPDATE `dbispconfig`.`spamfilter_policy` SET `spam_tag_level` = '-999'; -- Gary V -- The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] does amavis invoke spamassassin?
On 1/30/10, aa wrote: > Hi, > I installed my mail server using ISPConfig3 on Ubntu9.10 Server... > I'm interested in using the two-level spam treatment configuring SPAM tag > level,SPAM tag2 level and SPAM kill level... > > The server works perfectly but the mail that it receives don't show the > effects of the spamassassin's intervention such as the X-Spam Level header, > etc. > So I'm not sure that the antispam check works really fine > In the log file I can't find any messages about spamassassin... > Generally I created the same thing using postfix+procmail+spamassassin and > it worked well but in that case spamassassin is invoked as command line > executable.. > > How can I make me sure that every check is executed ? > Thanks.. I have no idea how ISPConfig3 configures amavisd-new, but I can tell you that amavisd-new calls the Mail::SpamAssassin Perl module, so there is no need to run spamc, spamd, or spamassassin. See if you have entries in your mail log for amavis, as opposed to spamassassin: cat /var/log/mail.log | grep amavis -- Gary V -- The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Different Log entries after two incidents
On 1/18/10, Mark Martinec wrote:
> Felix,
>
> > > Maybe you get a 'main log entry' only with the first message
> > > processed by each child process.
> >
> > Absolutely... If I have the config value "$max_requests = 1;" then the
> > problem is gone. Each message is tagged correctly with the "Blocked
> > SPAM" entry in the log file. The question is now why only the the first
> > child process generates a full "main log entry"?
>
> I don't know. Perhaps you should ask on the Maia Mailguard mailing list,
> as this is not happening to a native amavisd-new as far as I can tell.
>
> > I guess the setting "max_requests = 1;" is not a good idea due to
> > performance reasons?
>
> Correct.
>
> > Ok, system is not under heavy load and has a core7/8GB RAM but nevertheless
> > I'd prefer to solve the issue not with this dirty "workaround" ;)
>
> Certainly.
>
> The "one_response_for_all : all DISCARD, ..." log entry comes
> from the call to one_response_for_all() in:
>
>$which_section = "delivery-notification";
>my($dsn_needed);
>($smtp_resp, $exit_code, $dsn_needed) =
> one_response_for_all($msginfo, $dsn_per_recip_capable, $am_id);
>
> > The first mails causes 3 more log entries after the entry above:
> > Jan 13 17:46:48 anthares amavis[26588]: (26588-01) parse_received: ; =
> > Wed, 13 Jan 2010 17:46:47 +0100 (CET)\t(envelope-from b...@blub.com)/Wed,
>
> The "parse_received:" log entry comes from sub parse_received, which is
> most likely called (there are some other less likely possibilities)
> while expanding macros in a call to expand():
>
># generate customized log report at log level 0 - this is usually the
># only log entry interesting to administrators during normal operation
>$which_section = 'main_log_entry';
>my(%mybuiltins) = %builtins; # make a local copy
>{ # do a per-mail log entry
> my($s) = $spam_status; $s =~ s/^tests=//; my(@s) = split(/,/,$s);
> if (@s > 10) { $#s = 9; push(@s,"...") }
> $mybuiltins{'T'} = \...@s; # macro %T has overloaded semantics, ugly
> my($strr) = expand(cr('log_templ'), \%mybuiltins);
> for my $logline (split(/[ \t]*\n/, $$strr)) {
>do_log(0, $logline) if $logline ne '';
> }
>}
>
> So, somewhere between $which_section="delivery-notification" and the
> my($strr)=expand(...) or a do_log that follows it, either program flow
> is diverted, or logging somehow disabled. You may try adding a couple of
> calls like: do_log(0,"TESTxxx") between the two program locations,
> and see where logging starts to disappear.
>
> Mark
>
See my post some time ago in the Maia list:
http://www.renaissoft.com/pipermail/maia-users/2009-April/013025.html
Also, at the end of this thread:
http://www.renaissoft.com/pipermail/maia-users/2009-July/013414.html
--
Gary V
--
Throughout its 18-year history, RSA Conference consistently attracts the
world's best and brightest in the field, creating opportunities for Conference
attendees to learn about information security's most important issues through
interactions with peers, luminaries and emerging and established companies.
http://p.sf.net/sfu/rsaconf-dev2dev
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] cache not working?
On 1/14/10, Mark Martinec wrote: > Gary, > > > I get a different body hash each time I redirect this message through > > via my MUA. I can also create a new message and attach this, and it > > gives me a different body hash each pass. I have only tried a couple > > of similar spam messages, but I think I have thousands of spam > > messages like this. > > > > http://www200.pair.com/mecham/spam/test.txt > > I tried to send your sample message through our Postfix/amavisd, > and I get the same body hash every time: > body hash: 179431ea7761353e08a90ee1b4124bd4 > (and subsequent attempts use cached results). > > Also, when I manually strip off the mail header section, > along with a header-body separator empty line (leaving only the body), > and calculate md5 of the result, I obtain the same value: > > $ md5 -r test.txt > 179431ea7761353e08a90ee1b4124bd4 test.txt > > (note: must retain unix NL line endings, not to be converted to CR LF). > > So, either it is not exactly the same message every time, > or there is something wrong, perhaps with the Digest::MD5 module > (or your mailer is inserting/changing something in passed messages). > > Mark > Looks like the message is rewritten by the MUA and the value for the boundary changes each time, so I did not pick a valid way to test. Here is a diff of two copies of the same resent message: http://www200.pair.com/mecham/spam/test2.txt Thanks for testing. -- Gary V -- Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] cache not working?
On 1/12/10, Mark Martinec wrote: > Gary, > > > Hmm, with these set: > > $enable_db = 1; > > $enable_global_cache = 1; > > I thought that if I were to send a message to one recipeint, then > > resend the same message to another recipient (or the same recipient) a > > few moments later, that the scan would be bypassed on the second and > > subsequent passes due to caching, but that does not seem to be the > > case. I tried it with 2.5.4, 2.6.2 and 2.6.4. > > > > one pass: SA check: 6874 (94%)97, > > another pass: SA check: 6834 (94%)96, > > It should be cached, as long as it is within the time-to-live interval. > Check your settings for $spam_check_positive_ttl and $spam_check_negative_ttl. > > If that does not show an obvious problem, try searching through log level 5 > log for: > egrep 'Cached|cached|get_body_digest:|body hash:' > > > Mark I get a different body hash each time I redirect this message through via my MUA. I can also create a new message and attach this, and it gives me a different body hash each pass. I have only tried a couple of similar spam messages, but I think I have thousands of spam messages like this. http://www200.pair.com/mecham/spam/test.txt -- Gary V -- Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] cache not working?
Hmm, with these set: $enable_db = 1; $enable_global_cache = 1; I thought that if I were to send a message to one recipeint, then resend the same message to another recipient (or the same recipient) a few moments later, that the scan would be bypassed on the second and subsequent passes due to caching, but that does not seem to be the case. I tried it with 2.5.4, 2.6.2 and 2.6.4. one pass: SA check: 6874 (94%)97, another pass: SA check: 6834 (94%)96, -- Gary V -- This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] permissions on tmp directory
On 11/23/09, Kevin Bailey wrote: > Hi, > > Using standard Debian/Lenny system with Amavisd-new installed from packages. > > ||/ Name Version > Description > +++--- > ii amavisd-new 1:2.6.1.dfsg-1 > Interface between MTA and virus scanner/content filters > > and > > ||/ Name Version > Description > +++--- > ii postfix 2.5.5-1.1 > High-performance mail transport agent > > > I take it that these errors... > > > Nov 23 16:36:14 per05 amavis[14608]: (14608-09) (!!)run_av > (ClamAV-clamd) FAILED - unexpected , > output="/var/lib/amavis/tmp/amavis-20091123T091422-14608/parts: lstat() > failed: Permission denied. ERROR\n" > Nov 23 16:36:14 per05 amavis[14608]: (14608-09) (!!)ClamAV-clamd > av-scanner FAILED: CODE(0x3a199b0) unexpected , > output="/var/lib/amavis/tmp/amavis-20091123T091422-14608/parts: lstat() > failed: Permission denied. ERROR\n" at (eval 89) line 527. > Nov 23 16:36:14 per05 amavis[14608]: (14608-09) (!!)WARN: all primary > virus scanners failed, considering backups > > ...are to do with permissions. > > Could someone confirm what permissions I'm supposed to set up on what? > > I suppose I should open up permissions on /var/lib/amavis/tmp but don't > want too much. Maybe just adding the user clamav to the group amavis > should be enough. > > Actually, was adding clamav to group amavis somewhere in the docs? > > bailey86 > > > > -- > *Kevin Bailey* > Director/Programmer - Freeway Projects Limited > Web: www.freewayprojects.com <http://www.freewayprojects.com/> > Email: kbai...@freewayprojects.com <mailto:kbai...@freewayprojects.com> > Phone: +44 (0)1752 267090 gpasswd -a clamav amavis /etc/init.d/clamav-daemon restart Should do the trick. Look for the text: # NOTE: remember to add the clamav user to the amavis group, and # to properly set clamd to init supplementary groups in /etc/amavis/conf.d/15-av_scanners -- Gary V -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Updated sa config to use with spam_score_maps?
On 10/16/09, Mark Martinec wrote:
> Ricardo,
>
> > The latest version added several virus_name_to_spam_score_maps.
> > Does anyone have a corresponding spamassassin config file?
> > The one from the list archives (amavis-sanesecurity_v2.cf) is missing
> > several of the recently added ones, including safebrowsing.
> > Don't want to reinvent the wheel..
>
> Here is what I'm using at the moment:
>
> header L_AV_Phish X-Amavis-AV-Status =~
> m{\bAV:(Email|HTML)\.Phishing\.}i
> header L_AV_SpamX-Amavis-AV-Status =~ m{\bAV:Email\.Spammail}i
> header L_AV_PhishHeur X-Amavis-AV-Status =~ m{\bAV:Phishing\.Heuristics\.}i
> header L_AV_SS_PhishBar X-Amavis-AV-Status =~ m{\bAV:Sanesecurity_PhishBar_}
> header L_AV_SS_PhishX-Amavis-AV-Status =~ m{\bAV:Sanesecurity\.Phishing\.}
> header L_AV_SS_TestSig X-Amavis-AV-Status =~ m{\bAV:Sanesecurity\.TestSig_}
> header L_AV_SS_SpearX-Amavis-AV-Status =~ m{\bAV:Sanesecurity\.Spear\.}
> header L_AV_SS_Malware X-Amavis-AV-Status =~
> m{\bAV:Sanesecurity\.(Malware|Rogue|Trojan)\.}
> header L_AV_SS_Scam X-Amavis-AV-Status =~
> m{\bAV:Sanesecurity\.(Scam[A-Za-z0-9]?)}
> header L_AV_SS_Spam X-Amavis-AV-Status =~
> m{\bAV:Sanesecurity\.(Bou|Cred|Dipl|Job|Loan|Lott|Porn|Spam[A-Za-z0-9]?|Stk|Junk)\.}
> header L_AV_SS_Hdr X-Amavis-AV-Status =~ m{\bAV:Sanesecurity\.Hdr\.}
> header L_AV_SS_Img X-Amavis-AV-Status =~
> m{\bAV:Sanesecurity\.(Img|ImgO|SpamImg)\.}
> header L_AV_SS_Bounce X-Amavis-AV-Status =~ m{\.Spam\.Bounce(\.[^.,
> ]*)*\.Sanesecurity\b}
> header __L_AV_SSX-Amavis-AV-Status =~ m{\bAV:Sanesecurity\.}
> meta L_AV_SS_other__L_AV_SS && !(L_AV_SS_PhishBar|| L_AV_SS_Phish ||
> L_AV_SS_TestSig || L_AV_SS_Spear || L_AV_SS_Scam || L_AV_SS_Spam ||
> L_AV_SS_Malware || L_AV_SS_Hdr ||
> L_AV_SS_Img || L_AV_SS_Bounce)
> header L_AV_MSRBL_Img X-Amavis-AV-Status =~ m{\bAV:MSRBL-Images\b}
> header L_AV_MSRBL_Spam X-Amavis-AV-Status =~ m{\bAV:MSRBL-SPAM\.}
> header L_AV_MBL X-Amavis-AV-Status =~ m{\bAV:MBL_(?!NA\.UNOFFICIAL)}
> header L_AV_SecInf X-Amavis-AV-Status =~ m{-SecuriteInfo\.com\b}
>
> score L_AV_Phish 14
> score L_AV_Spam5
> score L_AV_PhishHeur 5
> score L_AV_SS_Phish5
> score L_AV_SS_PhishBar 0.5
> score L_AV_SS_TestSig 0.123
> score L_AV_SS_Spear4
> score L_AV_SS_Scam 8
> score L_AV_SS_Spam 8
> score L_AV_SS_Hdr 6
> score L_AV_SS_Img 3.5
> score L_AV_SS_Bounce 0.1
> score L_AV_SS_other1
> score L_AV_SS_Malware 14
> score L_AV_MBL 14
> score L_AV_MSRBL_Img 3.5
> score L_AV_MSRBL_Spam 6
> score L_AV_SecInf 8
>
>
> Mark
>
For convenience, you can grab Mark's current version from:
http://www200.pair.com/mecham/spam/amavis-sanesecurity_v2.cf
--
Gary V
--
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] pflogsum + amavisd
On 9/9/09, Claudio Kuenzler wrote: > any official answer on this? > maybe from Mark himself? > > On Sat, Aug 29, 2009 at 6:34 AM, Julio Cesar Covolato wrote: > > > Can I Trust in this stats, or a half, by the all mails sent twice to > > postfix? > > > > > > Postfix log summaries for Aug 28 > > > > Grand Totals > > > > messages > > > > 47406 received > > 66746 delivered > > 25 forwarded > >682 deferred (4063 deferrals) > > 1654 bounced > > 8192 rejected (10%) > > 0 reject warnings > > 0 held > > 0 discarded (0%) > > > > 3617m bytes received > > 5936m bytes delivered > > 2473 senders > > 1373 sending hosts/domains > > 10030 recipients > > 2830 recipient hosts/domains > > > > Thanks in advace.. > > > > > > -- > > - > >_Julio Cesar Covolato > > 0v0 > > /(_)\ F: 55-11-3129-3366 > > ^ ^ PSI INTERNET > > - My guess is that there are a number of situations to consider. One thing I know is that at least couple people have tried to get the number closer to what one would expect by using log pre-processors: http://web.tiscali.it/postfix/prepflog.html and see pflogsumm double reporting here: http://www.caspergasper.com/spam.shtml -- Gary V -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavisd/postfix setup with local delivery and external forwarding
On 6/18/09, MK wrote: > hi list, > > is it possible to setup postfix/amavisd/mysql-lookups to forward all > incoming mails for some > domains (e.g. "example.com") after virus/spam-checks to another > (external) ip and port for > address mapping and delivery while delivering all other domains local to > virtuser-/maildir? > both "delivery ways" should get its configs/policies from sql. > > any hints how to achieve this in just one single amavisd/postfix setup? > > thanks in advance > > martin > May provide ideas (or a resonably complete system): http://www200.pair.com/mecham/spam/virtual2.html -- Gary V -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] OT, auto_whitelist
On 4/5/09, Giuseppe Ghibò wrote: > Hi, sorry for the OT, but I'd like to know other amavisd user experience > about the > autowhitelist. > > Currently it seems to become uneffective and unreliable, or even harmful. > In fact many spammers now send you spam using your own (or your domain) name > in "From "field, i.e. like if an email is sent by yourself. This often > gives for the AWL > a negative score of several points...(considering that the SPAM > threshold is often around a score of 5). The first two octets of the senders IP address are also recorded, so AWL considers one sender address from two different /16 networks two different records. > Of course it's also true this one: > > http://wiki.apache.org/spamassassin/AwlWrongWay > > but I was wondering whether according to *current* users experience it > is better to disable > the AWL test. Maybe the loading of the AWL plugin in amavisd can be made > conditional > in amavisd.conf? > > Thanks. > Bye > Giuseppe. Personally, I turn it off. You can either turn it off in local.cf - 'use_auto_whitelist 0' (or) disable the plugin in v310.pre (don't do both - or you may get a --lint error). -- Gary V -- ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] _destination_concurrency_limit vs master.cf
On 4/4/09, Giuseppe Ghibò wrote: > In amavisd-new documentation README.postfix (version 148, > BTW, the release online is outdate, as reports version 122 > see http://www.ijs.si/software/amavisd/README.postfix) > there is reported that using amavisfeed_destination_concurrency_limit = XX > is an alternative way to master.cf for controlling the maximum numbers of > concurrent processes (which should be in sync with amavis $max_servers). > Indeed I found that > the number of concurrent lmtp processes named amavisdfeed > exceed 1 unit the number in amavisfeed_destination_concurrency_limit. E.g. > if I have amavisfeed_destination_concurrency_limit = 2, I get 3 > amavisfeed lmtp processes running, > if I have amavisfeed_destination_concurrency_limit = 1 I get 1 lmtp > process running and so on. I may be misunderstanding, but are you looking at the number of amavisd proceses running? If $max_servers is set to 2, you get one master and two child processes. Changing amavisfeed_destination_concurrency_limit limits the number of messages that Postfix will ask amavisd-new to process concurrently (not the number of amavisd processes that run). The number of child amavisd processes running must be equal to the number of messages it will be concurrently sent. You can have more amavisd processes running if you like, but this just wastes memory because they will not be fed any messages. If you use amavisd-release often, it's actually a good idea to have a spare amavisd child running to process the release requests in case all the other processes are busy processing messages from Postfix. Typically more than one $max_servers would be used, and typically amavisfeed_destination_concurrency_limit (or maxproc for the amavisfeed transport) would be set to more than one. Also see: http://marc.info/?l=postfix-users&m=120612390511480 > On the other hand setting such limit in master.cf won't exceed the > specified number. > > Are you obtaining the same behaviour? Furthermore I get also that > postconf _destination_concurrency_limit doesn't show any output > (probably works only with internal vars). Yes, I think that is the case. > Anyway seems also that > using _destination_concurrency_limit has a weird behaviour, > e.g. if you specify it to 1, the meaning changes from global (per-domain) > to per-recipient (e.g. see this thread > http://archives.neohapsis.com/archives/postfix/2007-11/1466.html). > > Bye > Giuseppe. It would be rare to use 1. If we are talking about your server that is a dual quad Zeon with 12GB ram, I would start out with something more like 20 or 30. I noticed in another thread that you are experiencing high latency due to network tests. Network tests are a vital part of spam detection and spamassassin does not work effectively without them. Most of the delay is caused by waiting for answers from remote servers (and getting timeouts for various reasons). To help with that, an effective thing to do is to increase concurrency by increasing the number of processes ($max_servers and complimentary amavisfeed_destination_concurrency_limit) up to a certain sweet spot, where you are processing as much mail as quickly as possible. Setting the number too high makes a mess and greatly decreases performance. http://www.ijs.si/software/amavisd/README.performance.txt Also, it's highly beneficial to run a local DNS cache. This increases speed and effectiveness of network tests. -- Gary V -- ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] "warning: Illegal address syntax from localhost" on infected reports
> Here is an additional patch for that section:
>
> --- amavisd.orig2008-12-15 01:50:09.0 +0100
> +++ amavisd 2009-04-02 16:57:16.0 +0200
> @@ -12566,10 +12566,10 @@
> $hdrfrom_recip = expand_variables($hdrfrom_recip);
> my($mailfrom_recip_q);
> - if (defined $mailfrom_recip) {
> -$mailfrom_recip_q = qquote_rfc2821_local($mailfrom_recip);
> - } else { # defaults to email address in hdrfrom_notify_recip
> + if (!defined($mailfrom_recip)) {
> +# defaults to email address in hdrfrom_notify_recip
> $mailfrom_recip_q = (parse_address_list($hdrfrom_recip))[0];
> $mailfrom_recip = unquote_rfc2821_local($mailfrom_recip_q);
> }
> + $mailfrom_recip_q = qquote_rfc2821_local($mailfrom_recip);
> my($notification) = Amavis::In::Message->new;
> $notification->rx_time($msginfo->rx_time); # copy the reception time
>
>
> Mark
I added that as patch 6. Patch 5 is the Perl 5.8.9 taint bug (which is
only required if one is using Perl 5.8.9.
http://www200.pair.com/mecham/spam/amavisd.2.6.2.patch1.txt
http://www200.pair.com/mecham/spam/amavisd.2.6.2.patch2.txt
http://www200.pair.com/mecham/spam/amavisd.2.6.2.patch3.txt
http://www200.pair.com/mecham/spam/amavisd.2.6.2.patch4.txt
http://www200.pair.com/mecham/spam/amavisd.2.6.2.patch5.txt
http://www200.pair.com/mecham/spam/amavisd.2.6.2.patch6.txt
--
Gary V
--
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] rw_loop: leaving rw loop, no progress
> smtp inet n - n - 5 smtpd > > smtp-amavis unix - - n - 5 smtp > -o smtp_data_done_timeout=1200 > -o smtp_send_xforward_command=yes > -o disable_dns_lookups=yes > -o max_use=20 > > 127.0.0.1:10025 inet n - n - 5 smtpd Why did you limit smtp and 127.0.0.1:10025 to only 5 maxproc? I would leave these at the default - the way you had it initially. Your maxproc for smtp-amavis (5) is higher than your $max_servers = 2; Set them to the same number, or if you use amavisd-release often, set $max_servers one higher that the maxproc for smtp-amavis. -- Gary V -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] not seeing stars in
On 3/20/09, Goodman, William wrote: > Hi all, > > Has any body have the configuration setting to show the stars in the > "X-Spam-Level:", is the setting in spamassassin > or postfix. I running postfix, ClamAV and Spamassassin all current > versions. see snippet below: > > X-Virus-Scanned: amavisd-new at jcvi.org > X-Spam-Flag: NO > X-Spam-Score: -99.438 > X-Spam-Level: > X-Spam-Status: No, score=-99.438 tagged_above=-999 required=5 > tests=[AWL=0.563, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] > > Help Please... > > Bill One would first have to invent the 'negative star' (oh yeah -i guess there are black holes). This user is whitelisted, so you got a score of -99.438. If you have a message that scores at 1 or more, you should see stars. -- Gary V -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Spam properly handled, but Subject is not Re-written
> On 2/1/09 8:24 AM, Casey Bralla wrote: > > Problem Summary: Spam is properly identified and quarantined, but the > > Subject > > line is not re-written. > > > > I'd like the subject line to say "SPAM!" + the old subject line > > The idea behind not changing the subject line of quarantined mail is because at some point you may wish to release mail from quarantine. If you are releasing it, then it's likely that you are releasing it because it is not spam. If it's not spam, then having it marked as such would be confusing to the recipient(s). There is a way to add the score, for example: $sa_spam_subject_tag = 'SPAM! _SCORE_ '; But only mail actually passed to local recipients will have the subject line modified. Since your kill_level is low (in my opinion), I believe you will have to do a lot of work constantly policing the quarantine. Personally, I think you would be better off passing (and marking) some spam to your recipients. I would let them manage at least some of their spam. For example: $sa_tag2_level_deflt = 5; $sa_kill_level_deflt = 8; -- Gary V -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] about amavis-sanesecurity_v2.cf
Thanks. I added Mark's rule and scored it a 3. -- Gary V -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] about amavis-sanesecurity_v2.cf
On 1/15/09, Eddy Beliveau wrote:
> Hi! Networkers,
>
> We are using, with success, amavisd-new + clamav
>
> We are using http://www200.pair.com/mecham/spam/amavis-sanesecurity_v2.cf
> for scoring based on clamav analysis.
>
> Lately, we notice, in our logs, that some email hits the rule
> AV:Phishing.Heuristics.Email.SpoofedDomain
> which score as 0.1, but amavis-sanesecurity_v2.cf does not hits the
> rule L_AV_Phish
>
> So I edit that cf file with the following difference:
>
> @@ -1,4 +1,4 @@
> -header L_AV_Phish X-Amavis-AV-Status =~
> m{\bAV:(Email|HTML)\.Phishing\.}i
> +header L_AV_Phish X-Amavis-AV-Status =~
> m{\bAV:(|(Email|HTML)\.)Phishing\.}i
>
> Cheers,
> Eddy
>
> --
> Eddy Beliveau
> HEC Montreal
> Montreal (Quebec)
> Canada
Looks OK to me, and I'm happy to update this, but Mark and others
wrote this and I'm not good on regex, so I wonder if someone would
offer a second opinion?
--
Gary V
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] bayes lock failed errors
On 12/10/08, Ricardo Stella wrote: > Gary V wrote: > > On 12/9/08, Ricardo Stella wrote: > > > >> I've been getting these errors but can't seem to be able to trace this > >> out... Permissions are correct from what I can see. > >> > >> Any ideas? > >> > > > > Are you using 'lock_method flock'? > > > > http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Conf.html#miscellaneous_options > > > > If not, it may help. Read the link to see if it's appropriate. > > > > > I'm using the default (commented out). There's no NFS here... > > # > # lock_method flock > Then I suggest you try it. -- Gary V -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] bayes lock failed errors
On 12/9/08, Ricardo Stella wrote: > > I've been getting these errors but can't seem to be able to trace this > out... Permissions are correct from what I can see. > > Any ideas? > > amavis[7285]: (07285-10) _WARN: bayes: cannot open bayes databases > /var/amavis/.spamassassin/bayes_* R/W: lock failed: File exists > > Directory listing typically shows: > > -rw--- 1 amavis amavis 10498048 Dec 9 10:09 auto-whitelist > -rw--- 1 amavis amavis25 Dec 9 10:09 > auto-whitelist.lock.host.domain.edu.10275 > -rw--- 1 amavis amavis25 Dec 9 10:09 > auto-whitelist.lock.host.domain.edu.10404 > -rw--- 1 amavis amavis24 Dec 9 10:09 bayes.lock > -rw--- 1 amavis amavis25 Dec 9 10:09 > bayes.lock.host.domain.edu.10258 > -rw--- 1 amavis amavis 41574400 Dec 9 10:09 bayes_seen > -rw--- 1 amavis amavis 335331328 Dec 9 10:09 bayes_toks > > And the lock.host.domain files are created and removed frequently. > Are you using 'lock_method flock'? http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Conf.html#miscellaneous_options If not, it may help. Read the link to see if it's appropriate. -- Gary V -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] [newbie] Running amavisd-new on different machine than postfix server
On 11/2/08, Sahil Tandon wrote: > Bernard T. Higonnet wrote: > > > I have been running a FreeBSD 7.0 system with Postfix 2.4.6 which is > > very happy. > > > > I want to add AMaViS, and just for the hell of it, want it to run on a > > machine other than that hosting the Postfix server. > > > > AMaViS runs at startup from /etc/rc.conf and looks OK to a newbie. > > > > netstat -a produces > > > > tcp4 0 0 localhost.10024 *.* LISTEN > > > > > > My first problem, which has very little to do with AMaViS, and a lot to > > do with ignorance of basic unix, is that I can only reach this port > > using "telnet localhost 10024" from the machine itself. All attempts to > > telnet into AMaViS from the Postfix machine produces > > > > telnet: connect to address 192.168.3.108: Connection refused > > You need to tell amavisd-new (via amavisd.conf) that it should accept > connections from an external machine. See the example configuration (it > is likely amavisd.conf-sample) and read starting here: > > # SMTP SERVER (INPUT) access control > > -- > Sahil Tandon <[EMAIL PROTECTED]> This may be helpful too: http://marc.info/?l=amavis-user&m=115016996412498 -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SaneSecurity - new signature format.
On 10/29/08, Mark Martinec <[EMAIL PROTECTED]> wrote:
> Mike,
>
> > This one (L_AV_Phish) is missing a header rule above. Did you mean this
> > to be __L_AV_SS instead?
>
> I left it out by mistake, here it is:
>
> header L_AV_Phish X-Amavis-AV-Status =~ m{\bAV:(Email|HTML)\.Phishing\.}i
>
> Mark
I updated:
http://www200.pair.com/mecham/spam/amavis-sanesecurity_v2.cf
So Voytek, you may wish to either remove and replace your copy, or
edit your copy.
Do not know how to resolve your other issue, but I doubt that it's related.
--
Gary V
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SaneSecurity - new signature format.
If you want the rules file, you could wget if from: http://www200.pair.com/mecham/spam/amavis-sanesecurity_v2.cf remember to run: spamassassin --lint after adding any new rules. -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SaneSecurity - new signature format.
On 10/28/08, Voytek Eymont <[EMAIL PROTECTED]> wrote: > > On Wed, October 29, 2008 7:03 am, Mark Martinec wrote: > > > and accompanying SpamAssassin rules (local.cf, watch for line wraps by > > your MUA): > > does this just goes to /etc/mail/spamassassin/local.cf ? > anything to do after inserting the lines ? > > sorry for PITA questions... > -- > Voytek > You could do that, or you could place these rules in a separate file. You would place the file in your /etc/mail/spamassassin directory and name it with a .cf extension, in the same manner as local.cf. >> @virus_name_to_spam_score_maps = > do I just insert in anywhere ahead of the two final entries ? That should work. I could be wrong, but I think you could place it anywhere between: use strict; and: 1; # insure a defined return as long as it was not inside another statement. Afterwards, reload amavisd-new Mark, I realize this was a tedious exercise. Thank you for your quality efforts. -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavisd uses lots of memory
> I suggest you downgrade to 0.87 or 0.90. This old version of > amavisd-maia had issues with Net::Server > 0.90 and did not play well > with 0.88 and 0.89. Are you running Debian per chance? If so, this should replace 0.94 with 0.87 (at least it did for me): cd /usr/local/src wget http://http.us.debian.org/debian/pool/main/libn/libnet-server-perl/libnet-server-perl_0.87-3sarge1_all.deb dpkg -i libnet-server-perl_0.87-3sarge1_all.deb Doing it this way will make it possible to upgrade in the future from Debian packages. If you install from source, you would have to manually locate and disable the software if you wanted to upgrade in the future: http://marc.info/?l=amavis-user&m=114358249713291 In my etch system, if I install 0.87 from packages and 0.90 from source: 0.90 installed in /usr/local/share/perl/5.8.8/Net/Server.pm 0.87 installed in /usr/share/perl5/Net/Server.pm So if I wanted to disable the source installed version in the future, I could rename /usr/local/share/perl/5.8.8/Net/Server.pm -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavisd uses lots of memory
On 10/27/08, Wojtek Bogusz <[EMAIL PROTECTED]> wrote: > hi, thank you. > > > What version of Net::Server are you running? > > perl -MNet::Server -e 'print "$Net::Server::VERSION\n";' > > it is 0.94. looks like 0.97 is the current version. i'll update. I suggest you downgrade to 0.87 or 0.90. This old version of amavisd-maia had issues with Net::Server > 0.90 and did not play well with 0.88 and 0.89. > i will try to update also maia + amavisd-new maybe it will help. You would want to upgrade to Maia 1.0.2. There are a number of posts related to upgrading on the maia list. http://www.renaissoft.com/pipermail/maia-users/ I suggest joining their mailing list if you have not already done so. - Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavisd uses lots of memory
> amavis gets up to 800 MB - 1GB :-( My guess is that there is at least one problematic message that is acting similar to a mail bomb. Maybe some problem with decoding. If you grep your log for 'size' you might see a message of one particular size that repeatedly tries to be sent. This might help diagnose if it is one particular message gumming up the works or not and which message it might be. -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] clam lstat failed
On 10/26/08, Voytek Eymont <[EMAIL PROTECTED]> wrote: > > On Fri, October 24, 2008 12:51 pm, Gary V wrote: > > On 10/23/08, Voytek Eymont <[EMAIL PROTECTED]> wrote: > > > Typically you need to add the amavis user to the clamav group and insure: > > AllowSupplementaryGroups yes > > is in clamd.conf. > > > > http://groups.google.com/group/mailing.unix.amavis-user/browse_thread/thr > > ead/047fef229e74dacd > > Gary, > > many thanks > > perusing old threads, I can see I've previously struck similar problem(s) > already > > after a few alteration, back and forth, I eventually seemed to have it > going, though, I'm still at loss how/why and so on (so what else is new, > you ask?) > > 'AllowSupplementaryGroups yes' was always there > > it seems, in the past, I was running as clam, now, as amavis > I ended up chowing whatever files were complained off, till , it stopped > complaining > > it still didn't work, BUT, next day, with no further input from me, it was > working > > > # grep "Runnin" * > clamd.log.1:Fri Oct 24 23:45:27 2008 -> Running as user amavis (UID 105, > GID 106) > > clamd.log.3:Sun Jul 20 00:32:49 2008 -> Running as user clamav (UID 104, > GID 105) > > -- > Voytek I think it makes for a cleaner and simpler setup to run as clamav (as it appears you are doing), add the clamav user to the amavis group and insure 'AllowSupplementaryGroups yes' is set. -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavisd uses lots of memory
> it gives a lot of output. but if i filter out 'SA TIMED OUT' mostly it > is like: > > TROUBLE in check_mail: mime_decode-1 FAILED: run_command (open pipe): > Can't fork at /usr/lib/perl/5.8/IO/File.pm line 70, line [X]. > at /usr/sbin/amavisd-new line 1656, line [X]. > > where [X] may be: many different numbers, like: 76, 104, 116, 1857, ... > and [Y] may be: 20, 77, 83, 87, 115, .. and many other. > > /usr/lib/perl/5.8/IO/File.pm line 70 is open() a file and > /usr/sbin/amavisd-new line 1656 is chomp that must die. at 1655 is a > fork to catch the errors. > perhaps it cannot fork as it has no memory left? > > and than the logs say most often: > > PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-... > > when i looked at this folder there are some emails but all of them are > not large, not more than 200k What version of Net::Server are you running? perl -MNet::Server -e 'print "$Net::Server::VERSION\n";' How many $max_servers are you running? Do the number of $max_servers match the number of maxproc for the smtp-amavis transport in master.cf? http://marc.info/?l=amavis-user&m=44940508012 -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavisd uses lots of memory
You say you are using amavisd-new and maia, but these two programs are mutually exclusive. You run one or the other, not both. I will asume you are running Maia. I would start with looking in your log for errors reported by amavis. The path to your mail log may need to be changed: egrep "(TROUBLE|Can't|TIMED|timed|ERROR|Error|abort|error|fatal|PRESERVING|FAILED)" /var/log/maillog | grep amavis It could be that you you are allowing one or more very large messages to pass through Maia. Look through your mail log at the size of the messages passed to Maia just before it crashes. If I recall, unlike amavisd-new, Maia unpacks messages in memory which could account for it crashing on a large message. http://maiamailguard.com/maia/wiki/SizeLimit -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] clam lstat failed
On 10/23/08, Voytek Eymont <[EMAIL PROTECTED]> wrote: > My clam setup failed quite a while ago, and, it's only now that I've fixed > it (or perhaps not) > > even though clam wasn't running, I never disabled it from amavis > (generating continual 'fail' log entries) > > now, I've started clam, stop/started amavis, and, see this: > > what is it telling me? > > Oct 23 20:18:19 amavis[24172]: Using primary internal av scanner code for > ClamAV-clamd > Oct 23 20:18:19 amavis[24172]: Found secondary av scanner ClamAV-clamscan > at /usr/bin/clamscan > Oct 23 20:19:23 amavis[24217]: (24217-01) (!!)ask_av (ClamAV-clamd) FAILED > - unexpected result: /var/amavis/tmp/amavis-20081023T201922-24217/parts: > lstat() failed. ERROR\n > > # service amavisd status > amavisd (pid 24217 24216 24172) is running... > amavis-milter is stopped > # service clamd status > clamd (pid 23445) is running... > > -- > Voytek > Typically you need to add the amavis user to the clamav group and insure: AllowSupplementaryGroups yes is in clamd.conf. http://groups.google.com/group/mailing.unix.amavis-user/browse_thread/thread/047fef229e74dacd -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Global MySQL White/Black Listing
On 10/22/08, Wendel, Ryan <[EMAIL PROTECTED]> wrote: > It appears that this overrides every user's policy settings. > > Does anyone have any other ideas on how to go about globally white-listing a > domain or address? > > -Ryan > Ah, ok... I see. The recipient would simply be "@." to globally > white/black-list a sender address. > > Nice and simple... I like it!!! > Thank you very much for your input. > Regards, > Ryan So create a policy with all fields left at NULL except the id and policy_name, and then assign this policy to the @. user. -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Newbie - Banned stops spam check?
> >1) is it correct that if the banned spots a mail, that it doesn't go > >onto span scoring? correct > >2) can I tell it to spam check them anyway? Scanning stops once a 'hit' occurs. http://www.ijs.si/software/amavisd/amavisd-new-docs.html#checks > >3) Since I don't Ban anything , could i disable that part, and then > >it would pick up the spam score? Yes, you can either disable banned checks or remove tests from $banned_filename_re >The best I have been able to find is that killing off virus or spam >checking is done by commenting out @bypass_x_maps - But there isn't >one for the banned!!! so I am at square one again... Yes there is one. Read amavisd.conf-sample and amavisd.conf-defaults. @bypass_banned_checks_maps = (1); However, you say you don't ban anything, yet you ARE banning stuff. What you ban is being controlled by what is inside $banned_filename_re = new_RE( ); As an alternate to bypassing banned checks, you could simply remove or comment out everything between the parentheses. Comment that stuff out. Problem solved. -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Suppress recipient delimiters on outgoing mail?
> Is this a case of local recipients forwarding to non-local domains > (aliases pointing to non-local recipeints)? I believe in this case the > [EMAIL PROTECTED] address would be rewritten as > [EMAIL PROTECTED] > > [EMAIL PROTECTED] [EMAIL PROTECTED] > Sorry, should have read user+spam, not spam+user. This alias seems to get the +spam when address rewriting is disabled before amavisd-new, but is enabled after amavisd-new. In other words: smtp inet n - - - - smtpd -o content_filter=smtp-amavis:[127.0.0.1]:10024 -o receive_override_options=no_address_mappings -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Suppress recipient delimiters on outgoing mail?
On 10/12/08, Sahil Tandon <[EMAIL PROTECTED]> wrote: > John Andersen <[EMAIL PROTECTED]> wrote: > > > On Sun, Oct 12, 2008 at 2:12 AM, mouss <[EMAIL PROTECTED]> wrote: > > > John Andersen a écrit : > > >> We scan mail inbound and outbound via Amavisd-New. (2.4.3 via Opensuse). > > >> > > >> Occasionally someone will send something outbound that might get flagged > > >> as spammy. Amavis then attaches our recipient delimiter +spam on the > > >> outbound mail, all of which bounce. > > >> > > > > > > amavisd-new will only do that if the recipient is "local". so it looks > > > like you defined remote domains as local. Is it so? > > > > No, of course not. > > > > The users send mail thru our server whether locally attached or roaming > > via authenticated (ssl) connections. > > > > Mail to some foreign address, say a gmail account or a ISP somewhere > > is being scanned, and if found spammy (over our rather tight threshold) > > is getting recipient delimiters appended. > > > > This is in spite of your assertion this can not happen. > > > > I can see it in the logs. > > I use 2.6.1; just sent a SPAMMY test email to [EMAIL PROTECTED] > as well as [EMAIL PROTECTED] The former was sent > without an address extension while "+spam" was added to the local > part of the latter. This is consistent with what mouss said and the > following comment in the code: > > # If decided to pass viruses (or spam) to certain recipients using > # %lovers_maps_by_ccat, or by %final_destiny_by_ccat resulting in D_PASS, > # one may set the corresponding %addr_extension_maps_by_ccat to some string, > # and the recipient address will have this string appended as an address > # extension to a local-part (mailbox part) of the address. This extension > # can be used by a final local delivery agent for example to place such mail > # in different folder. Leaving these variable undefined or empty string > # prevents appending address extension. Recipients which do not match access > # lists in @local_domains_maps are not affected (i.e. non-local recipients > # do not get address extension appended). > > -- > Sahil Tandon <[EMAIL PROTECTED]> > Is this a case of local recipients forwarding to non-local domains (aliases pointing to non-local recipeints)? I believe in this case the [EMAIL PROTECTED] address would be rewritten as [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Error
On 10/12/08, Hannes Hellinger <[EMAIL PROTECTED]> wrote: > Thank you, > the problem was: > > drwxr-xr-x 57 nobody nogroup 4096 Oct 12 09:12 /etc > > I changed it to > > drwxr-xr-x 57 root root 4096 Oct 12 09:12 /etc > > Are the permissions ok ? drwxr-xr-x > That's what I have, 0755 Of course Mark is right about the entire path to /usr/share/amavis/conf.d also, as a couple config files are stored there too. sfa:~# ls -ld / drwxr-xr-x 23 root root 4096 2008-10-11 19:24 / sfa:~# ls -ld /etc drwxr-xr-x 64 root root 4096 2008-10-12 07:56 /etc sfa:~# ls -ld /etc/amavis drwxr-xr-x 4 root root 4096 2008-10-12 07:56 /etc/amavis sfa:~# ls -ld /etc/amavis/conf.d drwxr-xr-x 2 root root 4096 2008-10-12 07:56 /etc/amavis/conf.d sfa:~# ls -ld /usr drwxr-xr-x 11 root root 4096 2007-06-01 07:55 /usr sfa:~# ls -ld /usr/share drwxr-xr-x 82 root root 4096 2008-10-12 07:56 /usr/share sfa:~# ls -ld /usr/share/amavis drwxr-xr-x 3 root root 4096 2008-10-12 07:56 /usr/share/amavis sfa:~# ls -ld /usr/share/amavis/conf.d drwxr-xr-x 2 root root 4096 2008-10-12 07:56 /usr/share/amavis/conf.d sfa:~# ls -l /etc/amavis/conf.d total 56 -rw-r--r-- 1 root root 1458 2007-02-24 11:30 01-debian -rw-r--r-- 1 root root 692 2007-02-24 11:30 05-domain_id -rw-r--r-- 1 root root 235 2007-02-24 11:30 05-node_id -rw-r--r-- 1 root root 13907 2007-02-24 11:30 15-av_scanners -rw-r--r-- 1 root root 554 2007-02-24 11:30 15-content_filter_mode -rw-r--r-- 1 root root 9187 2007-02-24 11:30 20-debian_defaults -rw-r--r-- 1 root root 573 2007-02-24 11:30 25-amavis_helpers -rw-r--r-- 1 root root 2130 2007-02-24 11:30 30-template_localization -rw-r--r-- 1 root root 318 2007-02-24 11:30 50-user sfa:~# ls -l /usr/share/amavis/conf.d total 8 -rw-r--r-- 1 root root 855 2007-02-24 11:30 10-debian_scripts -rw-r--r-- 1 root root 648 2007-02-24 11:30 20-package -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Error
On 10/11/08, Hannes Hellinger <[EMAIL PROTECTED]> wrote:
> Hello,
> I installed Postfix on a Debian Etch.
> After that I installed Amavis but it didn't start
>
> I get this error message:
> Starting amavisd: Insecure directory in $ENV{PATH} while
> running with -T switch at /usr/sbin/amavisd-new line 2030.
> 2030 push(@config_files, `run-parts --list "$dir"`);
>
> 2031 }
I would look and see who owns /etc, /etc/amavis and /etc/amavis/conf.d
and also see what the permissions are on the files under
/etc/amavis/conf.d. Should be owned by root. Show us:
ls -ld /etc
ls -ld /etc/amavis
ls -ld /etc/amavis.conf.d
ls -l /etc/amavis/conf.d
--
Gary V
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] SaneSecurity - new signature format.
Mark, As MrC announced, there have been changes to the SaneSecurity database that affect amavisd-new, and potentially spamassassin: http://marc.info/?l=amavis-user&m=122335037818485 Old format: Html.Phishing.Rdi.Gen001.Saneseurity.06030200.UNOFFICIAL New format: Sanesecurity.Phishing.Rdi.5.UNOFFICIAL What additions or changes should be made to these rules (This is extracted from from RELEASE_NOTES): http://www200.pair.com/mecham/spam/amavis-sanesecurity.cf And provided you think it would be useful and necessary, would you post a patch for amavisd-new (for both 2.6.1 and 2.5.4) for @virus_name_to_spam_score_maps?: @virus_name_to_spam_score_maps = (new_RE( [ qr'^(Email|HTML)\.(Phishing|Spam|Scam[a-z0-9]?)\.'i => 0.1 ], [ qr'^(Email|Html)\.Malware\.Sanesecurity\.' => undef ], [ qr'^(Email|Html)(\.[^., ]*)*\.Sanesecurity\.' => 0.1 ], # [ qr'^(Email|Html)\.(Hdr|Img|ImgO|Bou|Stk|Loan|Cred|Job|Dipl|Doc) # (\.[^., ]*)* \.Sanesecurity\.'x => 0.1 ], [ qr'^(MSRBL-Images/|MSRBL-SPAM\.)' => 0.1 ], )); Thanks very much, -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavis eats the machine
On 9/18/08, Len Conrad <[EMAIL PROTECTED]> wrote: > so now I've got 10 vscan's democratically eating 100% CPU with avg cpu load > of 10, 100+ MB RAM available. > > spamd and clamav worker bees still doing nearly 0% wcpu. > > Still doesn't seem right that amavis as an interface should be eating the > entire machine while the content-scanners basically are idle. > > iostat still shows many seconds of 0 bytes disk i/o. > > Len > amavisd-new does not use spamd, it uses the Mail::SpamAssassin Perl module. Typically there is no reason to start up spamd. It's idle because it's not doing anything. -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Trouble with /usr/bin/file
On 8/24/08, MrC <[EMAIL PROTECTED]> wrote: > Clemens von Musil wrote: > > Hi, > > > > the day before yesterday, my amavis started to fail with following log > > line per scanned email: > > > > > > 451 4.5.0 Error in processing, id=18143-02, decoding2-get-file-types > > FAILED: 'file' utility (/usr/bin/file) failed, status=1 (256 ) at > > /usr/sbin/amavisd-new line 3853. (in reply to end of DATA command)) > > > > > > I did not update anything at the time. If executed manually, > > /usr/bin/file seems to work as usual. I reinstalles file and amavisd-new > > from repository with no success. > > > > I really don't know where to search any error. > > > Perhaps the file utility is failing on the particular decoded part of > the MIME encoded email. You may still have a directory in your amavis > tmp directory (/var/amavis/tmp perhaps?) that ends with 18143. There > will be an "email.txt" file and a "parts" sub-directory. Try running > file on each component and checking the exit status of each. > > > > > > I run amavisd-new 20030616 on a debian sarge machine. Do I have to > > upgrade amavis? > > > > Thanks for any suggestion! > > Clemente > > Quite possibly goes back to a compatibility bug discovered a couple years ago. What version of Net::Server are you using? This old version of amavisd-new is not compatible with Net::Server > 0.90. You might need to downgrade to 0.90 (or 0.87). Do not use 0.88 or 0.89. perl -MNet::Server -e 'print "$Net::Server::VERSION\n";' But yes, the alternate is to upgrade to a newer version of amavsd-new. This works best if you upgrade from sarge to etch, but doing so is a major leap and could potentially cause your system to become unbootable. A long time ago I wrote a guide on upgrading 20030616p10 to 2.4.5: http://www200.pair.com/mecham/spam/upgrade245.html so this is another possibility. I also did some work on upgrading sarge to etch: http://www200.pair.com/mecham/spam/upgrade_etch.html but this is rather specific to another one of my HOWTOs. The best source of information is the Debian web site: http://www.debian.org/releases/stable/i386/release-notes/ch-upgrading -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Discard of spams
On 8/20/08, Eduardo Júnior <[EMAIL PROTECTED]> wrote: > Hi, > > > I read in [1] that to disable the quarantine, I have to disable the > following variables (in case the message is classified as spam): > > spam_quarantine_method = undef; > spam_quarantine_to = undef; > final_spam_destiny = D_DISCARD; > > > I did a test with the message EICAR and was classified as spam usually score > with> 1,000, which extrapolates the value of sa_dsn_cutoff_level and > sa_quarantine_cutoff_level with 15.0. > > However, a message was forwarded to quarantine. > > 30816-01) Passed SPAM, <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, > quarantine: spam-t37MKpoGZQYk.gz, Message-ID: < > [EMAIL PROTECTED]>, mail_id: > t37MKpoGZQYk, Hits: 1001.442, queued_as: 96BBB9C090, 2094 ms > > > I´m doing something wrong? > > > Eduardo Júnior It would be interesting to see all the X-Spam headers of the message that was received. Are you using SQL or LDAP? If so, they may override the static settings in amavisd.conf. Also, make sure there are not multiple entries in amavisd.conf. Is the sender whitelisted? One way to debug amavisd-new is to use debug_sender_maps. After you place a sender in this map, the first message sent from that address with be be debugged at $log_level 5. You would review your log in order to see all that debugging information. Since only the first message is debugged, if you want to try again you would have to reload amavisd-new. The evidence (the message parts) is preserved each time in your amavis home directory. One completed, don't forget to comment out or remove the entry in amavisd.conf: @debug_sender_maps = ( ["[EMAIL PROTECTED]"] ); -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Getting Amavisd-new To Use Clamav
> I followed all steps and rebooted the server. I then checked running > processes in a program called "htop" and I did not see "clamd" or > "clamav" listed anywhere which I found strange however I do see amavis > running. I then checked to see if clamd or clamav was running: > Try: ps aux | grep clam | grep -v grep on a system I have it shows: clamav2498 0.0 11.3 60560 58508 ?Ss 19:57 0:00 /usr/sbin/clamd clamav2591 0.0 0.2 2844 1220 ?Ss 19:57 0:00 /usr/bin/freshclam -d --quiet > > email:~# apt-cache policy clamav-daemon > clamav-daemon: > Installed: 0.93.1.dfsg-1.1~bpo40+1 > Candidate: 0.93.1.dfsg-1.1~bpo40+1 > Version table: > *** 0.93.1.dfsg-1.1~bpo40+1 0 > 1 http://www.backports.org etch-backports/main Packages >100 /var/lib/dpkg/status > 0.90.1dfsg-3.1+etch14 0 >500 http://security.debian.org etch/updates/main Packages > 0.90.1dfsg-3etch11 0 >500 http://ftp.us.debian.org etch/main Packages So you are using etch backports for clamav. This is fine. You can do this as an alternate to volatile. >I checked that file "15-content_filler_mode" and I have some lines >there but they're all commented out. I am also confused because I was >told that "50-user" is the last config file to load so anything I add >in "50-user" will over ride the other config files. Am I missing >something here or not understanding something? I am still struggling >to understand Debians approach to multiple config files rather than a >simple /etc/amavis.conf file. If my amavisd-new config is all listed >in "50-user", should I still follow your suggestion and make changes >to "15-content_filler_mode" to get Clamav working? What you are not understanding is that you can do what you want. It is generally recommended to place your setting overrides in 50-user, but it is not mandantory (and on a rare occasion, not the best option for some settings). I think the idea behind splitting up one config file into multiple files was to aide with upgrades. If the Debian installer detects that you have not modified a given config file, it will assume it can replace it with a new version. This may make it easier for the package maintainers to perform upgrades. If you have modified a given file, it may ask you what you want to do during the upgrade (keep the old one, replace it, etc.). The only purpose of the 15-content_filter_mode file is to enable or disable spam and/or virus scanning. Personally, I would simply edit that file (probably because it's easier to do), but if you like, you could copy the required lines into 50-user. I think the latter approach is more error prone however. As mouss says, look at your logs. Watching the mail log when testing is a great way to spot problems. Open an additional terminal session and tail the mail log while starting amavisd-new. tail -f /var/log/mail.log -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Getting Amavisd-new To Use Clamav
On 8/18/08, Carlos Williams <[EMAIL PROTECTED]> wrote: > On Mon, Aug 18, 2008 at 9:25 PM, Gary V <[EMAIL PROTECTED]> wrote: > > Thanks MrC, but they would be a bit to go through. > > For a plain amavisd-new install on etch: > > But I already have Amavid-new installed and what I believe to be > working on my Etch machine. That's fine, I was not asking you to reinstall it. > > > add this to /etc/apt/sources.list: > > > > deb http://volatile.debian.org/debian-volatile etch/volatile main > > > > Then run: > > gpg --keyserver subkeys.pgp.net --recv-key BBE55AB3 > > gpg --armor --export BBE55AB3 | apt-key add - > > > > run: > > apt-get update > > then: > > apt-get install clamav clamav-daemon clamav-freshclam > > This is interesting to me because the current Etch repos have a slight > revision back of Clamav and it always complains when I run "freshclam" > > == You can expect this, it usually takes a week or two for volatile to get updated. > > mail:~# apt-cache policy clamav > clamav: > Installed: 0.93.1.dfsg-1.1 > Candidate: 0.93.1.dfsg-1.1 > Version table: > *** 0.93.1.dfsg-1.1 0 >500 http://ftp.us.debian.org lenny/main Packages >100 /var/lib/dpkg/status > 0.93~dfsg-1+lenny1 0 >500 http://security.debian.org lenny/updates/main Packages > You are not running etch, you are running lenny, so for now you do not need to use volatile at all. Once lenny is released as stable, you will want to add a lenny volatile source. You have no need to add an etch volatile source. > == > > > edit /etc/amavis/conf.d/15-content_filter_mode > > and remove comments from the two appropriate lines: > > [EMAIL PROTECTED] = ( > > # \%bypass_virus_checks, [EMAIL PROTECTED], \$bypass_virus_checks_re); > > When I started to get my Amavisd-new config working, I only modified > /etc/amavis/conf.d/50-user. I never edited "15-content_filler_mode" > before so I don't know if you're assuming I should already have > something in "15-content_filler_mode". > You will have something there. Read the file - virus and spam scanning are disabled by default - typically you enable them by editing this file. > > Note that if you install spamassassin, it will get upgraded to > > whatever version is in volatile > > I have no even started to play or install with Spamassassin yet. I > first wanted to get Clamav working and then move to that next. Baby > steps ;) > -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Getting Amavisd-new To Use Clamav
Thanks MrC, but they would be a bit to go through. For a plain amavisd-new install on etch: add this to /etc/apt/sources.list: deb http://volatile.debian.org/debian-volatile etch/volatile main Then run: gpg --keyserver subkeys.pgp.net --recv-key BBE55AB3 gpg --armor --export BBE55AB3 | apt-key add - run: apt-get update then: apt-get install clamav clamav-daemon clamav-freshclam edit /etc/amavis/conf.d/15-content_filter_mode and remove comments from the two appropriate lines: [EMAIL PROTECTED] = ( # \%bypass_virus_checks, [EMAIL PROTECTED], \$bypass_virus_checks_re); Run (to add clamav user to amavis group): gpasswd -a clamav amavis Then: /etc/init.d/amavis stop /etc/init.d/clamav-daemon stop /etc/init.d/clamav-daemon start /etc/init.d/amavis start I suggest you watch your mail log for signs of trouble. Ideally you would test. Note that if you install spamassassin, it will get upgraded to whatever version is in volatile apt-cache policy spamassassin will show what version you would get. -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis + clamav in other host
On 8/1/08, Eduardo Júnior wrote: > > Ok. > I understood. > > So, to make a dedicated server to test viruses using amavis and clamav have > to install them together. > Because the virus check just in the names of the files does not make sense. > > And as Michel said, the additional overhead with tcp stream show delays, > reconnects and other issues that make tcp stream not a viable alternative > for amavisd. > > > But after reading all this: > > postfix receives the messages and pass to the amavis. > > Adding this in main.cf: > content_filter = SMTP-amavis: [192.168.2.188]: 10024 > > As the content of the message is passed for amavis in host 192.168.2.188? > where i found more details about this? > > > thanks for explanations. > > > []´s > -- > Eduardo Júnior > GNU/Linux user #423272 http://marc.info/?l=amavis-user&m=115016996412498 -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Prevent amavisd-new from modifying subjects
On 7/28/08, Christoph Pleger wrote: > Hello, > > is there an easy way to prevent amavisd-new from modifying the Subject: header > of a mail? One switch for all possible modifications, to turn them all off? > I do not want to go through all possible default variable settings (like > $sa_spam_subject_tag, $undecipherable_subject_tag) on every new release. > > Regards > Christoph > Is this what you are looking for? $sa_spam_modifies_subj = 0; -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavisd-new does not add spam headers
On 7/23/08, Christoph Pleger wrote: > I have named my test machine 'mail.pleger.local'. It accepts mail for > mail.pleger.local and for pleger.local. I send mail from > [EMAIL PROTECTED] to [EMAIL PROTECTED] $mydomain is set > to pleger.local, so I believe that spam headers should be inserted in mails > to [EMAIL PROTECTED] > > Regards > Christoph Stick this in /etc/amavis/conf.d/50-user @local_domains_maps = ([ '.pleger.local' ]); $sa_tag_level_deflt = undef; -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Possible to skip SA when ClamAV detects Phishing attempt?
On 7/23/08, Sahil Tandon wrote: > In a recent quarantine alert, I see: > > SpamAssassin report: > AV scanner ClamAV-clamd reported spam (not infection): > Email.Scam4.Gen1080.Sanesecurity.07120200 > > The rest of the typical SA report is also present, with all the different > rules and their associated scores. How can I configure amavisd-new to skip > SA altogether if ClamAV "hits" on a message? > > -- > Sahil Tandon <[EMAIL PROTECTED]> > In RELEASE_NOTES, http://www.ijs.si/software/amavisd/release-notes.txt search for: - make it possible for a virus scanner to derate an infection report -- Gary V - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Block attachament
On 7/2/08, Paolo De Marco wrote: > Hi. > I have installed the latest version of amavisd. > Now amavisd blocks all .exe attachment. > Ho can I say to amavisd to block all .exe attachmen except if the sender > of the mail is [EMAIL PROTECTED] > Thanks > Read examples 6, 7 and 8: http://www200.pair.com/mecham/spam/bypassing.html -- Gary V - Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis bottleneck?
BTW, since you are using a Debian variant, this might help if you are considering moving to Bayes to MySQL: http://www200.pair.com/mecham/spam/debian-spamassassin-sql.html Included is a mechanism to expire old bayes_seen entries. I created that document a couple years ago and and as I read it now, it seems a bit odd to me in a few places and could use a rewrite, but it should work just fine. -- Gary V - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis bottleneck?
> [EMAIL PROTECTED] ~amavis/.spamassassin # ls -la bayes_* > -rw--- 1 amavis amavis 8376 2008-06-24 14:05 bayes_journal > -rw--- 1 amavis amavis 670367744 2008-06-24 14:05 bayes_seen > -rw--- 1 amavis amavis 20455424 2008-06-24 14:05 bayes_toks > > is our bayes_seen too large? we haven't looked at the option of using > 670meg is pretty large. Mine is a stingy 20meg. Have you expired old > entries? >>In practice they keep growing, so what's going wrong? Nothing is wrong, except: bayes_seen is a database of messages that spamassassin has seen in the past. It's used to determine if a message has already been learned. There is no mechanism to clean it up. I would delete it when it gets large. I'm not sure if it matters or not, but it may be a good idea to stop amavisd, delete the file, then start amavisd. SA will recreate the file. > I can get hard 5XX error on my primary domain below (mydomain1.com) and > the Sender Filter seems to kick in as expected. > However when I try to send a random email to [EMAIL PROTECTED], > Exchange simply accepts it. I have been googling for some pointers to > this but I have none so far, would you have any idea why this is so? Sorry, I don't have any Exchange experience. -- Gary V - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis bottleneck?
On 6/23/08, Christian Purnomo <[EMAIL PROTECTED]> wrote: > I have done some testing re option #2 below, it seems that MS Exchange > 2003 does not 'reject non-existent user' upon probing hence I have to > cross this out (unless I'm wrong on this). I tested this by doing a few > test injections to the Exchange server and all invalid recipients were > simply accepted by exchange smtp. > > Option #1 is feasible, I have done some googling and noticed there 2 > ways to do this, active vs passive where active is to get the exhcnage > query the AD and passive is where you regularly do a full export of the > email addresses in AD and feed them into postfix. I'm testing the > 'active' at present. > > Thanks for your input. > > CP > Passive is typically used so AD does not get hammered. Fortunately you can (and should) configure Exchange 2003 to reject mail to invalid users. I have not done this myself, but this might be the way to do it: https://support.interjuncture.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=25 -- Gary V - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Allowing Only Selective Extension Types
On 6/12/08, MrC <[EMAIL PROTECTED]> wrote: > Manish Kathuria wrote: > > Hello Everyone, > > > > Is there a way to block all kinds of attachments and then selectively > > allow 2-3 types of extensions only (in addition to plain text) instead > > of the existing mechanism where all the extensions to be blocked are > > specified ? > > > > Thanks, > > > > I believe the existing mechanism should be sufficient. You'd want to > first specify which file types you accept, followed by a catchall rule > that rejects everything else. Something like this abbreviated version > of $banned_filename_re: > > $banned_filename_re = new_RE( > > ### type you allow > # [ qr'^\.(gz|bz2)$'=> 0 ], # allow gzip or bzip2 > > qr'^\..*$', # ban everything else > > ); > > The order is important - first match wins, so you'd place specific > entries first. > > Note the grouping for the gzip/bzip2 rule, and that it maps to 0; this > means to *allow* this type. Mappings without a value default to 1, > which would mean *disallow*. > > You may want to consider including the appropriate MIME types (eg. > application/x-msdos-program) for rejection as well. Look at the default > and sample $banned_filename_re rules in amavisd.conf-default and > amavisd.conf-sample to determine your needs. > > MrC > Additionally: http://marc.info/?l=amavis-user&m=118296148023596 -- Gary V - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] cron messages
> All that really matters is that the pattern is unique. To be more specific, from the documentation at http://logcheck.org/docs/README.logcheck-database "The objective in logcheck rules is to match precisely the target log messages and no more," and this sentence continues: "using all the resources of Extended Regular Expressions." Although, if the expression is guaranteed to only match the intended log entry, then I think some leeway is not harmful. -- Gary V - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] cron messages
On 6/11/08, Munroe Sollog <[EMAIL PROTECTED]> wrote: > Yes it is. > >>> I just recently upgraded to 2.5.3 from 2.4.2 - I looks like amavisd-new > >>> installed a cron entry that runs sa-sync every 3hrs. This is fine in > >>> theory, but now I am getting > >>> > >>> bayes: synced databases from journal in 0 seconds: 787 unique entries > >>> (1590 > >>> total entries) > >>> > >>> emails every 3hrs. How do other people deal with this? I will assume you are using logcheck. You can read stuff like this link: http://wiki.logcheck.org/ and on your system: less /usr/share/doc/logcheck-database/README.logcheck-database.gz Most likely you can add an egrep compatible regexp entry in one of the files in /etc/logcheck/ignore.d.server/ to supress the messages. All that really matters is that the pattern is unique. You might even be able to cheat by simply placing text such as: bayes: synced databases from journal in in one of the files (cron, or amavis for example) It may be worth taking a look at how to supress unwanted warnings as no doubt you will see others in the future. -- Gary V - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] cron messages
On 6/11/08, Mark Martinec <[EMAIL PROTECTED]> wrote: > Munroe, > > > I just recently upgraded to 2.5.3 from 2.4.2 - I looks like amavisd-new > > installed a cron entry that runs sa-sync every 3hrs. This is fine in > > theory, but now I am getting > > > > bayes: synced databases from journal in 0 seconds: 787 unique entries (1590 > > total entries) > > > > emails every 3hrs. How do other people deal with this? > > Assuming that it only does 'sa-learn --sync' and not expiration, > I don't see a need for such cron entry, I'd drop it and > perhaps adjust bayes_journal_max_size (in local.cf) if necessary. > > Redirecting output from a command to /dev/null or to some file > would probably avoid the mail from cron. > > Mark > Is this on a Debian system by chance? -- Gary V - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] The usual UTF8 content checker Problem
On 5/29/08, Max Ferstl wrote: > Der Mailinglist users, > > due to people violating the rfc concerning 7bit ascii headers, and > subjects I got regulary complaints concerning the 8bit header check in > amavis. > > --- snip --- > Our content checker found >Non-encoded 8-bit data (char E4 hex): X-Spam-Report: > --- snip --- > > I tried google, and searched for a documentation for a clean way to just > turn off the 8-bit checking, but I failed. > This might possibly be what you are looking for: http://marc.info/?l=amavis-user&m=116344627214918 -- Gary V - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] No quarantine_cutoff_level in MySQL/LDAP?
On 5/20/08, Mark Martinec <[EMAIL PROTECTED]> wrote:
> > > quanratine_cutoff_level exists just as *maps in amavisd.conf (AFAIK).
>
> Btw, I'd consider quarantine_cutoff_level value more of a site-manager's
> decision or a domain postmaster's decision, than letting it be
> controlled by an individual user.
>
> Mark
>
Um,
SQL:
policy.spam_quarantine_cutoff_level :
spam_quarantine_cutoff_level float default NULL,
LDAP:
#dn: cn=schema
#changetype: modify
#add: attributetypes
attributetype ( 1.3.6.1.4.1.15312.2.2.1.31
NAME 'amavisSpamQuarantineCutoffLevel'
DESC 'Spam Quarantine Cutoff Level'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
SINGLE-VALUE )
--
Gary V
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] banned_filetypes_lovers_maps?
On 5/18/08, Peer Heinlein <[EMAIL PROTECTED]> wrote: > Am Samstag, 17. Mai 2008 schrieb Gary V: > > > > Additionally, there actually is @banned_files_lovers_maps > > Oh yes, shame on me. > > Sorry. > > I've been a bit (...very...) confused. Sure there IS a > banned_files_lovers_maps. Sorry. > > I fact I need something different. I need a map for a banned_files SENDER > whitelists: A group of selected users should be able to SEND banned > files. > > (For sure this has nothing to do with *_lovers_maps. I just wrote stupid > stuff. Don't explain *lovers_maps... I know it) > > Please don't blame me. AFAIK there's nothing like a > banned_files_whitelist_sender_maps... > > ...? > > Best regards, > > Peer As Sahil mentioned, remembering that sender addresses can be forged and assuming you are using Postfix, read items 6 and 7 in this document: http://www200.pair.com/mecham/spam/bypassing.html -- Gary V - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] banned_filetypes_lovers_maps?
On 5/17/08, Sahil Tandon wrote: > * Peer Heinlein [05-17-2008]: > > > I'm looking for a mechanism to deliver even mails with banned attachments > > to a selected group of users. Amavisd-new has spam_lovers_maps and > > virus_lovers_maps -- but it looks like there's no > > banned_filetype_lovers_maps. > > > > How could I realize this setup? > > Route mail to those users through a separate policy bank which, for example, > checks for spam and viruses, but bypasses banned file checks. Some good > examples: > >http://www200.pair.com/mecham/spam/bypassing.html >http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks > > -- > Sahil Tandon <[EMAIL PROTECTED]> > Additionally, there actually is @banned_files_lovers_maps -- Gary V - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SECOND RELEASE CANDIDATE amavisd-new-2.6.0-rc2 is available
On 4/21/08, mouss wrote: > >> The following NEW packages will be installed: > >> libcrypt-openssl-bignum-perl libdb4.6 linux-libc-dev > >> The following packages will be upgraded: > >> binutils libc6 libc6-dev libc6-i686 libcrypt-openssl-rsa-perl > >> libmail-dkim-perl libssl0.9.8 locales perl perl-base perl-modules > > I guess the "problem" is that the installation came at the same time as > other updates. It is surprising to see that you are about to update perl > when you only wanted to add a "minor" package. in short, it's a > "psychological" problem :) > Since etch stable is two years old now, I really was not expecting the newest amavisd-new to continue to work within its boundries (aside from what may happen in backports), but I _was_ concerned that lenny would freeze at Mail::DKIM version 0.30.1. If that were to happen, 2.6.x may not install without issue on the future lenny stable system. This same type of situation happened with 2.4.x and the former sarge stable branch. Amavisd-new 2.4.x needed Compress::Zlib 1.35 or newer, but this package did not make it to sarge stable. As a result, if one were to install 1.35 or newer from testing or unstable in order to satisfy amavisd-new, gross changes to the system would occur (similar to the ones above - only more dramatic). Sure, there were workarounds to prevent this from happening, but it would be nice if workarounds are not required. So, yes, the main issue centered around fear. -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SECOND RELEASE CANDIDATE amavisd-new-2.6.0-rc2 is available
On 4/21/08, Martin Orr wrote: > On 21/04/08 00:32, Gary V wrote: > I don't know what you mean by "virtual package": linux-libc-dev is a > perfectly normal package; this is just a renaming and nothing to be worried > about. I misworded it, I looked at: http://packages.debian.org/linux-kernel-headers and saw: lenny (testing): Virtual package provided by: linux-libc-dev > Mail::DKIM was uploaded to unstable yesterday, so as only a few packages are > frozen so far it would be very surprising if it doesn't reach lenny. > > Best wishes, > > -- > Martin Orr > That is encouraging, thanks. -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SECOND RELEASE CANDIDATE amavisd-new-2.6.0-rc2 is available
On 4/18/08, Mark Martinec wrote: > A release candidate of amavisd-new 2.6.0 it is available at: > > http://www.ijs.si/software/amavisd/amavisd-new-2.6.0-rc2.tar.gz > > There are some incompatibilities with 2.5.4, the most visible one > is an addition of one field to SQL tables when SQL logging or > SQL quarantining is in use. See RELEASE_NOTES for details. > > Module Mail::DKIM is now required by default, its version must > be 0.31 ! (or later). > > Main changes since 2.6.0-rc1: > A few notes on installing on Debian etch. I wanted to install libmail-dkim-perl from 'testing', but the newest version is 0.30.1 (which at the moment is also the version cpan installs). So, I need to install Mail::DKIM from source, but want the dependencies installed from packages. Just for the record, this causes some 'not completely insignificant' changes to the system: msa:~# apt-get -t testing install libmail-dkim-perl Reading package lists... Done Building dependency tree... Done The following extra packages will be installed: binutils libc6 libc6-dev libc6-i686 libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libdb4.6 libssl0.9.8 linux-libc-dev locales perl perl-base perl-modules Suggested packages: binutils-doc glibc-doc manpages-dev libterm-readline-gnu-perl libterm-readline-perl-perl Recommended packages: perl-doc The following packages will be REMOVED: linux-kernel-headers The following NEW packages will be installed: libcrypt-openssl-bignum-perl libdb4.6 linux-libc-dev The following packages will be upgraded: binutils libc6 libc6-dev libc6-i686 libcrypt-openssl-rsa-perl libmail-dkim-perl libssl0.9.8 locales perl perl-base perl-modules 11 upgraded, 3 newly installed, 1 to remove and 327 not upgraded. Note: linux-kernel-headers has been replaced by virtual package linux-libc-dev After this, I downloaded Mail::DKIM and installed from source. If eventually 0.31 is supplied in the packaged version, I will install it and then perform surgury to remove the source code version. Essentially, this system has taken a footstep toward migrating to lenny (the future stable version of Debian). AFAIK, they are starting to freeze packages, but I can't know if 0.31 will make it to lenny stable or not. Looking at amavisd-new.spec, would Mail::DKIM need to be included there? I wonder if the default for $enable_dkim_verification and $enable_dkim_signing should be false, and then added to amavisd.conf and amavisd.conf-sample. # $enable_dkim_verification = 1; # uncomment to enable, default is 0 (false), requires Mail::DKIM 0.31 or later # $enable_dkim_signing =1; # uncomment to enable, default is 0 (false), requires Mail::DKIM 0.31 or later -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] mail processing bottleneck
On 4/19/08, MK wrote: > At 17:59 18.04.2008, you wrote: > >What is your hardware like and how many $max_servers are you running? > > $max_servers=15 > > its a dual xeon, 2gb, scsi hw-raid (10.000 u/m) > i dont think it is a hw issue ... like said CPU load is at 40% avg. > > >If you run amavisd-new at $log_level = 2; for a minute or so, you will > >get some TIMING data that will show that 95% of the time spent is on > >spamassassin scanning. SA is CPU intensive and queries many external > >network resources (RBLs etc.), so additionally it is subject to high > >delays. A local caching DNS server helps here. > > ah ... i will investigate in DNS lookups... > > >If other resources like > >Razor, Pyzor and DCC are utilized, > > no. > > >you can expect further delays > >(mostly from Pyzor - especially if using the default server). There > >have been a few posts looking for the same type info, like this one > >for example: > > > >http://marc.info/?l=amavis-user&m=120283445607760 > > > >It would be cool if someone were to take the time to create a document > >outlining all the ways that SA could be performance tuned. There seems > >to be an increasing need. > > > >On a powerful system with a lot of $max_servers running, eventually > >one may reach the point where the disks can't keep up. > > is it just the amavids $max-servers ? > i switched it from 10 to 15 - showing no effect at all... > shouldn't sendmail/amavisd-milter/clamd be configured alike? > Did you adjust amavisd-milter (the -m switch) so amavis is actually receiving messages on all children? http://amavisd-milter.sourceforge.net/amavisd-milter.html You can test by running amavisd-nanny. I don't know sendmail, so I don't know if anything to needs to be adjusted there. BTW, 10 to 15 sounds close to the correct range on a 2GB machine. > noticed that the number of processed messages is constant at > approx 1-2 messages per second (which is NOT that much, i think). > CPU load is avrg 40%. Is the machine keeping up with mail traffic, or no? I mean, are you receiving 1-2 messages per second, and all the messages are accepted and delivered after a short delay - or is there a big delay when trying to connect to your machine (longer than the expected time it takes amavisd-new to process a message - which is probably anywhere from 2 to 12 seconds on your hardware)? What do the TIMING entries show? > regards > > MK > -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] mail processing bottleneck
On 4/18/08, MK <[EMAIL PROTECTED]> wrote: > hi list, > > i am trying to find out at which position of my mail-processing chain > the bottleneck is - or which parameter is maybe misconfigured... > > my setup is (each newest stable version) > sendmail <-> amavisd-milter <-> amavisd-new <-> clamd/spamassassin > > i noticed that the number of processed messages is constant at > approx 1-2 messages per second (which is NOT that much, i think). > CPU load is avrg 40%. > > anyone with a similar setup here to tell me the corresponding values > for "max_server"-like parameter for each station in the chain? > or how to dig for the bottleneck? > > thanks in advance > > MK > What is your hardware like and how many $max_servers are you running? If you run amavisd-new at $log_level = 2; for a minute or so, you will get some TIMING data that will show that 95% of the time spent is on spamassassin scanning. SA is CPU intensive and queries many external network resources (RBLs etc.), so additionally it is subject to high delays. A local caching DNS server helps here. If other resources like Razor, Pyzor and DCC are utilized, you can expect further delays (mostly from Pyzor - especially if using the default server). There have been a few posts looking for the same type info, like this one for example: http://marc.info/?l=amavis-user&m=120283445607760 It would be cool if someone were to take the time to create a document outlining all the ways that SA could be performance tuned. There seems to be an increasing need. On a powerful system with a lot of $max_servers running, eventually one may reach the point where the disks can't keep up. -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] difficulty setting outgoing policy-bank
On 4/18/08, Mark Martinec wrote:
> > Gary V wrote:
> > warnspamsender => 1,
> > I'm not sure if warnspamsender works here, or if it would require some
> > form of warnsender_by_ccat
>
> If it is listed as dynamic variable at the end of amavisd.conf-default
> it would work, otherwise it wouldn't (answer: it wouldn't).
> The heavier cannon needs to be used, its default is:
>
> %warnsender_by_ccat = ( # deprecated use, except perhaps for CC_BADH
> CC_VIRUS, sub { c('warnvirussender') },
> CC_BANNED, sub { c('warnbannedsender') },
> CC_SPAM,sub { c('warnspamsender') },
> CC_BADH,sub { c('warnbadhsender') },
> );
>
> so the following could be used in a policy bank:
>
> warnsender_by_ccat => {CC_SPAM, 1},
>
>
> Mark
That is the syntax I would have guessed if forced to. If that's the
case, then there might be an errata in the MYNETS example in
amavisd.conf-sample (2.5.4 - have not looked at 2.6.0) where
warnbadhsender => 1, is illustrated.
--
Gary V
-
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] difficulty setting outgoing policy-bank
On 4/17/08, Gary V wrote:
> On 4/17/08, Louis Munro wrote:
> > Hello,
> > I am trying to set a different policy (using a policy bank) for outgoing
> > email for some networks. I am using postfix with a cidr map to route
> > that traffic to a different port on amavisd. I have set up a policy bank
> > with different values for some variables but only some of those seem to
> > actually have any effect. The others are either ignored or rejected when
> > amavis loads the policy banks with a line like :
> > (!)loading policy bank "POLICY-OUT": unknown field "spam_quarantine_to"
> >
> > Here is the policy as configured in amavisd.conf
> >
> > $policy_bank{'POLICY-OUT'} = {
> > log_level => 3,
> > spam_quarantine_to => undef,
> > spam_kill_level_maps => [7.0],
> > spam_dsn_cutoff_level_maps => undef,
> > virus_admin_maps => [ '[EMAIL PROTECTED]' ],
> > };
> >
> > $interface_policy{'11025'} = 'POLICY-OUT';
> >
> > In this case, it sets the $log_level, $spam_kill_level_maps and
> > $virus_admin_maps correctly, but the @spam_dsn_cutoff_level_maps is
> > unaffected as is the $spam_quarantine_to.
> >
> > What I want is to never quarantine and always send out a dsn for these
> > networks.
> >
> > Does anyone know what I'm missing?
> >
> > I'm running postfix 2.2 and amavisd-new 2.5.3.
> >
> > Thanks,
> > Louis
> >
>
> spam_quarantine_to is not a valid policy bank key. Read the bottom of
> amavisd.conf-default for a list of keys.
>
> quarantine_method_by_ccat => {CC_SPAM, undef},
> spam_dsn_cutoff_level_maps => [],
> spam_dsn_cutoff_level_bysender_maps => [],
>
> spam_dsn_cutoff_level_bysender_maps was introduced in 2.4.3, and in a
> policy bank it seems you need to set both
> spam_dsn_cutoff_level_bysender_maps and spam_dsn_cutoff_level_maps if
> your version is 2.4.3 or newer and you want spam bounces. BTW, you
> might also need to add:
>
> final_spam_destiny => D_BOUNCE,
>
But since you are discarding mail, I wonder if it might be better to
pass the spam, but notify the sender (depending on whether the senders
are considered spammers or not).
final_spam_destiny => D_PASS,
warnspamsender => 1,
I'm not sure if warnspamsender works here, or if it would require some
form of warnsender_by_ccat =>
(of which the syntax eludes me).
--
Gary V
-
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] difficulty setting outgoing policy-bank
On 4/17/08, Louis Munro wrote:
> Hello,
> I am trying to set a different policy (using a policy bank) for outgoing
> email for some networks. I am using postfix with a cidr map to route
> that traffic to a different port on amavisd. I have set up a policy bank
> with different values for some variables but only some of those seem to
> actually have any effect. The others are either ignored or rejected when
> amavis loads the policy banks with a line like :
> (!)loading policy bank "POLICY-OUT": unknown field "spam_quarantine_to"
>
> Here is the policy as configured in amavisd.conf
>
> $policy_bank{'POLICY-OUT'} = {
> log_level => 3,
> spam_quarantine_to => undef,
> spam_kill_level_maps => [7.0],
> spam_dsn_cutoff_level_maps => undef,
> virus_admin_maps => [ '[EMAIL PROTECTED]' ],
> };
>
> $interface_policy{'11025'} = 'POLICY-OUT';
>
> In this case, it sets the $log_level, $spam_kill_level_maps and
> $virus_admin_maps correctly, but the @spam_dsn_cutoff_level_maps is
> unaffected as is the $spam_quarantine_to.
>
> What I want is to never quarantine and always send out a dsn for these
> networks.
>
> Does anyone know what I'm missing?
>
> I'm running postfix 2.2 and amavisd-new 2.5.3.
>
> Thanks,
> Louis
>
spam_quarantine_to is not a valid policy bank key. Read the bottom of
amavisd.conf-default for a list of keys.
quarantine_method_by_ccat => {CC_SPAM, undef},
spam_dsn_cutoff_level_maps => [],
spam_dsn_cutoff_level_bysender_maps => [],
spam_dsn_cutoff_level_bysender_maps was introduced in 2.4.3, and in a
policy bank it seems you need to set both
spam_dsn_cutoff_level_bysender_maps and spam_dsn_cutoff_level_maps if
your version is 2.4.3 or newer and you want spam bounces. BTW, you
might also need to add:
final_spam_destiny => D_BOUNCE,
--
Gary V
-
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] help with forward_method
On 4/17/08, jeff donovan wrote: > > On Apr 17, 2008, at 11:26 AM, Gary V wrote: > > > > > > I meant > > > -o smtpd_enforce_tls = no > > > > > > > without the spaces: > > > > -o smtpd_enforce_tls=no > > > > -- Gary V > > > > > > yes that did the trick > > summary: > > amavis host: > > $forward_method = 'smtp:example.com:2525'; > > > smtp1 & smtp2 > > > # > == > # service type private unpriv chroot wakeup maxproc command + args > # (yes) (yes) (yes) (never) (100) > # > == > smtp inet n - n - - smtpd > 2525 inet n - n - - smtpd > -o mynetworks=10.135.1.6 > -o smtpd_client_restrictions=permit_mynetworks,reject > -o smtpd_enforce_tls=no > -o smtpd_sasl_auth_enable=no > You should take the extra step of making sure these two servers don't reject any mail the amavis client sends them. If they were to reject cleaned messages, this would created bounces. Additional overrides typical of an amavis reinjection port should be considerd: -o content_filter= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] help with forward_method
> I meant > -o smtpd_enforce_tls = no without the spaces: -o smtpd_enforce_tls=no -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] help with forward_method
> (or) might also try adding: > -o smtpd_enforce_tls = yes I meant -o smtpd_enforce_tls = no -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] help with forward_method
> > > I was thinking along the lines of: > > > $forward_method = 'smtp:smtp.example.com:2525' > > > > > > and on both downstream servers add listeners on 2525: > > > > > > 2525 inet n - n - - smtpd > > > -o mynetworks=10.0.0.13 > > > -o smtpd_client_restrictions=permit_mynetworks,reject > > > > > > > and maybe these are needed: > > -o smtpd_use_tls=no > > -o smtpd_sasl_auth_enable=no > > > > > okay here is what I got when i added these; > > Apr 17 10:35:39 mx1 amavis[1610]: (01610-08) Remote host presents itself as: > smtp3.example.com > Apr 17 10:35:39 mx1 amavis[1610]: (01610-08) mail_via_smtp: session failed: > sending MAIL FROM > Apr 17 10:35:39 mx1 amavis[1610]: (01610-08) mail_via_smtp: 530 5.5.0 > Rejected by MTA: 530 Must issue a STARTTLS command first, id=01610-08 > Apr 17 10:35:39 mx1 postfix/smtp[1558]: 9BB1D2226BC7: > to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1], delay=1, status=bounced > (host 127.0.0.1[127.0.0.1] said: 530 5.5.0 Rejected by MTA: 530 Must issue a > STARTTLS command first, id=01610-08 (in reply to end of DATA command)) > > here is the main.cf from smtp3 > > # > == > # service type private unpriv chroot wakeup maxproc command + args > # (yes) (yes) (yes) (never) (100) > # > == > smtp inet n - n - - smtpd > 2525 inet n - n - - smtpd > -o mynetworks=10.135.1.6 > -o > smtpd_client_restrictions=permit_mynetworks,reject > -o smtpd_use_tls=no > -o smtpd_sasl_auth_enable=no > > Hmm, What was the $forward_method set to? This is confusing: "to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]" But maybe this is just a result of how the message was sent. With Postfix 2.3 or newer, you might try adding: -o smtpd_tls_security_level=none But I would think smtpd_use_tls=no would still work (and be sufficient). (or) might also try adding: -o smtpd_enforce_tls = yes -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] help with forward_method
On 4/16/08, Gary V wrote: > On 4/16/08, jeff donovan wrote: > > > > k-- > > yes i do trust the scanned data. so your saying " tell postfix on the relay > > systems accept connections on another port ? or do I have to run another > > instance of postfix? > > > > I was thinking along the lines of: > $forward_method = 'smtp:smtp.example.com:2525' > > and on both downstream servers add listeners on 2525: > > 2525 inet n - n - - smtpd >-o mynetworks=10.0.0.13 >-o smtpd_client_restrictions=permit_mynetworks,reject and maybe these are needed: -o smtpd_use_tls=no -o smtpd_sasl_auth_enable=no > > where 10.0.0.13 is the amavis host. You might also need to open the > ports if they are blocked by iptables or somesuch firewall. > And if it turns out mail does not flow to both servers, and assuming all mail is forwarded to those two servers, the next step I would take would be: I would create the typical 10025 smtpd listener on the local machine: 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= Leave the forward_method at the default: #$forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail Then have Postfix relay all mail to port 2525 (main.cf): relayhost = smtp.example.com:2525 The only drawback here is another header will be added. Since you trust all mail from the amavis client, I don't see a need to require the amavis client to connect using sasl auth. -- Gary V - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
