Thanks for your reply. I have this line @local_domains_maps = ( [".$mydomain"] ); so I am sure now recipientos doesnt match there.
How can I make this maps to my mysql database? I have everything including storage of quarantine messages to the mysql db. Thank you ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[email protected]> Sent: Saturday, October 29, 2005 12:12 AM Subject: AMaViS-user digest, Vol 1 #3379 - 7 msgs > Send AMaViS-user mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/amavis-user > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of AMaViS-user digest..." > > > Today's Topics: > > 1. Re: Help with Multi-logic Virus Notifications (Gary V) > 2. Re: Amavis-new 2.3.1 | warnings (Mark Martinec) > 3. Re: Help with Multi-logic Virus Notifications (Mark Martinec) > 4. Re: Problem with amavisd-release (Mark Martinec) > 5. Re: quarantine file (Mark Martinec) > 6. Cannot using dspam (Jim Knuth) > 7. Re: Cannot using dspam (Gary V) > > --__--__-- > > Message: 1 > Date: Fri, 28 Oct 2005 15:16:31 -0600 > From: Gary V <[EMAIL PROTECTED]> > To: [email protected] > Subject: Re: [AMaViS-user] Help with Multi-logic Virus Notifications > > Gary wrote: > > > Jack wrote: > > >> Hi, > >> Our security team wants to use the following logic for Virus > >> Notifications and I haven't quite figured out how to do it inside of > >> Amavisd. The logic is: > > >> *) Alert the virus admin any messages sent to security@ (It may be > >> acceptable to send notification to the destination instead/also). > > > I think $warnvirusrecip is about as close as you are going to get without > > modifying code. > > Correction, user@ is a valid lookup target. > > @virus_admin_maps = ({ > 'security@' => '[EMAIL PROTECTED]', > '.' => undef, > }); > > Gary V > > > > --__--__-- > > Message: 2 > From: Mark Martinec <[EMAIL PROTECTED]> > Organization: J. Stefan Institute > To: [email protected] > Subject: Re: [AMaViS-user] Amavis-new 2.3.1 | warnings > Date: Sat, 29 Oct 2005 01:59:37 +0200 > > Pablo, > > > The only think I see is that amavis doesn't care what I set in > > warnvirusrecip - warnbannedrecip and warnbadhrecip in the policy table, > > it won't send notifications never. > > > > Does anyone know how can I enable this? I think it's useful so each > > recipient can know if someone tried to send him a virus and so on. > > Perhaps these recipients do not match your @local_domains_maps ? > (or set $warn_offsite if you insist) > > Mark > > > --__--__-- > > Message: 3 > From: Mark Martinec <[EMAIL PROTECTED]> > Organization: J. Stefan Institute > To: [email protected] > Subject: Re: [AMaViS-user] Help with Multi-logic Virus Notifications > Date: Sat, 29 Oct 2005 02:10:43 +0200 > > Jack, > > > *) Alert all recipients for any viruses that do not spoof e-mail > > addresses ( alert on "uncommon" viruses, word macros, etc - but don't > > alert on MyTob, etc.) > > There are two commented-out lines to that effect in sub do_virus(), > you may want to uncomment them: > > for my $r (@{$msginfo->per_recip_data}) { > my($wr) = 0; my($rec) = $r->recip_addr; > if (!c('warn_offsite') && !lookup(0,$rec,@{ca('local_domains_maps')})) { > # not notifying foreign recipients > # } elsif (! defined($msginfo->sender_contact) ) { # (not general enough) > # do_log(5,"do_virus: skip recip notifications for unknown sender"); > } elsif ($r->infected) { > > The sender_contact becomes undefined when sub unmangle_sender() notices > the virus name matches the @viruses_that_fake_sender_maps, > which is close to what you need. > > Mark > > > --__--__-- > > Message: 4 > From: Mark Martinec <[EMAIL PROTECTED]> > Organization: J. Stefan Institute > To: [email protected], > [EMAIL PROTECTED] > Subject: Re: [AMaViS-user] Problem with amavisd-release > Date: Sat, 29 Oct 2005 02:33:03 +0200 > > cyberrunner, > > > Oct 19 18:06:31 server amavis[7582]: (07582) Blocked SPAM, [212.19.96.7] > > <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, > > quarantine: spam-20051019-180629-07582, > > Message-ID: <[EMAIL PROTECTED]>, Hits: 5.574 > > > I try to restore this message with the following line but I have the > > following answer: > > > # amavisd-release spam-20051019-180629-07582 > > 450 4.5.0 Failure: Can't open file spam-20051019-180629-07582: > > No such file or directory at (eval 50) line 218, <GEN17> line 6. > > I try all possible combination of path/file/extension like: ... > > What you did is alright in principle (supplying exactly the same > string as reported in the log to the amavisd-release utility ... > > > I use the release 2.2.1 contained in Suse 9.3 distribution > > ... although there were some more recent fixes in that area, including > the values of macros %q and %i and the default $log_template > to fix inconsistencies. > > The 2.2.1 is almost a year old, and I'm gradually loosing it out of my sight. > Instead of trying to remember what exactly went wrong, I suggest > you upgrade to 2.3.3 first, which behaves as advertised. > > For any messages that need to be fished out from your existing > quarantine, find the quarantined file and release it manually, > e.g. by submitting it, e.g. with a: zcat msg | sendmail -i -f sender recip > command (if you have '-o content_filter=' attached to the 'pickup' > Postfix service in master.cf) > > Mark > > > --__--__-- > > Message: 5 > From: Mark Martinec <[EMAIL PROTECTED]> > Organization: J. Stefan Institute > To: [email protected], > [EMAIL PROTECTED] > Subject: Re: [AMaViS-user] quarantine file > Date: Sat, 29 Oct 2005 02:49:50 +0200 > > Pavel, > > > is it possible to deduce the name of the file that contains quarantined > > message? > > The easiest is to do so from the log, one just needs to prepend a quarantine > directory to the reported quarantine id. Similar is true if you have reporting > to SQL enabled. > > > Right now we're using quite 'soft' policy - most of spam goes > > through and only gets marked and the copy is being kept in quarantine > > for five days. The problem is that there are some false positives > > reported by our customers and I need to find the exact message. > > So I have mail headers from our customer and about 400.000 files in > > quarantine... > > Hmm. The mail-id is not inserted in header of a passed mail > (it wouldn't be hard to do so by fiddling with code). The reason why > I didn't bother to do so is that message is usually not quarantined > when it is passed to recipient (i.e. is below kill level). An exception > to that is if you have D_PASS as a spam destiny. I'll consider adding > a X-Quarantine-To: header field to passed mail in such cases. > > You could search the amavisd log for a Message-ID as seen in the > mail header, and obtain quarantine name from a matched log entry. > It is not elegant, but is doable. Its easier if reporting goes to SQL, > so a select on Message-ID or recipient or time or subject can lead > you to the quarantine name. > > Mark > > > --__--__-- > > Message: 6 > Date: Sat, 29 Oct 2005 03:53:14 +0200 > From: Jim Knuth <[EMAIL PROTECTED]> > Reply-To: Jim Knuth <[EMAIL PROTECTED]> > To: [email protected] > Subject: [AMaViS-user] Cannot using dspam > > Hallo und Guten Morgen amavis-user, > > I have installed dspam under /usr/local/bin/dspam and included > $dspam =3D 'dspam'; in the amavisd.conf (and restarted). But > amavisd-new debug says $dspam not found - not using it. What`s > wrong. Thank you for help. > > > --=20 > Viele Gr=FC=DFe, Kind regards, > Jim Knuth > [EMAIL PROTECTED] > ICQ #277289867 > PGP: 54C9 1A46 D3B2 95B6 454D 74FA AC73 773E 1F78 066F > ---------- > Zufalls-Zitat > ---------- > Wenn du einen Menschen gl=FCcklich machen willst, dann f=FCge=20 > nichts seinen Reicht=FCmern hinzu sondern nimm ihm einige von=20 > seinen W=FCnschen. (Epikur von Samos, gr. Philosoph, 341-271=20 > v.Chr.) > ---------- > Der Text hat nichts mit dem Empf=E4nger der Mail zu tun > ---------- > Virus free. Checked by NOD32 Version 1.1267 Build 6270 28.10.2005 > > > > --__--__-- > > Message: 7 > Date: Fri, 28 Oct 2005 21:02:27 -0600 > From: Gary V <[EMAIL PROTECTED]> > To: [email protected] > Subject: Re: [AMaViS-user] Cannot using dspam > > Jim wrote: > > > Hallo und Guten Morgen amavis-user, > > > I have installed dspam under /usr/local/bin/dspam and included > > $dspam = 'dspam'; in the amavisd.conf (and restarted). But > > amavisd-new debug says $dspam not found - not using it. What`s > > wrong. Thank you for help. > > Try: > su vscan -c 'rehash' > > Gary V > > > > > --__--__-- > > _______________________________________________ > AMaViS-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > > > End of AMaViS-user Digest > ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
