--- Gary V <[EMAIL PROTECTED]> wrote: > > 2. In order to cease to use SQL lookups for my domains do I simply > > remove the last 2 lines? An earlier tip on this list suggested I > at > > least keep SQL lookups for AWL & Bayes (no idea yet on how to > implement > > these two mechanisms). > > Yes, comment out those *_sql_dsn settings. The Bayes SQL stuff has > nothing > to do with amavisd-new per se, it's a SpamAssassin thing and is > configured > in local.cf. Here are a bunch of links: > > http://www200.pair.com/mecham/spam/debian-spamassassin-sql.html > http://www200.pair.com/mecham/spam/fc4-spamassassin-sql.html > http://wiki.apache.org/spamassassin/BetterDocumentation/SqlReadmeBayes?highlight=%28mysql%29 > http://people.apache.org/~parker/presentations/ > http://www.paulstimesink.com/index.php?op=ViewArticle&articleId=163&blogId=2 > http://www.paulstimesink.com/index.php?op=ViewArticle&articleId=167&blogId=2 > http://dev.mysql.com/doc/mysql/en/index.html > http://infocenter.guardiandigital.com/archive/amavis/2004/Dec/0319.html > http://spamassassin.apache.org/full/3.0.x/dist/sql/README.bayes > http://spamassassin.apache.org/full/3.0.x/dist/sql/README > http://www.sng.ecs.soton.ac.uk/mailscanner/serve/cache/390.html > https://secure.renaissoft.com/maia/wiki/SpamAssassin3SQLBayes
Rock on. > e) @viruses_that_fake_sender_maps will prevent sending of DSNs to > virus senders (because the configuration example assumes all > viruses use a spoofed sender address). Use at your discretion, but I > personally recommend it. The provided config file shows this: @viruses_that_fake_sender_maps = (new_RE( # [qr'\bEICAR\b'i => 0], # av test pattern name # [qr'^(WM97|OF97|Joke\.)'i => 0], # adjust names to match your AV scanner [qr/^/ => 1], # true for everything else )); If I read this right, this sets up a default to tag all detected viruses as those that spoof the envelope sender. So on the third line I need to specify that ones that do not? Or is that the other way around? I looked again at my config and I found this: $viruses_that_fake_sender_re = new_RE( qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i, qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i, qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sco|mydoom'i, [qr'^(EICAR\.COM|Joke\.|Junk\.)'i => 0], [qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i => 0], ); For the banned configuration I will try: $banned_filename_re = new_RE( qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i, qr'^application/x-msdownload$'i, qr'^application/x-msdos-program$'i, qr'^application/hta$'i, [ qr'^\.(rpm|cpio|tar)$' => 0 ], qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, qr'^\.(exe-ms)$', ); Peter __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
