Hello again,
i have got a beck that amavisd-new calls spamassassin but not with the
spamassassin-configuration-file under /etc/mail/spamassassin/local.cf
and i can not modify this behavior.
But i have another problem with amavisd-new.
I have virtual domains saved in a mysql-database. If i send a mail to
the system, amavisd-new got the serverdomainname and check this again
the mysql-table. But the virtual domainname is not the serverdomainname.
here is my amavisd.conf - file
use strict;
$max_servers = 10; # number of pre-forked children (2..15 is common)
$daemon_user = 'amavis'; # (no default; customary: vscan or amavis)
$daemon_group = 'amavis'; # (no default; customary: vscan or amavis)
$mydomain = 'mail01.DOMAIN.de'; # a convenient default for other settings
$MYHOME = '/var/amavis'; # a convenient default for other settings
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = '/var/virusmails';
@local_domains_maps = ( [".$mydomain"] );
@lookup_sql_dsn =(['DBI:mysql:database=1000mail;host=127.0.0.1;port=33016',
'1000mail', 'passwort']);
$sql_select_policy = "SELECT domain_name FROM domain WHERE domain_name='%s'";
$log_level = 0; # verbosity 0..5
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$syslog_facility = 'mail'; # Syslog facility as a string
$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string,
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # listen on this local TCP port(s) (see $protocol)
$unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-milter
$interface_policy{'SOCK'}='AM.PDP-SOCK'; # only relevant with $unix_socketname
$policy_bank{'AM.PDP-SOCK'} = { protocol=>'AM.PDP' };
$sa_debug = 1;
$sa_tag_level_deflt = -999; # Edited by Michael Post, Default 2.0; # add spam
info headers if at, or above that level
$sa_tag2_level_deflt = 5.0; # Edited by Michael Post, Default 6.31; # add 'spam
detected' headers at that level
$sa_kill_level_deflt = 20.0; # Edited by Michael Post, Default 6.31; # triggers
spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 200*1024; # Edited by Michael Post, Default
512*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
@lookup_sql_dsn =(['DBI:mysql:database=1000mail;host=127.0.0.1;port=33016',
'1000mail', 'password']
);
$sql_select_policy = 'SELECT "Y" as local FROM domain WHERE
CONCAT("@",domain_name) IN (%k)';
$virus_admin = "[EMAIL PROTECTED]"; # Edited by Michael Post,
Default "[EMAIL PROTECTED]"; # notifications recip.
$mailfrom_notify_admin = "[EMAIL PROTECTED]"; # Edited by Michael Post,
Default "[EMAIL PROTECTED]"; # notifications sender
$mailfrom_notify_recip = "[EMAIL PROTECTED]"; # Edited by Michael Post,
Default "[EMAIL PROTECTED]"; # notifications sender
$mailfrom_notify_spamadmin = "[EMAIL PROTECTED]"; # Edited by Michael Post,
Default "[EMAIL PROTECTED]"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
@addr_extension_virus_maps = ('virus');
@addr_extension_spam_maps = ('spam');
@addr_extension_banned_maps = ('banned');
@addr_extension_bad_header_maps = ('badh');
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
$myhostname = 'mail01.DOMAIN.de'; # must be a fully-qualified domainname! Will
not be valid-checked
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter!
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_DISCARD; # Edited by Michael Post, Default
D_BOUNCE;
$final_bad_header_destiny = D_PASS;
$warnvirussender = 0; # (defaults to false (undef))
$warnspamsender = 0; # (defaults to false (undef))
$warnbannedsender = 1; # (defaults to false (undef))
$warnvirusrecip = 1; # (defaults to false (undef))
$warnbannedrecip = 1; # (defaults to false (undef))
@keep_decoded_original_maps = (new_RE(
qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
qr'^\.(exe-ms)$', # banned file(1) types
);
@score_sender_maps = ({ # a by-recipient hash lookup table,
'.' => [ # the _first_ matching sender determines the score boost
new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
),
{ # a hash-type lookup table (associative array)
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[email protected]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]'=> -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -5.0,
'[EMAIL PROTECTED]' => -3.0,
'returns.groups.yahoo.com' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
lc('[EMAIL PROTECTED]') => -3.0,
lc('[EMAIL PROTECTED]') => -5.0,
'[EMAIL PROTECTED]' => 3.0,
'.example.net' => 1.0,
},
], # end of site-wide tables
});
@decoders = (
['mail', \&do_mime_decode],
['asc', \&do_ascii],
['uue', \&do_ascii],
['hqx', \&do_ascii],
['ync', \&do_ascii],
['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ],
['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ],
['gz', \&do_gunzip],
['gz', \&do_uncompress, 'gzip -d'],
['bz2', \&do_uncompress, 'bzip2 -d'],
['lzo', \&do_uncompress, 'lzop -d'],
['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ],
['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
['tar', \&do_tar],
['deb', \&do_ar, 'ar'],
['zip', \&do_unzip],
['rar', \&do_unrar, ['rar','unrar'] ],
['arj', \&do_unarj, ['arj','unarj'] ],
['arc', \&do_arc, ['nomarch','arc'] ],
['zoo', \&do_zoo, 'zoo'],
['lha', \&do_lha, 'lha'],
['cab', \&do_cabextract, 'cabextract'],
['tnef', \&do_tnef_ext, 'tnef'],
['tnef', \&do_tnef],
['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ],
);
@av_scanners = (
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
['KasperskyLab AVP - aveclient',
['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
'/opt/kav/bin/aveclient','aveclient'],
'-p /var/run/aveserver -s {}/*', [0,3,6,8], qr/\b(INFECTED|SUSPICION)\b/,
qr/(?:INFECTED|SUSPICION) (.+)/,
],
['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
'-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ?
qr/infected: (.+)/,
sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
],
['KasperskyLab AVPDaemonClient',
[ '/opt/AVP/kavdaemon', 'kavdaemon',
'/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
'/opt/AVP/AvpTeamDream', 'AvpTeamDream',
'/opt/AVP/avpdc', 'avpdc' ],
"-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/ ],
['CentralCommand Vexira (new) vascan',
['vascan','/usr/lib/Vexira/vascan'],
"-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".
"--vdb=/usr/lib/Vexira/vexira8.vdb --log=/var/log/vascan.log {}",
[0,3], [1,2,5],
qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ (
[^\]\s']+ )\ \.\.\.\ / ],
['H+BEDV AntiVir or the (old) CentralCommand Vexira Antivirus',
['antivir','vexira'],
'--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
(?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
['Command AntiVirus for Linux', 'csav',
'-all -archive -packed {}', [50], [51,52,53],
qr/Infection: (.+)/ ],
['Symantec CarrierScan via Symantec CommandLineScanner',
'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
qr/^Files Infected:\s+0$/, qr/^Infected\b/,
qr/^(?:Info|Virus Name):\s+(.+)/ ],
['Symantec AntiVirus Scan Engine',
'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
[0], qr/^Infected\b/,
qr/^(?:Info|Virus Name):\s+(.+)/ ],
['F-Secure Antivirus', 'fsav',
'--dumb --mime --archive {}', [0], [3,8],
qr/(?:infection|Infected|Suspected): (.+)/ ],
['CAI InoculateIT', 'inocucmd', # retired product
'-sec -nex {}', [0], [100],
qr/was infected by virus (.+)/ ],
['CAI eTrust Antivirus', 'etrust-wrapper',
'-arc -nex -spm h {}', [0], [101],
qr/is infected by virus: (.+)/ ],
['MkS_Vir for Linux (beta)', ['mks32','mks'],
'-s {}/*', [0], [1,2],
qr/--[ \t]*(.+)/ ],
['MkS_Vir daemon', 'mksscan',
'-s -q {}', [0], [1..7],
qr/^... (\S+)/ ],
['ESET Software NOD32 Command Line Interface v 2.51', 'nod32cli',
'--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/ ],
['Norman Virus Control v5 / Linux', 'nvcc',
'-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
qr/(?i).* virus in .* -> \'(.+)\'/ ],
['Panda Antivirus for Linux', ['pavcl'],
'-aut -aex -heu -cmp -nbr -nor -nso -eng {}',
qr/Number of files infected[ .]*: 0+(?!\d)/,
qr/Number of files infected[ .]*: 0*[1-9]/,
qr/Found virus :\s*(\S+)/ ],
['NAI McAfee AntiVirus (uvscan)', 'uvscan',
'--secure -rv --mime --summary --noboot - {}', [0], [13],
qr/(?x) Found (?:
\ the\ (.+)\ (?:virus|trojan) |
\ (?:virus|trojan)\ or\ variant\ (.+?)\s*! |
:\ (.+)\ NOT\ a\ virus)/,
],
['VirusBuster', ['vbuster', 'vbengcl'],
"{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
qr/: '(.*)' - Virus/ ],
['CyberSoft VFind', 'vfind',
'--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/,
],
['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
'-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/ ],
['Ikarus AntiVirus for Linux', 'ikarus',
'{}', [0], [40], qr/Signature (.+) found/ ],
['BitDefender', 'bdc',
'--arc --mail {}', qr/^Infected files *:0+(?!\d)/,
qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
);
@av_scanners_backup = (
['ClamAV-clamscan', 'clamscan',
"--stdout --disable-summary -r --tempdir=$TEMPBASE {}",
[0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
'-dumb -archive -packed {}', [0,8], [3,6],
qr/Infection: (.+)|\s+contains\s+(.+)$/ ],
['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'],
'-za -a {}', [0], qr/Found virus/, qr/Found virus (.+) in/ ],
['drweb - DrWeb Antivirus',
['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'],
'-path={} -al -go -ot -cn -upn -ok-',
[0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'],
['KasperskyLab kavscanner', ['/opt/kav/bin/kavscanner','kavscanner'],
'-i1 -xp {}', [0,10,15], [5,20,21,25],
qr/(?:CURED|INFECTED|CUREFAILED|WARNING|SUSPICION) (.*)/ ,
sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
],
);
1; # insure a defined return
What can be the problem?
Thanks a lot
Michael
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
