This is related to the prior topic I had posted about inbound amavis not catching some of the unofficial rules from SaneSecurity. In this problem case the primary MX and SMTP have been different systems.
To verify what was going on, I've switched the priority on our MX servers so that primary is on the same Debian system which handled SMTP. After two weeks running with most traffic in/out passing through one machine, there are no cases of phishing, etc. caught on outbound which came in on this new primary MX. The only few caught on outbound since the change had all come in via the new secondary MX (currently Redhat). The evidence is there is some difference between the configurations, unless 2.6.6 from Dag RPM repository breaks something which works in Debian Stable's amavisd-new-2.6.4 I'd like to make a new amavis.conf for the Redhat system based on the seemingly better one on Debian. In Clam I can run clamconf to compare the settings clam is getting on each system. Amavis does not have this kind of utility. Debian's conf.d approach and all of the commented out anti-virus lines, etc., makes it difficult to get a unified amavisd.conf out of it. I can "cat" all of the conf.d entries together, but it forms a file that doesn't diff easily with the Redhat configuration file. I need to remove all of the settings specific to the Debian way of doing this before starting it up on Redhat, especially those which can mess up things too much (e.g. .$quarantine_subdir_levels = 1;) Is there still no amavisdconf or something similar in a debug mode or likewise?
