Hi again, Am 18.09.2014 um 10:41 schrieb Joolee <[email protected]>:
> Which version of Amavisd-new are you running? The final_destiny_maps_by_ccat
> setting is only available since v2.9
>
> The default value of the map variable is as listed below. The first 5 entries
> specify that the value has to be retrieved from the old-style variables. You
> are overwriting this default value and using the old-style variables in your
> ORIGINATING policy bank. Without looking at the code for parsing the policy
> banks, I dare to say that this is your problem. Try overwriting the map
> values in your ORIGINATING policy bank as you did in your EICAR_TEST bank.
> Although I do wonder why you have function brackets after "CC_VIRUS"
>
> # build backward-compatible settings hashes
> #
> %final_destiny_maps_by_ccat = (
> # value is normally a list of by-recipient lookup tables, but for compa-
> # tibility with old %final_destiny_by_ccat a value may also be a scalar
> CC_VIRUS, sub { c('final_virus_destiny') },
> CC_BANNED, sub { c('final_banned_destiny') },
> CC_UNCHECKED, sub { c('final_unchecked_destiny') },
> CC_SPAM, sub { c('final_spam_destiny') },
> CC_BADH, sub { c('final_bad_header_destiny') },
> CC_MTA.',1', D_TEMPFAIL, # MTA response was 4xx
> CC_MTA.',2', D_REJECT, # MTA response was 5xx
> CC_MTA, D_TEMPFAIL,
> CC_OVERSIZED, D_BOUNCE,
> CC_CATCHALL, D_PASS,
> );
> On 18 September 2014 08:31, Christian Rößner
> <[email protected]> wrote:
> Hi,
>
> I have two Postfix instances. One is submission, the other a combined
> mxin/mxout/hub.
>
> I do amavisd-milter on incoming and outgoing mail on the mxin/mxout.
>
> On the mxout I give a ORIGINATINg macro to do a special policy-bank for
> submission users that does not check spam (for legal reasons). But it does
> check for viruses. I have set the final_virus_destiny to D_BOUNCE.
>
> I also have a special policy-bank for the EICA-test virus. That should also
> do a D_BOUNCE.
>
> Sep 18 08:18:33 mx amavis[4588]: (04588-01) Blocked INFECTED
> (Eicar-Test-Signature) {NoBounceOutbound,Quarantined},
> AM.PDP-SOCK/ORIGINATING/EICAR_TEST LOCAL [193.239.107.42] [193.239.106.201]
> <[email protected]> -> <[email protected]>, quarantine:
> nErWWT6nkl_s, Queue-ID: 3hz7KN0rRqzGp0j, Message-ID:
> <209c73cc-2067-44c9-aaae-5f5d68790...@roessner-network-solutions.com>,
> mail_id: nErWWT6nkl_s, Hits: -, size: 6628, 1400 ms, EICAR test message, not
> to worry
> Sep 18 08:18:33 mx amavis[4588]: (04588-01) Blocked INFECTED
> (Eicar-Test-Signature), <[email protected]> ->
> <[email protected]>, Hits: -, tag=0, tag2=0, kill=0, 0/0/0/0
> Sep 18 08:18:33 mx amavisd-milter[2425]: 3hz7KN0rRqzGp0j: log_id=04588-01
> Sep 18 08:18:33 mx amavisd-milter[2425]: 3hz7KN0rRqzGp0j: return_value=discard
> Sep 18 08:18:33 mx postfix/cleanup[4642]: 3hz7KN0rRqzGp0j: milter-discard:
> END-OF-MESSAGE from mail.roessner-net.de[193.239.107.42]: milter triggers
> DISCARD action; from=<[email protected]>
> to=<[email protected]> proto=ESMTP helo=<mail.roessner-net.de>
>
> Unfortunately it is not bounced and it gets discarded. Only the postmaster
> does get a notify that a virus was caught.
>
> Here are the settings that I focused on:
>
> $policy_bank{'ORIGINATING'} = {
> originating => 1,
> final_banned_destiny => D_BOUNCE,
> final_virus_destiny => D_BOUNCE,
> allow_disclaimers => 1,
> bypass_spam_checks_maps => [1],
> enable_ldap => 0,
> };
>
> $policy_bank{'EICAR_TEST'} = {
> log_templ => $log_short_templ . ', EICAR test message, not to worry',
> final_destiny_maps_by_ccat => { CC_VIRUS() => D_BOUNCE },
> };
>
> $warn_offsite = 0;
> $warnbannedsender = 0;
> $warnbannedrecip = 1;
> $warnvirussender = 0;
> $warnvirusrecip = 1;
> $warnbadhsender = 0;
> $warnbadhrecip = 0;
>
> $final_virus_destiny = D_REJECT;
>
> %final_destiny_maps_by_ccat = (
> CC_VIRUS, sub { c('final_virus_destiny') },
> CC_BANNED, sub { c('final_banned_destiny') },
> CC_UNCHECKED, sub { c('final_unchecked_destiny') },
> CC_UNCHECKED.',1', D_PASS,
> CC_SPAM, sub { c('final_spam_destiny') },
> CC_BADH, sub { c('final_bad_header_destiny') },
> CC_MTA.',1', D_TEMPFAIL,
> CC_MTA.',2', D_REJECT,
> CC_OVERSIZED, D_BOUNCE,
> CC_CATCHALL, D_PASS,
> );
>
> %admin_maps_by_ccat = (
> CC_VIRUS, sub { ca('virus_admin_maps') },
> CC_BANNED, sub { ca('banned_admin_maps') },
> CC_UNCHECKED, sub { ca('virus_admin_maps') },
> CC_UNCHECKED.',1', undef,
> CC_SPAM, sub { ca('spam_admin_maps') },
> CC_BADH, sub { ca('bad_header_admin_maps') },
> );
>
> I probably do not understand all meaning here, so I guess I misconfigured
> something. Does the order play a role, in which settings have been done here?
> I have copied all relevant snippets in the order they appear in my config
> file.
>
> Can I turn a NoBounceOutbound?
I have modified my config. I also removed the enable_ldap=0 variable in the
policy-bank, because I thought that amavis would not know, if mail is going
outbound or inbound.
Still no luck at all.
I attached my whole config now. I am pretty sure, I have missed something and I
do not see where. Probably looked too long at the lines :-)
One question to the new maps_cc stuff: What happens to all the other CC_*
things, if I overload it in a policy-bank? As a python developer I would expect
that the map is a reference and gets replaced. So not using the old-style
variables would mean to define the whole map each time. Am I right? How is Perl
doing this?
amavisd-custom.conf.gz
Description: GNU Zip compressed data
Thanks for help in advance Christian -- Bachelor of Science Informatik Erlenwiese 14, 36304 Alsfeld T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345 USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com
smime.p7s
Description: S/MIME cryptographic signature
