Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Mark Martinec wrote: > Joel, > > Later on, because you have $banned_namepath_re nonempty, it overruled the earlier decision: due to the fact that when using the $banned_namepath_re the optimization was not done as it could have been. Not nice, but not incorrect. >>> >>>Thanks for the explanation, I'm glad somebody knows the big picture >>>because I sure don't :-) > > > I'm about to wrap up the 2.3.3 and I have prepared the following patch > to fix the issue you stumbled across. The fix should ensure the banned > check is not performed if all recipients agree it is not needed, > even in the presence of $banned_namepath_re. > You may want to try it out, or wait few days for a 2.3.3-pre or -rc. > Thanks Mark. I've been running with the patch for a few days, everything looks good. > > Mark > > > --- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > ___ > AMaViS-user mailing list > AMaViS-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ -- Joel Nimety Perimeter Internetworking Corp. 203.541.3416 --- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Joel,
> >>Later on, because you have $banned_namepath_re nonempty, it overruled
> >>the earlier decision:
> >>due to the fact that when using the $banned_namepath_re the
> >>optimization was not done as it could have been. Not nice, but not
> >>incorrect.
> >
> > Thanks for the explanation, I'm glad somebody knows the big picture
> > because I sure don't :-)
I'm about to wrap up the 2.3.3 and I have prepared the following patch
to fix the issue you stumbled across. The fix should ensure the banned
check is not performed if all recipients agree it is not needed,
even in the presence of $banned_namepath_re.
You may want to try it out, or wait few days for a 2.3.3-pre or -rc.
--- amavisd.origWed Jun 29 12:26:11 2005
+++ amavisd Tue Aug 9 19:51:42 2005
@@ -5143,9 +5143,10 @@
my($bfnmr) = ca('banned_filename_maps'); # two-level map: recip, partname
my(@recip_tables); # a list of records describing banned tables for recips
- my($any_table_in_recip_tables) = 0;
+ my($any_table_in_recip_tables) = 0; my($any_not_bypassed) = 0;
for my $r (@{$msginfo->per_recip_data}) {
my($recip) = $r->recip_addr;
my(@tables,@tables_m); # list of banned lookup tables for this recipient
if (!lookup(0,$recip,@$bypmr)) { # not bypassed
+ $any_not_bypassed = 1;
my($t_ref,$m_ref) = lookup(1,$recip,@$bfnmr);
if (defined $t_ref) {
@@ -5185,5 +5186,7 @@
}
my($bnpre) = cr('banned_namepath_re');
- if (!$any_table_in_recip_tables && !(ref $bnpre && ref $$bnpre)) {
+ if (!$any_not_bypassed) {
+do_log(3,"skipping banned check: all recipients bypass banned checks");
+ } elsif (!$any_table_in_recip_tables && !(ref $bnpre && ref $$bnpre)) {
do_log(3,"skipping banned check: no applicable lookup tables");
} else {
Mark
---
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Michael Hall wrote:
> On Fri, Jul 29, 2005 at 01:24:41AM +0200, Mark Martinec wrote:
>
>
>>Joel,
>>
>>
>>>Ok, I will adjust my configuration. But according to the new-docs,
>>>checks may be performed (forced) when there are multiple recipients and
>>>one recipient has checks and the other doesn't. In this case I'm
>>>sending to one recipient, who has BypassBannedChecks=TRUE set in LDAP.
>>>Why is the check still being performed?
>>
>>Because I ran out of time preparing the 2.3.2 release to optimize
>>that code path. It still plays according to the docs, except somewhat
>>surprisingly.
>>
>>
>>>And why does don't I see the
>>>lookup_ldap_attr(amavisbypassbannedchecks)?
>>
>>Because your bypass_banned_checks_maps lookup resulted in unconditional
>>true (due to having bypass_banned_checks_maps=>[1] in your policy bank
>>MYNETS if I remember right) the LDAP lookup was not done.
>>
>>Later on, because you have $banned_namepath_re nonempty, it overruled
>>the earlier decision:
>>
>> my($bnpre) = cr('banned_namepath_re');
>> if (!$any_table_in_recip_tables && !(ref $bnpre && ref $$bnpre)) {
>>do_log(3,"skipping banned check: no applicable lookup tables");
>> } else {
>>do_log(4,"starting banned checks - traversing message structure tree");
>>
>>due to the fact that when using the $banned_namepath_re the
>>optimization was not done as it could have been. Not nice, but not incorrect.
>
>
> Thanks for the explanation, I'm glad somebody knows the big picture
> because I sure don't :-)
Yes, thanks for the insight and all the help.
>
> --
> Matrimony isn't a word, it's a sentence.
>
> Mike Hall,
> System Admin - Rock Island Communications <[EMAIL PROTECTED]>
> System Admin - riverside.org, ssdd.org <[EMAIL PROTECTED]>
>
>
> ---
> SF.Net email is Sponsored by the Better Software Conference & EXPO September
> 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
> Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
> Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
> ___
> AMaViS-user mailing list
> AMaViS-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/amavis-user
> AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
> AMaViS-HowTos:http://www.amavis.org/howto/
--
Joel Nimety
Perimeter Internetworking Corp.
203.541.3416
---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
On Fri, Jul 29, 2005 at 01:24:41AM +0200, Mark Martinec wrote:
> Joel,
>
> > Ok, I will adjust my configuration. But according to the new-docs,
> > checks may be performed (forced) when there are multiple recipients and
> > one recipient has checks and the other doesn't. In this case I'm
> > sending to one recipient, who has BypassBannedChecks=TRUE set in LDAP.
> > Why is the check still being performed?
>
> Because I ran out of time preparing the 2.3.2 release to optimize
> that code path. It still plays according to the docs, except somewhat
> surprisingly.
>
> > And why does don't I see the
> > lookup_ldap_attr(amavisbypassbannedchecks)?
>
> Because your bypass_banned_checks_maps lookup resulted in unconditional
> true (due to having bypass_banned_checks_maps=>[1] in your policy bank
> MYNETS if I remember right) the LDAP lookup was not done.
>
> Later on, because you have $banned_namepath_re nonempty, it overruled
> the earlier decision:
>
> my($bnpre) = cr('banned_namepath_re');
> if (!$any_table_in_recip_tables && !(ref $bnpre && ref $$bnpre)) {
> do_log(3,"skipping banned check: no applicable lookup tables");
> } else {
> do_log(4,"starting banned checks - traversing message structure tree");
>
> due to the fact that when using the $banned_namepath_re the
> optimization was not done as it could have been. Not nice, but not incorrect.
Thanks for the explanation, I'm glad somebody knows the big picture
because I sure don't :-)
--
Matrimony isn't a word, it's a sentence.
Mike Hall,
System Admin - Rock Island Communications <[EMAIL PROTECTED]>
System Admin - riverside.org, ssdd.org <[EMAIL PROTECTED]>
---
SF.Net email is Sponsored by the Better Software Conference & EXPO September
19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Joel,
> Ok, I will adjust my configuration. But according to the new-docs,
> checks may be performed (forced) when there are multiple recipients and
> one recipient has checks and the other doesn't. In this case I'm
> sending to one recipient, who has BypassBannedChecks=TRUE set in LDAP.
> Why is the check still being performed?
Because I ran out of time preparing the 2.3.2 release to optimize
that code path. It still plays according to the docs, except somewhat
surprisingly.
> And why does don't I see the
> lookup_ldap_attr(amavisbypassbannedchecks)?
Because your bypass_banned_checks_maps lookup resulted in unconditional
true (due to having bypass_banned_checks_maps=>[1] in your policy bank
MYNETS if I remember right) the LDAP lookup was not done.
Later on, because you have $banned_namepath_re nonempty, it overruled
the earlier decision:
my($bnpre) = cr('banned_namepath_re');
if (!$any_table_in_recip_tables && !(ref $bnpre && ref $$bnpre)) {
do_log(3,"skipping banned check: no applicable lookup tables");
} else {
do_log(4,"starting banned checks - traversing message structure tree");
due to the fact that when using the $banned_namepath_re the
optimization was not done as it could have been. Not nice, but not incorrect.
Mark
---
SF.Net email is Sponsored by the Better Software Conference & EXPO September
19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Joel,
> # mail locally submitted on the host on which MTA runs
> $policy_bank{'INT-HOST'} = {
> bypass_spam_checks_maps => [ 1 ],
> bypass_banned_checks_maps => [ 1 ],
> };
>
> Shouldn't this be the following to guarantee that the email is delivered?
>
> # mail locally submitted on the host on which MTA runs
> $policy_bank{'INT-HOST'} = {
> bypass_spam_checks_maps => [ 1 ],
> bypass_banned_checks_maps => [ 1 ],
> spam_lovers_maps => [ 1 ],
> banned_files_lovers_maps => [ 1 ],
> };
Probably so (in view of your particular case), can't hurt.
I updated the docs, thanks.
Mark
---
SF.Net email is Sponsored by the Better Software Conference & EXPO September
19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Mark Martinec wrote:
> Joel,
>
>
>>Yes, I have $banned_namepath_re defined and $banned_filename_re=undef.
>>Am I missing something here? Do I need to use the new
>>$banned_filename_re instead of $banned_namepath_re when doing per
>>recipient banned checks? I want one definition for banned checks but
>>I'd like to be able to turn on/off the checking as necessary. I can post
>>my amavisd.conf if necessary.
>
>
> The important bit you are missing is that it is the @banned_files_lovers_maps
> which is there to guarantee a delivery of a message, checked or not checked
> for banned files. The bypass* lookups are there mostly to optimize away
> unnecessary work, it does not by itself guarantee delivery. See the
> first two sections in:
> http://www.ijs.si/software/amavisd/amavisd-new-docs.html
I'd also like to add that in your Policy Bank examples you only set
bypass*=>[1] and not the corresponding *lovers_maps:
# mail locally submitted on the host on which MTA runs
$policy_bank{'INT-HOST'} = {
bypass_spam_checks_maps => [ 1 ],
bypass_banned_checks_maps => [ 1 ],
};
Shouldn't this be the following to guarantee that the email is delivered?
# mail locally submitted on the host on which MTA runs
$policy_bank{'INT-HOST'} = {
bypass_spam_checks_maps => [ 1 ],
bypass_banned_checks_maps => [ 1 ],
spam_lovers_maps => [ 1 ],
banned_files_lovers_maps => [ 1 ],
};
>
> Now then. The banned checks do not take much time to perform, so I did
> go to some trouble to optimize the $banned_filename_re (which is more often
> used), but not the $banned_namepath_re. Perhaps in the next version.
>
> Mark
>
>
> ---
> SF.Net email is Sponsored by the Better Software Conference & EXPO September
> 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
> Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
> Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
> ___
> AMaViS-user mailing list
> AMaViS-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/amavis-user
> AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
> AMaViS-HowTos:http://www.amavis.org/howto/
--
Joel Nimety
Perimeter Internetworking Corp.
203.541.3416
---
SF.Net email is Sponsored by the Better Software Conference & EXPO September
19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Mark Martinec wrote: > Joel, > > >>Yes, I have $banned_namepath_re defined and $banned_filename_re=undef. >>Am I missing something here? Do I need to use the new >>$banned_filename_re instead of $banned_namepath_re when doing per >>recipient banned checks? I want one definition for banned checks but >>I'd like to be able to turn on/off the checking as necessary. I can post >>my amavisd.conf if necessary. > > > The important bit you are missing is that it is the @banned_files_lovers_maps > which is there to guarantee a delivery of a message, checked or not checked > for banned files. The bypass* lookups are there mostly to optimize away > unnecessary work, it does not by itself guarantee delivery. See the > first two sections in: > http://www.ijs.si/software/amavisd/amavisd-new-docs.html Ok, I will adjust my configuration. But according to the new-docs, checks may be performed (forced) when there are multiple recipients and one recipient has checks and the other doesn't. In this case I'm sending to one recipient, who has BypassBannedChecks=TRUE set in LDAP. Why is the check still being performed? And why does don't I see the lookup_ldap_attr(amavisbypassbannedchecks)? > > Now then. The banned checks do not take much time to perform, so I did > go to some trouble to optimize the $banned_filename_re (which is more often > used), but not the $banned_namepath_re. Perhaps in the next version. > > Mark Ok. > > > --- > SF.Net email is Sponsored by the Better Software Conference & EXPO September > 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > ___ > AMaViS-user mailing list > AMaViS-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ -- Joel Nimety Perimeter Internetworking Corp. 203.541.3416 --- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Joel, > Yes, I have $banned_namepath_re defined and $banned_filename_re=undef. > Am I missing something here? Do I need to use the new > $banned_filename_re instead of $banned_namepath_re when doing per > recipient banned checks? I want one definition for banned checks but > I'd like to be able to turn on/off the checking as necessary. I can post > my amavisd.conf if necessary. The important bit you are missing is that it is the @banned_files_lovers_maps which is there to guarantee a delivery of a message, checked or not checked for banned files. The bypass* lookups are there mostly to optimize away unnecessary work, it does not by itself guarantee delivery. See the first two sections in: http://www.ijs.si/software/amavisd/amavisd-new-docs.html Now then. The banned checks do not take much time to perform, so I did go to some trouble to optimize the $banned_filename_re (which is more often used), but not the $banned_namepath_re. Perhaps in the next version. Mark --- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Mark Martinec wrote: > Joel, > > >>Here are the complete logs using grep 32392-04 /var/log/maillog.1 > > > Thanks. Do you have perhaps anything assigned to $banned_namepath_re? > Yes, I have $banned_namepath_re defined and $banned_filename_re=undef. Am I missing something here? Do I need to use the new $banned_filename_re instead of $banned_namepath_re when doing per recipient banned checks? I want one definition for banned checks but I'd like to be able to turn on/off the checking as necessary. I can post my amavisd.conf if necessary. > >>I still don't see lookup_ldap_attr(amavisbypassbannedchecks)... Does this >>have something to do with the MYUSERS policy bank not being defined? > > > That's ok, it's because you have bypass_spam_checks_maps=>[1] in MYNETS. > > Mark > > > --- > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies > from IBM. Find simple to follow Roadmaps, straightforward articles, > informative Webcasts and more! Get everything you need to get up to > speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click > ___ > AMaViS-user mailing list > AMaViS-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ -- Joel Nimety Perimeter Internetworking Corp. 203.541.3416 --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
> That's ok, it's because you have bypass_spam_checks_maps=>[1] in MYNETS. Oops, I meant the bypass_banned_checks_maps. Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Michael Hall wrote: > On Tue, Jul 26, 2005 at 10:53:32AM -0400, Joel Nimety wrote: > > >>Hello -- I've just upgrade to amavis-2.3.2. I'm using LDAP lookups for >>per domain/user maps. I have a user who has BypassBannedChecks=TRUE set >>in LDAP yet he still is having attachments blocked. I've turned up >>logging for myself using $debug_sender_acl and I've sent the user an >>.exe file. Here's the log. Notice that amavis successfully looks-up >>BypassBannedChecks=TRUE but still performs the banned blocking. Is this >>a bug? Please let me know if more information is required. Thanks. > > > The logs below are incomplete, I don't see anything like: > > Jul 2 12:15:18 ukiah amavis[10649]: (10649-01) Checking for banned types and > fi > lenames > Jul 2 12:15:18 ukiah amavis[10649]: (10649-01) > lookup_ldap_attr(amavisbypassban > nedchecks) "[EMAIL PROTECTED]" result=(1) > ... Here are the complete logs using grep 32392-04 /var/log/maillog.1 I still don't see lookup_ldap_attr(amavisbypassbannedchecks)... Does this have something to do with the MYUSERS policy bank not being defined? [EMAIL PROTECTED] amavisd-new-2.2.0]# grep 32392-04 /var/log/maillog.1 Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) DEBUG_ONESHOT: TURNED ON Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP< MAIL FROM:<[EMAIL PROTECTED]> SIZE=1685477\r\n Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP> 250 2.1.0 Sender [EMAIL PROTECTED] OK Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) idle_proc, 6: was busy, 3.2 ms, total idle 54.198 s, busy 47.448 s Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) idle_proc, 5: was idle, 0.3 ms, total idle 54.198 s, busy 47.448 s Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) prolong_timer after reading SMTP command: remaining time = 300 s Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP< RCPT TO:<[EMAIL PROTECTED]>\r\n Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: [EMAIL PROTECTED], rcpt@, rcptpdomain.com, .rcptpdomain.com, .com, . Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_hash([EMAIL PROTECTED]), no matches Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup (local_domains) => undef, "[EMAIL PROTECTED]" does not match Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: [EMAIL PROTECTED], @rcptpdomain.com, @.rcptpdomain.com, @.com, @. Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap "[EMAIL PROTECTED]", query keys: "[EMAIL PROTECTED]", "@rcptpdomain.com", "@.rcptpdomain.com", "@.com", "@.", base: o=na, filter: (&(objectclass=amavisaccount)(cybalternatedomain=%m)) Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) ldap begin_work Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: searching base="o=na", scope="sub", filter="(&(objectclass=amavisaccount)(|([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])))" Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisviruslover" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamlover" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbannedfileslover" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbadheaderlover" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbypassviruschecks" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbypassspamchecks" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbypassbannedchecks" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbypassheaderchecks" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamtaglevel" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamtag2level" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamkilllevel" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspammodifiessubj" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisvirusquarantineto" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamquarantineto" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbannedquarantineto" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbadheaderquarantineto" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisblacklistsender" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amaviswhitelistsender" from object Jul 26 10:2
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Joel, > Here are the complete logs using grep 32392-04 /var/log/maillog.1 Thanks. Do you have perhaps anything assigned to $banned_namepath_re? > I still don't see lookup_ldap_attr(amavisbypassbannedchecks)... Does this > have something to do with the MYUSERS policy bank not being defined? That's ok, it's because you have bypass_spam_checks_maps=>[1] in MYNETS. Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
Michael Hall wrote: > On Tue, Jul 26, 2005 at 10:53:32AM -0400, Joel Nimety wrote: > > >>Hello -- I've just upgrade to amavis-2.3.2. I'm using LDAP lookups for >>per domain/user maps. I have a user who has BypassBannedChecks=TRUE set >>in LDAP yet he still is having attachments blocked. I've turned up >>logging for myself using $debug_sender_acl and I've sent the user an >>.exe file. Here's the log. Notice that amavis successfully looks-up >>BypassBannedChecks=TRUE but still performs the banned blocking. Is this >>a bug? Please let me know if more information is required. Thanks. > > > The logs below are incomplete, I don't see anything like: > > Jul 2 12:15:18 ukiah amavis[10649]: (10649-01) Checking for banned types and > fi > lenames > Jul 2 12:15:18 ukiah amavis[10649]: (10649-01) > lookup_ldap_attr(amavisbypassban > nedchecks) "[EMAIL PROTECTED]" result=(1) > ... Here are the complete logs using grep 32392-04 /var/log/maillog.1 I still don't see lookup_ldap_attr(amavisbypassbannedchecks)... Does this have something to do with the MYUSERS policy bank not being defined? [EMAIL PROTECTED] amavisd-new-2.2.0]# grep 32392-04 /var/log/maillog.1 Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) DEBUG_ONESHOT: TURNED ON Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP< MAIL FROM:<[EMAIL PROTECTED]> SIZE=1685477\r\n Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP> 250 2.1.0 Sender [EMAIL PROTECTED] OK Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) idle_proc, 6: was busy, 3.2 ms, total idle 54.198 s, busy 47.448 s Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) idle_proc, 5: was idle, 0.3 ms, total idle 54.198 s, busy 47.448 s Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) prolong_timer after reading SMTP command: remaining time = 300 s Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP< RCPT TO:<[EMAIL PROTECTED]>\r\n Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: [EMAIL PROTECTED], rcpt@, rcptpdomain.com, .rcptpdomain.com, .com, . Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_hash([EMAIL PROTECTED]), no matches Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup (local_domains) => undef, "[EMAIL PROTECTED]" does not match Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: [EMAIL PROTECTED], @rcptpdomain.com, @.rcptpdomain.com, @.com, @. Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap "[EMAIL PROTECTED]", query keys: "[EMAIL PROTECTED]", "@rcptpdomain.com", "@.rcptpdomain.com", "@.com", "@.", base: o=na, filter: (&(objectclass=amavisaccount)(cybalternatedomain=%m)) Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) ldap begin_work Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: searching base="o=na", scope="sub", filter="(&(objectclass=amavisaccount)(|([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])))" Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisviruslover" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamlover" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbannedfileslover" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbadheaderlover" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbypassviruschecks" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbypassspamchecks" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbypassbannedchecks" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbypassheaderchecks" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamtaglevel" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamtag2level" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamkilllevel" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspammodifiessubj" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisvirusquarantineto" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisspamquarantineto" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbannedquarantineto" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisbadheaderquarantineto" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amavisblacklistsender" from object Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: reading attribute "amaviswhitelistsender" from object Jul 26 10:2
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
On Tue, Jul 26, 2005 at 10:53:32AM -0400, Joel Nimety wrote: > Hello -- I've just upgrade to amavis-2.3.2. I'm using LDAP lookups for > per domain/user maps. I have a user who has BypassBannedChecks=TRUE set > in LDAP yet he still is having attachments blocked. I've turned up > logging for myself using $debug_sender_acl and I've sent the user an > .exe file. Here's the log. Notice that amavis successfully looks-up > BypassBannedChecks=TRUE but still performs the banned blocking. Is this > a bug? Please let me know if more information is required. Thanks. The logs below are incomplete, I don't see anything like: Jul 2 12:15:18 ukiah amavis[10649]: (10649-01) Checking for banned types and fi lenames Jul 2 12:15:18 ukiah amavis[10649]: (10649-01) lookup_ldap_attr(amavisbypassban nedchecks) "[EMAIL PROTECTED]" result=(1) ... > > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP< RCPT > TO:<[EMAIL PROTECTED]>\r\n > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: > [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, . > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) > lookup_hash([EMAIL PROTECTED]), no matches > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup (local_domains) > => undef, "[EMAIL PROTECTED]" does not match > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: > [EMAIL PROTECTED], @rcptdomain.com, @.rcptdomain.com, @.com, @. > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap > "[EMAIL PROTECTED]", query keys: "[EMAIL PROTECTED]", > "@rcptdomain.com", "@.rcptdomain.com", "@.com", "@.", base: o=na, > filter: (&(objectclass=amavisaccount)(cybalternatedomain=%m)) > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: searching > base="o=na", scope="sub", > filter="(&(objectclass=amavisaccount)(|([EMAIL PROTECTED])([EMAIL > PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])))" > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) > lookup_ldap([EMAIL PROTECTED]) matches, > result=(cybalternatedomain=>"@rcptdomain.com", > amavisbypassbannedchecks=>"TRUE", amavisbypassspamchecks=>"TRUE", > amavisspamlover=>"TRUE", amavisbypassviruschecks=>"TRUE") > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavismessagesizelimit), no attribute, > "[EMAIL PROTECTED]" result=undef > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup > (message_size_limit) => undef, "[EMAIL PROTECTED]" does not match > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP> 250 2.1.5 > Recipient [EMAIL PROTECTED] OK > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP::10026 > /var/amavis/tmp/amavis-20050726T102756-32392: <[EMAIL PROTECTED]> > -> <[EMAIL PROTECTED]> Received: SIZE=1685477 from > mail06.perimeterco.com ([127.0.0.1]) by localhost > (mail06.perimeterco.com [127.0.0.1]) (amavisd-new, port 10026) with LMTP > id 32392-04 for <[EMAIL PROTECTED]>; Tue, 26 Jul 2005 10:29:38 -0400 (EDT) > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) Checking: EPI2-DPhWQFz > CF/MYNETS [63.76.208.2] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]> > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavisbypassviruschecks) "[EMAIL PROTECTED]" result=(1) > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup > (bypass_virus_checks) => true, "[EMAIL PROTECTED]" matches, > result="1", matching_key="/cached/" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavisbypassheaderchecks), no attribute, > "[EMAIL PROTECTED]" result=undef > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) query_keys: > [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, . > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_hash([EMAIL PROTECTED]), no matches > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup > (bypass_header_checks) => undef, "[EMAIL PROTECTED]" does not match > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup => true, > "[EMAIL PROTECTED]" matches, result="1", matching_key="(constant:1)" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) p.path > [EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed | > P=p001,L=1/1,M=text/plain,T=asc" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) p.path BANNED:1 > [EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed | > P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms,N=dcom98.exe", > matching_key="(?mix-s:(?# BLOCK COMMON NAME EXENSIONS )\n ^ (.*\t)? > N= [^\t\n]* \\. > (pif|exe|cpl|swf|vbs|bat|cmd|com|dll|hta|js|jse|lnk|msi|ocx|reg|shs|vb|vbe|wsf|scr) > (\t.*)? $)" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavisbannedfileslover), no attribute, > "[EMAIL PROTECTED]" result=undef > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) query_keys: > [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, . > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_hash([EMAIL PROTECTED]), no matches > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup > (banned_files_lovers)
Re: [AMaViS-user] LDAP amavisBypassBannedChecks not working
It would appear that MYNETS isn't working either because I have
bypass_banned_checks_maps => [1] in $policy_bank{'MYNETS'} and the email
log below is indicating CF/MYNETS (note: CF has
bypass_banned_checks_maps => [1] as well).
$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
bypass_spam_checks_maps => [1], # Turn off spam checking for
locally originated emails
bypass_banned_checks_maps => [1], # Turn off banned checking for
locally originated emails
};
$policy_bank{'CF'} = {
bypass_spam_checks_maps => [1], # Turn off spam checking
for locally originated emails
bypass_banned_checks_maps => [1], # Turn off banned
checking for locally originated emails
forward_method => 'smtp:[127.0.0.1]:10226', #
forward checked mail to postfix instance that handles
ContentFiltering/MailSafe
notify_method => 'smtp:[127.0.0.1]:10225', #
submit notifications through the usual smtp path
};
Joel Nimety wrote:
> Hello -- I've just upgrade to amavis-2.3.2. I'm using LDAP lookups for
> per domain/user maps. I have a user who has BypassBannedChecks=TRUE set
> in LDAP yet he still is having attachments blocked. I've turned up
> logging for myself using $debug_sender_acl and I've sent the user an
> .exe file. Here's the log. Notice that amavis successfully looks-up
> BypassBannedChecks=TRUE but still performs the banned blocking. Is this
> a bug? Please let me know if more information is required. Thanks.
>
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP< RCPT
> TO:<[EMAIL PROTECTED]>\r\n
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys:
> [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, .
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04)
> lookup_hash([EMAIL PROTECTED]), no matches
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup (local_domains)
> => undef, "[EMAIL PROTECTED]" does not match
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys:
> [EMAIL PROTECTED], @rcptdomain.com, @.rcptdomain.com, @.com, @.
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap
> "[EMAIL PROTECTED]", query keys: "[EMAIL PROTECTED]",
> "@rcptdomain.com", "@.rcptdomain.com", "@.com", "@.", base: o=na,
> filter: (&(objectclass=amavisaccount)(cybalternatedomain=%m))
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: searching
> base="o=na", scope="sub",
> filter="(&(objectclass=amavisaccount)(|([EMAIL PROTECTED])([EMAIL
> PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])))"
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04)
> lookup_ldap([EMAIL PROTECTED]) matches,
> result=(cybalternatedomain=>"@rcptdomain.com",
> amavisbypassbannedchecks=>"TRUE", amavisbypassspamchecks=>"TRUE",
> amavisspamlover=>"TRUE", amavisbypassviruschecks=>"TRUE")
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04)
> lookup_ldap_attr(amavismessagesizelimit), no attribute,
> "[EMAIL PROTECTED]" result=undef
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup
> (message_size_limit) => undef, "[EMAIL PROTECTED]" does not match
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP> 250 2.1.5
> Recipient [EMAIL PROTECTED] OK
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP::10026
> /var/amavis/tmp/amavis-20050726T102756-32392: <[EMAIL PROTECTED]>
> -> <[EMAIL PROTECTED]> Received: SIZE=1685477 from
> mail06.perimeterco.com ([127.0.0.1]) by localhost
> (mail06.perimeterco.com [127.0.0.1]) (amavisd-new, port 10026) with LMTP
> id 32392-04 for <[EMAIL PROTECTED]>; Tue, 26 Jul 2005 10:29:38 -0400 (EDT)
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) Checking: EPI2-DPhWQFz
> CF/MYNETS [63.76.208.2] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04)
> lookup_ldap_attr(amavisbypassviruschecks) "[EMAIL PROTECTED]" result=(1)
> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup
> (bypass_virus_checks) => true, "[EMAIL PROTECTED]" matches,
> result="1", matching_key="/cached/"
> Jul 26 10:29:39 mail06 amavis[32392]: (32392-04)
> lookup_ldap_attr(amavisbypassheaderchecks), no attribute,
> "[EMAIL PROTECTED]" result=undef
> Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) query_keys:
> [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, .
> Jul 26 10:29:39 mail06 amavis[32392]: (32392-04)
> lookup_hash([EMAIL PROTECTED]), no matches
> Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup
> (bypass_header_checks) => undef, "[EMAIL PROTECTED]" does not match
> Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup => true,
> "[EMAIL PROTECTED]" matches, result="1", matching_key="(constant:1)"
> Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) p.path
> [EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed |
> P=p001,L=1/1,M=text/plain,T=asc"
> Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) p.path BANNED:1
> [EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed |
> P=p002,L=1/2,M=application/x-ms-dos-execut
