On Sun, 21 Dec 2003 at 10:09:38AM -0500, hanasaki wrote:
whats the difference between amavis-ng and milter and amavisd-new? are
some going away? which one do you use for what? or clamscan directly?
how can virus scanning be added? clamscan and spam Spam assassin seem
to be the norms from googling. the configuration files to integrate
with exim are befuddling.
##Transport section
#ADDED FOR MAVIS AV Scan#
amavis:
driver = pipe
command = /usr/bin/amavis -f ${sender_address} -d
${pipe_addresses}
prefix =
suffix =
check_string =
escape_string =
return_output = false
return_path_add = false
user = amavis
group = amavis
path = /bin:/sbin:/usr/bin:/usr/sbin
current_directory = /var/spool/amavis-ng
##Directors Section
#Put this first, ORDER MATTERS!
###ADDED FOR MAVIS AV SCANNER
amavis_director:
condition = ${if eq {$received_protocol}{scanned-ok} {0}{1}}
driver = smartuser
transport = amavis
the plan is too hook a virus scanner into exim4 from sarge. any
thoughts are appreciated. A copy of someone's working exim4 config
would be great!
how does one integrate the following with exim? And which do you folks
recommend for what reasons?
SPAM
Spamassassin
bogofilter
Defiantly bogofilter. Bogofilter has the ability to learn and adjust to
new spam. I would suggest you set up a set of bogofilter dbs for each
user since what each user considers spam is different. Then you have
your users use IMAP and create a few mailboxes for them:
MisMarkedAsGood (runs bogofilter -Ns)
MisMarkedAsBad (runs bogofilter -Sn)
MarkGood (bogofilter -n)
MarkBad (bogofilter -s)
The last two mbox files are only used if you use tristate filtering
(Good, Bad, Unsure).
Then you run cron jobs like this in the user's crontab...
4 4 * * * stripdaemonmail.pl ~/Mail/MisMarkedAsBad | bogofilter -Sn ;
stripdaemonmail.pl ~/Mail/MisMarkedAsBad /var/mail/username ; rm
~/Mail/MisMarkedAsBad ; touch ~/Mail/MisMarkedAsBad
5 4 * * * stripdaemonmail.pl ~/Mail/MisMarkedAsGood | bogofilter -Ns ; rm
~/Mail/MisMarkedAsGood ; touch ~/Mail/MisMarkedAsGood
6 4 * * * stripdaemonmail.pl ~/Mail/MarkBad | bogofilter -s ; rm ~/Mail/MarkBad
; touch ~/Mail/MarkBad
7 4 * * * stripdaemonmail.pl ~/Mail/MarkGood | bogofilter -n ;
stripdaemonmail.pl ~/Mail/MarkGood /var/mail/username ; rm ~/Mail/MarkGood ; touch
~/Mail/MarkGood
stripmail.pl (attached) is a simple perl script that removes mbox emails that
are left by the imap daemon. If you find a bug in the perl script I
would definitely appreciate it if you would let me know. Even though it
is not formally documented the script should be considered GPL.
The user's .procmailrc (you are using procmail, yes?) can be configured like
so:
-start procmailrc
:0 f
| bogofilter -p -u -3 -l
:0:
* ^X-Bogosity: Yes
Mail/Junk
:0:
* ^X-Bogosity: Unsure
Mail/Unsure
end procmailrc--
After this users move items in Junk to MisMarkedAsBad if it is a good
email that ended up in the Junk folder. Likewise they move mails that
are spam that ended up in the Inbox to MisMarkedAsGood.
MarkGood/MarkBad are for emails that end up in the Unsure folder.
Hope this helps!
VIRUS
amavis
amavisd-new
No comment about amavis/amavisd-new.
clamscans
This is not related to amavis. Amavis is responsible for parsing the
MIME and saving them to files in /tmp. Clamscan is then used to scan
the files placed in /tmp by amavis. Clamscan has come a long way. They
now have over 10,000 definitions. However, you can use commercial av's
(like Sophis) with amavis if you wish. Last I checked several months
ago Sophis has over 80,000 definitions.
Hope this helps.
--
Phillip Hofmeister
PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.asc | gpg --import
--
Excuse #137: Broadcast packets on wrong frequency
stripdaemonmail.pl
Description: Perl program
