Re: False positives "text/plain,.exe"

included verbatim in the body of another > text/plain mail. I got it delivered OK. Did you change some configuration of Amavis recently? An automatic update of the package? Olivier > On 26.04.2016 12:47, Tilman Schmidt wrote: >> >> On 26.04.2016 12:28, Olivier Nicole wrote: >>>

Re: Anti-virus for FreeBSD

Patrick >> What anti-virus are you using with FreeBSD? beside ClamAV that is. >> >> I had been using Kaspersky for years, but they are withdrawing their >> support for FreeBSD, so i will not renew my license in October. > > Avira's Antivirus program SAVAPI runs on BSDs. They require per user

Anti-virus for FreeBSD

Hi, What anti-virus are you using with FreeBSD? beside ClamAV that is. I had been using Kaspersky for years, but they are withdrawing their support for FreeBSD, so i will not renew my license in October. So I need a replacement, that has a daemonised version of course. Best regards, Olivier

Re: Amavisd fails to start. Missing UNIX::Syslog??

Stephen Davies writes: > Since running dnf update earlier today, amavisd has stopped working. > The systemctl status reads: > > amavisd.service - Amavisd-new is an interface between MTA and content > checkers. > Loaded: loaded (/usr/lib/systemd/system/amavisd.service;

Re: regex to block emails while having word bounce before @ sign.

Indunil > I go to below site and see whether it matches. > https://regex101.com/ I use The Regex Coach (http://weitz.de/files/regex-coach.exe) for that matter, it works well under Windows or under wine, you can do step by step on your regex. Best regards, Olivier

Kaspersky AV

Hi, I use Kaspersky for Linux (and FreeBSD) on my amavis server (FreeBSD 10.2) but I have an issue. When I define: @keep_decoded_original_maps = (new_RE( qr'^MAIL$', # retain full original message for virus checking The mail is being checked twice and trigger the anti-virus twice. If I

Amavis and ClamAV and YARA

Following the discussion yesterday about ClamAV and YARA, I decided to give it a try. The integration of YARA into ClamAV is still very limited; ClamAV does not support the module (plug-in) framework (many of Android rules are based on a module), nor does it support several other features. It

Re: Amavis and anti-virus engine ?

Per-Erik Persson writes: > Has anyone tried a recent clamav with YARA support and yara-rules available? But why not using yara as yet another anti-virus directly in Amavis? Best regards, Olivier --

Re: Amavis and anti-virus engine ?

Hi, I am using Kaspersky (on FreeBSD) Olivier --

Re: Amavisd-new : Comment bloquer un mail valide en qurantaine ?

In English... Bonjour, Hello, I use amavisd-new version 2.8 and 2.10. I'd like to have amavis quarantine a message that is neither spam, nor virus, nor oversize, nor malformed: a valid message. But quarantine does not work. in the funbction sub_before_send, in the file eamavisd-custom, I add

Re: Amavisd-new : Filtrage en sortie sur le contenu des fichiers et l'oversized

In English... Bonjour, Hello, I use amavisd-new versions 2.8 and 2.10, I'd like to do some output filtering according to the contents and size of the file. It does not work. I my policy_bank I have the folling lines: $policy_bank{'BAN_0'} = { 'forward_method' = 'smtp:[127.0.0.1]:2525',

Re: Strip Office Macros and metadata

Brian, I am looking for the possibility to detect and strip metadata and macro's from MS Office documents and PDF files. Does anyone of you know if there is a plugin available for Amavis or if there is another OpenSource-option for this? Beside the phylosophical question whether one should

Re: BANNED_FILES, Quarantine but send notice to original recipient

Greg, So, I'd like to quarantine banned files, but rather than notifying the sender [usually a bot, or virus etc - and usually with a forged sender address] I'd like to quarantine the file and send a notice to the original recipient. [The one the message was addressed to when we received

Re: BANNED, message contains text/plain,.exe issue.

electronic messages from us in future then please respond to the sender to this effect. -Original Message- From: Olivier Nicole [mailto:olivier.nic...@cs.ait.ac.th] Sent: Monday, March 09, 2015 1:44 PM To: Watthanachai Kekhua Cc: amavis-users@amavis.org Subject: Re: BANNED

Re: BANNED, message contains text/plain,.exe issue.

Hi Golf, Today we found some strange situation for incoming email when enabled blocking .exe in zip file extension on amavisd.conf as below configuration. ### amavisd.conf for BLOCKED ANYWHERE # qr'^UNDECIPHERABLE$', # is or contains any undecipherable components

Re: The nonsense of training spam filters and spam folders [was: training spamsassin]

Daemon, When the user clicks Not Spam in thunderbird. -E-mail goes to your inbox. These e- mails from the inbox would like to add them to a whitelist . This goes *way beyond the role of Amavis, it's pop of imap you are talking about. Olivier Date: Tue, 24 Feb 2015 10:55:21 +0300 From:

Re: Prevent amavis from obliterating spam headers

Quanah, Customers who have external scanners running SA prior to hitting Zimbra's SA install have found that Amavis will obliterate existing SA headers. Additionally, redirecting an email that was previously scanned by SA also results in Amavis obliterating the existing SA headers. Is

No X-Virus-Scanned headed

:21 +0700 (ICT) Received: (from on@localhost) by banyan.cs.ait.ac.th (8.14.7/8.14.7/Submit) id sAI6HTqM046442; Tue, 18 Nov 2014 13:17:29 +0700 (ICT) (envelope-from o...@banyan.cs.ait.ac.th) From: Olivier Nicole olivier.nic...@cs.ait.ac.th To: o...@bknix.co.th Subject: essai

Re: uncheck issue.

Golf, Watthanachai Kekhua watthanac...@ntt.co.th writes: Hi all amavis-user, Today I found 1 case send email with 2 excel attach file and each excel file include 25 sheets then after send to my mail server and I see subject show ***UNCHECK*** . Are you sure that the

Re: uncheck issue.

Golf, Sorry I could not attach excel file due to privacy issue. Nop need to attach the excel files, but we need the headers: From:, To:, received-by: etc. And also the log from amavis. Olivier Please do not hesitate to contact us , If you have any questions . Best Regards.

Re: suicide DBD

Nick, Sure, I could change it so it listens to the real world IP address and have our monitor software chekc it, but thats hardly secure or appropriate. I think the appropriate way would be to have your monitoring software talk to Amavis daemon directly, on wathever port it is using, and

Re: Kaspersky KLMS 8.0 and amavis - partial success...

Jakob, I have been trying to integrate klms 8.0 into amavisd. Up to now I could not get the client-server version to work, so I tried to use the I get the client/server working with: ['Kaspersky Anti-Virus 8.0 for FS', '/usr/local/bin/kav4fs-control', '--scan-file {}', qr/\bThreats

Re: Banned files match, example question

Gregory, But I'm confused. Why does the first match use: $'i vs $'ix for the second? amavis is written in Perl, this is Perl syntax: i stands for case insensitive: the regexp would match .exe and .EXE and .eXe etc. x means extended, you can have spaces in the regexp and they will be

Re: Amavis and MySQL

Robert, 2 to 3,000 messages per day is nothing, it's a very very low load (like 2 messages per minute). Ar you sure the MySQL errors are not due to time-out of the connection on the part of MySQL (like Amavis being inactive for too long?) Bests, Olivier --

Re: Mail for banned

Hi, How can I prevent a user to receive a mail when the messages he has sent is banned by amavisd ? Because the user has sent something bad (that got banned by amavis) you want to kind of disable his account? That is far beyond the scope of amavis I think. Best regards, Olivier --

Re: Mail for banned

Julien, How can I prevent a user to receive a mail when the messages he has sent is banned by amavisd ? Because the user has sent something bad (that got banned by amavis) you want to kind of disable his account? That is far beyond the scope of amavis I think. Yeah, and maybe

Kaspersky 8.0 for file system

Hi, I have been using Kasperky 8.0 for Linux File System (works also for FreeBSD) with amavisd-new. I added the following to @av_scanners: ### Kaspersky Anti-Virus 8.0 (for Linux File Server) ['Kaspersky Anti-Virus 8.0 for FS', '/usr/local/bin/kav4fs-control', '--scan-file {}',

Kasperky in amavisd-new

Hi, Does anybody uses Kaspersky Av for Linux versio 8 with amavisd-new? I have been using version 5 for a long time, but it seems that avesever/aveclient has disappeared in version 8. I found that kav4fs-control --scan-file can do approximately the same, but is one has all the configuration