Amavis postfix always_bcc

instances, but I'm not doing that on this system. Suggestions greatly appreciated. Thanks, Alex

Re: Message causes amavis to stop processing

, though, so I may have configured something wrong. Thanks, Alex

Hacking amavisd $msginfo

more about perl and amavis, and thought this was a fun project for me. Ideas greatly appreciated. Thanks, Alex

Disclaimers, MYNETS, and altermime config problems

to be made to support a disclaimer? Maybe there is an additional policy bank that has remote users added to it? Any ideas greatly appreciated. Thanks, Alex

Submission clients bypass MYNETS policy

smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache tls_random_source = dev:/dev/urandom transport_maps = virtual_alias_maps = hash:/etc/postfix/virtual Any suggestions greatly appreciated. Thanks, Alex

Re: Submission clients bypass MYNETS policy

port. Map that port to a policy bank e.g. MYNETS. Can you guide me to where I can find information on how to do that? Thanks so much for your help. Best, Alex

clamav and virus_name_to_spam_score_maps

a posion pill, and convert the message to spam (or virus, as the case may be) immediately? Thanks, Alex

cannot open databases, lock failed, file exists

as 8 smtpd processes. When I stopped amavisd, it didn't delete the lock files. Is this expected? Thanks, Alex

bayes autolearn status in logs

as expected. Regards Alex

Whitelist for localhost

-Transfer-Encoding: 7bit Message-Id: 20111219031320.3a57e1560...@mail01.example.com From: r...@mail01.example.com (root) I'd really appreciate any ideas you may have on the easiest way to whitelist by sender to localhost. Thanks, Alex

Matching quarantine ID with quarantine filename

to effectively resubmit this quarantined file back into the mail stream so it isn't flagged again? If I whitelist the sender, how can I pass it to sendmail to resend it? Thanks, Alex

Amavis just stops and exits

times, but I really need to figure out why it's happening. Perhaps it's a known bug with this version? How can I troubleshoot this? Is there any further information I can provide to help troubleshoot this? Thanks, Alex

Re: Amavis just stops and exits

to an unreliable service amavisd reload on fedora15, and instead amavisd existing and not being restarted. I will look for this next time it happens. Thanks again, Alex

Re: Amavis just stops and exits

could be the cause of amavisd just going catatonic? Thanks, Alex

Re: Amavis just stops and exits

amavisd is running in our environment. If it ran for only the last week or so and started to do this, I might suspect something like this, but it's been running for months without a problem. It also runs for at least a week before it even happens at all. Thanks, Alex

Temporary MTA failure issue

postfix or amavisd, but I'd like to know why this is happening. Thanks for any ideas. Alex

Re: Temporary MTA failure issue

not being equal to the number of postfix smtpd servers. Not sure how they became out of sync. I knew they needed to be equal, but somehow don't recall changing one and not the other. Thanks, Alex

Reloading spamassassin rules on fedora17

. Thanks, Alex

Restarting amavisd unstable on fc17

to reload changes in spamassassin rules, so that it incorporates these changes properly? Is there a more updated RPM available for fc17 than 2.6.6, from all the way back in 2011, or do I have to build my own? No one is using 2.8 on fc17? Thanks, Alex

More Amavis::Custom questions

? Thanks, Alex

Temporary MTA failure on relaying (rw_loop)

, and this is the only one with this issue. Does anyone have an idea what could be causing this? Is the sender notified of this issue, or only through localhost? What does rw_loop: leaving rw loop mean? Thanks for any ideas. Alex

TROUBLE in pre_loop_hook

to be functioning normally again. Is this a known bug? Is there something else I can do to help troubleshoot this? Any ideas greatly appreciated. Thanks, Alex

Re: amavisd performance issues - 100% single CPU core

, Alex

Controlling header display

messages, but not in ham. I've set up spamassassin with the following: report_safe 0 add_header all Report _REPORT_ I've tried various different options relating to the headers that are displayed, and haven't been able to get it to work. Any help greatly appreciated. Thanks, Alex

Using sophos/savi with amavisd

that works well with fedora? Thanks, Alex

Re: sa_mail_body_size_limit and SA scanning

someone had some knowledge of how this worked. Thanks, Alex On Tue, Sep 15, 2015 at 5:07 PM, Alex <mysqlstud...@gmail.com> wrote: > Hi, > > I have a fedora22 system with amavisd-2.10.1 and spamassassin-3.4.1. > I've set my $sa_mail_body_size_limit to 200*1024, or what I assume is &g

Re: Too many open files

.conf > systemctl daemon-reload Ah, terrific. Where did you find that LimitNOFILE was the option that controls the number of open files? Where are those options defined? Thanks guys for your help. Thanks, Alex

Too many open files

boot, so I wondered how to do it at the system level instead? Will this even fix the problem? I notice now amavisd is using quite a few more than the normal 1024 limit already: # lsof |grep amavis|wc -l 1772 # ulimit -n 1024 Is this a PAM setting that I must change? Any help greatly appreciated. Thanks, Alex

Re: Too many open files

pen under normal circumstances? Is it possible that amavisd is not managing file descriptors correctly and perhaps using too many, or not closing them after use? Thanks, Alex On Mon, Dec 14, 2015 at 11:39 AM, Pete Houston <p...@openstrike.co.uk> wrote: > On Mon, Dec 14, 2015 at 11:31:57AM

Amavis fails to start with "lost connection with 127.0.0.1"

really use some help. Thanks, Alex

interface_policy and postfix

the IPs in my whitelist are sent? Or bypassed completely? Thanks, Alex

Re: interface_policy and postfix

Hi, On Mon, Dec 28, 2015 at 1:48 AM, Patrick Ben Koetter <p...@sys4.de> wrote: > * Alex <mysqlstud...@gmail.com>: >> Hi, >> >> I'm using amavisd-new-2.10.1 and postfix-3.0.3 on fc22. I have a bunch >> of IPs that I need to effectively whitelist to al

F-Secure and failure to start

Hi, I've installed the downloadable trial version of F-Secure for Linux (installed on fedora) and it appears to be running properly. However, amavis doesn't seem to be able to control it. Jun 22 22:17:56 mail01 amavis[4471]: (04471-01) (!)run_av (F-Secure Linux Security) FAILED - unexpected exit

TROUBLE in child_init_hook / DIE Suicide...

Hi, I have a fedora22 system with amavisd-2.10.1 that has been running fine for a while. Today amavisd died while running with the following errors: Jan 13 12:06:10 mail02 amavis[16426]: (!!)TROUBLE in child_init_hook: BDB no dbS: BDB2034 unable to allocate memory for mutex; resize mutex region,

Re: Pls recommend a web front end to manage amavis-new

tation on use yet not open source it? Is this something you would consider? Thanks, Alex

Re: F-Secure and failure to start

Hi all, I was really hoping someone had some experience with the F-Secure antivirus scanner and Linux. Is there no one out there using it any longer? Can you make a recommendation for another virus scanner besides Sophos (sucks) and clamav+sane? On Wed, Jun 22, 2016 at 10:21 PM, Alex <mysqls

Re: Negative repeat count does nothing...

Hi, I posted the message below a few days ago and haven't received any feedback. Is this the right place for such questions? Is there a bugzilla to report this as a bug? On Tue, Jan 19, 2016 at 9:57 AM, Alex <mysqlstud...@gmail.com> wrote: > Hi, > Since upgrading my system to amavis

Negative repeat count does nothing...

Hi, Since upgrading my system to amavisd-new-2.10.1 and perl-5.22.1 on fedora23, I've been receiving the following warnings from amavis: Jan 19 09:52:45 mail03 amavis[3843]: (03843-03) _WARN: Negative repeat count does nothing at /usr/sbin/amavisd line 16408. Is this a known problem? It appears

Rejecting only clamav Structured.CreditCardNumber

to it. I'm using it with postfix - perhaps there's a way to do this with postfix? Thanks, Alex

Identifying MIME attachments

the custom hooks to modify log output, but nothing like this. Eventually I'd like to get to the point where I can search within the document for specific strings. Thanks, Alex

Password protected Word/phishing emails

? Is it possible for virus scanners to detect malicious emails that have been password protected? Thanks, Alex

Re: Blocking ZIP within ZIP

hin some varible executable code which is not allways > properly recognized. Are you sure this doesn't already work? What's inside the inner zip? Ultimately it's got to be something that's on your existing banned list (.js, .exe, etc..), so I would think it would find that and reject/ban it. Regards, Alex

Re: Anti-Virus

Hi, On Fri, Sep 16, 2016 at 8:24 AM, Dino wrote: > We use clam-av and sophos and they both seem to work really well > complimenting each other on the same box. > > > On 9/15/2016 10:27 AM, Phil Daws wrote: > > Would be interested to hear of which virus scanners work well

Re: Anti-Virus

Hi, On Mon, Sep 19, 2016 at 4:18 AM, Olivier <olivier.nic...@cs.ait.ac.th> wrote: >> On 9/15/2016 10:27 AM, Phil Daws wrote: >>> Would be interested to hear of which virus scanners work well for you with >>> Amavis ? Thanks. > > ClamAV & Kaspersky Are you using these on Fedora? Debian? Alex --

Modifying subject for encrypted attachments

Hi, We're using amavisd-new-2.11.0-4 on fedora23 and trying to combat the encrypted Word attachments with macro viruses. Is there a way to modify the subject to indicate it contains an encrypted attachment and that the user should be careful when attempting to open it? Thanks, Alex

Virus scanners with amavis and fedora

macro viruses and PDF spam. Thanks, Alex

Re: Virus scanners with amavis and fedora

n getting something like f-secure or another commercial scanner working in conjunction with sophos and clamav. I've tried f-secure, and I can't get it configured properly. Thanks, Alex > > -Original Message- > From: amavis-users > [mailto:amavis-users-bounces+dino.edwards=mydire

Re: Virus scanners with amavis and fedora

on to determine what the options should be for it to listen on the socket or properly communicate to scan the files it receives. Their support forum is entirely unhelpful. Thanks, Alex

Re: Virus scanners with amavis and fedora

s is disabled because it then doesn't scan them at all, only marks them as having macros. Thanks, Alex

Quarantine report

, or directly from the quarantine itself... I'd like a report on the subject/date/sender/recipients for each message. Other abilities like run on a per-user basis or in some fancy HTML report would be nice as well. Thanks, Alex

Re: Amavisd and Avira savapi

e, running on the interface '/var/tmp/.savapi3:0', status check successful. Any other ideas of what else I might be doing wrong? Thanks, Alex

Re: Amavisd and Avira savapi

0.1 5.6 647576 462884 pts/2 Sl+ Jun28 1:29 >> ./savapi -N --config=savapi.conf --key-file=MYKEY.KEY >> >> Thanks, >> Alex > > > The PrivateTmp directive sets a file system namespace for the amavisd > service, so the /tmp and /var/tmp that amavisd sees is not the

Re: Amavisd and Avira savapi

vironment variable TMPDIR, used by SA, etc. # ls -la ~amavis/tmp/ total 12 drwxr-x--- 3 amavis amavis 4096 Jun 29 11:27 . drwxr-x--- 8 amavis amavis 4096 Jun 28 21:11 .. $ ps axu|grep savapi amavis 18823 0.1 5.6 647576 462884 pts/2 Sl+ Jun28 1:29 ./savapi -N --config=savapi.conf --key-file=MYKEY.KEY Thanks, Alex

Re: Amavisd and Avira savapi

Hi, On Thu, Jun 29, 2017 at 3:55 AM, Juan Orti Alcaine <j.orti.alca...@gmail.com> wrote: > 2017-06-29 3:17 GMT+02:00 Alex <mysqlstud...@gmail.com>: >> >> However, it still doesn't work. It still reports >> >> (!)Avira SAVAPI av-scanner FAILED: run_av error

Re: How many antivirus are recommended?

for nearly any of the popular vectors now. I tried to get F-Secure to install, but also had a problem there. Someone offered information on Avira, but then just never responded, and their website says nothing about Linux. Anyone have success with other virus scanners on Linux/amavisd? Thanks, Alex

Re: How many antivirus are recommended?

Hi, On Tue, Jun 20, 2017 at 4:13 AM, Marc Stürmer <m...@marc-stuermer.de> wrote: > Zitat von Alex <mysqlstud...@gmail.com>: > >> We all have clamav+sanesecurity, but what others are people using? >> Sophos is horrible. Hardly worth it. It doesn't scan for nearly any

pyzor problem with fedora25

Hi, I'm seeing the following warning with fedora25 and pyzor-1.0.0-9.20160210gitf16e1b6.fc25.noarch with amavisd-new-2.11.0-4.fc25.noarch. Jun 27 09:21:40 mail01 amavis[19733]: (19733-10) _WARN: pyzor: check failed: internal error, python traceback seen in response Is the pyzor from 2016 the

WMF file concerns

Hi, would someone confirm for me the risks of allowing Word files that include WMF files? X-Amavis-Alert: BANNED, message contains .wmf,word/media/image1.wmf I'm seeing it's quite common for Word files to include this image1.wmf file, and wondered what the risk would be for allowing them.

_WARN: Argument "\\n* ..." isn't numeric

Hi, I'm using amavisd-new-2.11.0 on fedora25 with spamassassin-3.4.2 from svn and just noticed I'm receiving a warning that I don't understand: Feb 8 10:09:13 juggernaut amavis[26852]: (26852-07) _WARN: Argument "\\n* 0.5 JMQ_SPF_NEUTRAL_ALL ASKDNS: SPF set to ?all!\\n*..." isn't numeric in

_WARN: no decoder for unknown

Hi, I'm using amavisd-new-2.11.0 on fedora28 and trying to figure out why amavisd can't determine the file type for these files. Are they corrupt files or possible malware? Aug 19 02:20:36 mail01 amavis[18837]: (18837-03) _WARN: no decoder for unknown at

New virus scanners?

being maintained? Are people migrating to fuglu? Thanks, Alex

Blocking by country

with a list of the different countries? Maybe a sender map that can block on a per-recipient basis? I've done quite a bit of searching and most of what I see is from decades ago to links that no longer exist. Thanks, Alex

Bypass scanning based on recipient

gt; [1], bypass_spam_checks_maps => [1], bypass_banned_checks_maps => [1], bypass_header_checks_maps => [1], }; Thanks, Alex

Re: Bypass scanning based on recipient

ecks_maps will work because it relies on the recipient being the only address to receive the email. If there are other recipients, the regular processing occurs. Thanks, Alex

Send all quarantined mail to a specific user?

to send all quarantined mail to a specific address, but having the flexibility to send on a per-domain basis would be helpful. I suppose I could do something with procmail, but doing it inherently with amavis would be great. Thanks, Alex

Re: sa_mail_body_size_limit and attachments

> > Is there a variable to skip processing messages that > > contain attachments larger than a specific size? > > There isn't. Yeah, amavis was written at a time when 100k was a large attachment. Have people mostly moved on from amavis? What are the other options? I've been using it almost from

sa_mail_body_size_limit and attachments

in the quarantine because of a false positive. Of course I need to fix the FP, but there's also no reason to scan such a large message. Thanks, Alex

Re: sa_mail_body_size_limit and attachments

Hi, > > malware should be detected by clamav or other AV. > > I did not understand Alex' question regarding "stop scanning" to apply > to spam-scanning only. Maybe they should specify. I identified an 8MB false-positive. Is it the case that spammers are sending malware as large as 8MB files now?

Re: sa_mail_body_size_limit and attachments

Hi, > Finally, Alex reported FP with 8MB file, but didn't answer which rule caused > it. > Alex, if you read this, please provide the file (if possible) or which > SA rules caused the FP, possibly with text they matched. It was one of the KAM rules. We've addressed it with him, an

Excluding blocking macro/xlsx/docx files to specific recipients?

score_sender_maps might work, but it appears to be an all-or-nothing kind of thing. Maybe an approach would be to move it to SA and build a meta that excludes this specific sender and the specific recipient? Thanks, Alex

Per-domain processing?

Hi, I'm using amavis with postfix-3.10 and spamassassin and would like to be able to apply different policies for different domains, but I'm unsure how to do that. I'm using postfix in a multi-instance configuration, with each instance processing mail for a different domain (or set of domains)

Re: Specify non-default path to spamassassin rules?

Hi all - can I ask again if someone has any ideas on how to specify an alternative config path for SpamAssassin files with amavis? Thanks Alex On Wed, May 11, 2022, 8:50 PM Alex wrote: > Hi, > > I'm trying to configure a second instance of amavisd to run on a different > p

Re: Specify non-default path to spamassassin rules?

On Sun, May 15, 2022 at 8:40 AM Damian wrote: > > Hi all - can I ask again if someone has any ideas on how to specify an > alternative config path for SpamAssassin files with amavis? > > How about [1]? > > [1] > https://gitlab.com/amavis/amavis/-/blob/master/RELEASE_NOTES#L5439-5444 Thanks

Specify non-default path to spamassassin rules?

specific rules to be used. Thanks, Alex

RelayedOpenRelay?

RUSTED', # xavier \@mynetworks => 'MYNETS', ); ip_trace from my logs does have my IP in it. My logs are stored in JSON format, so they're a complete mess or I would post it here. What could I be missing? Thanks, Alex

More Hacking amavisd $msginfo

Hi, I'm trying to find or develop a way to quarantine mail from specific senders for specific domains. Is there a well-defined way to do this? It appears the amavisd.conf doesn't provide the ability to specify different policies based on domains. So eleven years ago(!!!) I posted this somewhat

Question about Authenticated Received Chain (ARC) setup

://de.postfix.org/pipermail/amavis-users/2018-February/005265.html Thanks for any answer. Best regards Alex [1] http://arc-spec.org/ [2] Searches: https://duckduckgo.com/?q=amavisd+Authenticated+Received+Chain=canonical=web https://duckduckgo.com/?q=amavisd+arc=canonical=web https://www.startpage.com/do

per-domain recipient policy?

n't depend on knowing the sending domain. Thanks for any ideas, Alex

per-domain recipient policy?

se amavisd documentation. Thanks for any ideas, Alex

Re: per-domain recipient policy?

mavis main doc? Something like a man page would be so much more clear. Something that defined all of these settings would be very helpful. Thanks so much, Alex > > > # > ## POLICY MAPPING > # > > # We ar

sender maps and whitelisting

elayedInbound Quarantined","attached_file_names":["message.msg"],"author":" watchrecon@gmail.com"] Thanks, Alex

Re: sender maps and whitelisting

Hi, > I was using the hash-type arrays. Would something like this work for the > > hash array to represent any sender at this domain? > > '.email.avi-8.com' => -100.0, > > Yes, but I was under the impression that you wanted to match VERP-style >

Re: sender maps and whitelisting

HI, On Mon, Apr 22, 2024 at 10:13 AM Damian wrote: > I've just started using sender_maps instead of the welcomelist in > spamassassin directly and have a few questions. Here is my current > sender_map: > > Is this `@score_sender_maps`? > Yes, correct. >'.gtenney.com' => [{

Re: sender maps and whitelisting

Hi, > Here's a pastebin from an email similar to the above where one of the >> recips is whitelisted while the other is quarantined (using >> report_json).https://pastebin.com/8i6qwjvM >> >> The paste shows >> >> "rcpt_to": [ >> "bcc-u...@gambit.example.com" , >> "hartm...@tenney.com" >> ], >>

Re: sender maps and whitelisting

Hi, On Tue, Apr 23, 2024 at 12:18 PM Damian wrote: > Here's a pastebin from an email similar to the above where one of the > recips is whitelisted while the other is quarantined (using > report_json).https://pastebin.com/8i6qwjvM > > The paste shows > > "rcpt_to": [ >

Re: sender maps and whitelisting

Hi, > Yes, that's correct - I've always used postfix always_bcc and didn't > realize there was one for amavis as well. > > If you want to keep it that way, you could declare bcc-user a spam_lover: > > > @spam_lovers_maps = ([ > > > 'bcc-u...@gambit.example.com', > > ]); > Should I be able to

Empty attachments - BAD HEADER SECTION, MIME error: error: part did not end with expected boundary

the following configuration : (/etc/amavis/conf.d/21-ubuntu_defaults) @bypass_header_checks_maps = (1); $bad_header_quarantine_to = undef; But this doesn't seem to help. Can anyone give me any hints as to where to look? Thanks in advance, Alex -- Alex Dyas, Manager - Systems Administration Tel: +41 22

Re: Empty attachments - BAD HEADER SECTION, MIME error: error: part did not end with expected boundary

Hello Mark, On 05/21/2012 03:22 PM, Mark Martinec wrote: Alex, Environment : - Ubuntu - 10.04.3 LTS - Postfix - 2.7.0-1ubuntu0.2 - Amavis - 1:2.6.4-1ubuntu5 - Spam Assassin - 3.3.1-1 - ClamAV - 0.96.5+dfsg-1ubuntu1.10.04.3 Symptoms - A couple of emails per day come through the system

Re: Clarification on master.cf configuration for configurating transport

. This is no longer required and strongly discouraged. [1] http://www.postfix.org/postconf.5.html#smtp_dns_support_level -- Alex JOST

Re: Using Amavis as a front-end for Exchange

. I can include the entire headers if that helps. Have you enabled spamd in /etc/default/spamassassin? -- Alex JOST

Changing log output

an additional log entry through something like amavisd-custom.conf, or can the original somehow be configured? Thanks, Alex

Re: Integration with virtual domains maintained by postfixadmin

-consult.com result=undef So what am I missing here? This works for me: http://sourceforge.net/p/postfixadmin/wiki/Amavis_configuration/ -- Alex JOST

Configuring multiple virus scanners

to connect sophos and amavisd? Can you recommend other virus scanners on Linux that you've used with success? Are there any HOWTOs available that show how to get them set up properly? Thanks, Alex

Re: After migration spam passed that should be killed.

a more recent version like 2.10 would have been used? Thanks, Alex

Re: Spam assassin with amavisd-new

, then just reinstalling the latest. Regards, Alex

BUG: Failure to handle unexpected output

or better indicate in the logs that an error has occurred? How can I control where the amavisd critical messages are stored? Thanks, Alex

Re: Accessing $msginfo structure

Hi, On 02/27/2015 06:43 AM, Michael Storz wrote: Am 2015-02-25 04:25, schrieb Alex Regan: Hi, I'm using amavisd-new-2.9.1 on fedora20 and implementing the custom hooks to record info about each message to syslog. I successfully have it reporting things like the quarantine file name, sender

Accessing $msginfo structure

.UNOFFICIAL? Would it be the same for some of the other variables such as spam_report or spam_summary? Thanks, Alex

Re: HitFreqsRuleTiming.pm question

Hi, On 05/14/2015 05:53 AM, Benning, Markus wrote: Am 2015-05-13 18:56, schrieb Alex Regan: I'm trying to install this and receiving the following error: May 13 12:52:56 mail01 amavis[23948]: _WARN: Warning: Use of require without parentheses is ambiguous at (eval 304) line 1. May 13 12:52:56

Re: HitFreqsRuleTiming.pm question

while strict subs in use at (eval 304) line 1.\n Any idea what I could be doing wrong? Is this part of the amavisd distribution or something that you created? This is with amavis v2.9.1 and spamassassin v3.4.1 on fedora20. Thanks, Alex

  1   2   >