--- amavisd-new-2.2.1/amavisd.conf-sample.chris 2005-01-09 19:24:25.000000000 +0100 +++ amavisd-new-2.2.1/amavisd.conf-sample 2005-01-09 19:25:11.784562320 +0100 @@ -73,21 +73,21 @@ # Set the user and group to which the daemon will change if started as root # (otherwise just keeps the UID unchanged, and these settings have no effect): -$daemon_user = 'vscan'; # (no default; customary: vscan or amavis) -$daemon_group = 'vscan'; # (no default; customary: vscan or amavis or sweep) +$daemon_user = 'amavis'; # (no default; customary: vscan or amavis) +$daemon_group = 'amavis'; # (no default; customary: vscan or amavis or sweep) # Runtime working directory (cwd), and a place where # temporary directories for unpacking mail are created. # (no trailing slash, may be a scratch file system) -$TEMPBASE = $MYHOME; # (must be set if other config vars use is) -#$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean? +#$TEMPBASE = $MYHOME; # (must be set if other config vars use is) +$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean? -#$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db" +$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db" # $helpers_home sets environment variable HOME, and is passed as option # 'home_dir_for_helpers' to Mail::SpamAssassin::new. It should be a directory # on a normal persistent file system, not a scratch or temporary file system -#$helpers_home = $MYHOME; # (defaults to $MYHOME) +$helpers_home = $MYHOME; # (defaults to $MYHOME) # Run the daemon in the specified chroot jail if nonempty: #$daemon_chroot_dir = $MYHOME; # (default is undef, meaning: do not chroot) @@ -152,7 +152,7 @@ # feeding amavisd, e.g. with Postfix the 'Max procs' field in the # master.cf file, like the '2' in the: smtp-amavis unix - - n - 2 smtp # -$max_servers = 2; # number of pre-forked children (default 2) +$max_servers = 4; # number of pre-forked children (default 2) $max_requests = 20; # retire a child after that many accepts (default 10) $child_timeout=5*60; # abort child if it does not complete each task in @@ -291,7 +291,7 @@ # 3: server, client # 4: decompose parts # 5: more debug details -$log_level = 2; # (defaults to 0) +$log_level = 0; # (defaults to 0) # Customizable template for the most interesting log file entry (e.g. with # $log_level=0) (take care to properly quote Perl special characters like '\') @@ -447,10 +447,29 @@ # reject original client SMTP session, as the mail has already # been enqueued. -$final_virus_destiny = D_BOUNCE; # (defaults to D_DISCARD) -$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE) -$final_spam_destiny = D_BOUNCE; # (defaults to D_BOUNCE) -$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested +######## +# +# Please think about what you are doing when you set these options. +# If necessary, question your origanization's e-mail policies: +# +# D_BOUNCE contributes to the overall spread of virii and spam on the +# internet. Both the envelope and header from addresses can be forged +# accurately with no effort. +# +# D_DISCARD breaks internet mail specifications. However, with a +# properly implemented Quaratine system, the concern for breaking the +# specification is addressed to some extent. +# +# D_PASS is the safest way to handle e-mails. You must implement +# client-side filtering to handle this method. +# +# -Cory Visi 07/28/04 +# +####### +$final_virus_destiny = D_DISCARD; # (defaults to D_DISCARD) +$final_banned_destiny = D_DISCARD; # (defaults to D_BOUNCE) +$final_spam_destiny = D_DISCARD; # (defaults to D_BOUNCE) +$final_bad_header_destiny = D_PASS; # (defaults to D_PASS) # Alternatives to consider for spam: # - use D_PASS if clients will do filtering based on inserted @@ -590,7 +609,7 @@ # or a directory (no trailing slash) # (the default value is undef, meaning no quarantine) # -$QUARANTINEDIR = '/var/virusmails'; +$QUARANTINEDIR = "$MYHOME/quarantine"; #$virus_quarantine_method = 'local:virus-%i-%n'; # default #$spam_quarantine_method = 'local:spam-%b-%i-%n'; # default @@ -725,7 +744,7 @@ $defang_virus = 1; # default is false: don't modify mail body $defang_banned = 1; # default is false: don't modify mail body # $defang_bad_header = 1; # default is false: don't modify mail body -# $defang_undecipherable = 1; # default is false: don't modify mail body +$defang_undecipherable = 1; # default is false: don't modify mail body # $defang_spam = 1; # default is false: don't modify mail body $remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone @@ -1428,7 +1447,7 @@ # NOTE: if $daemon_chroot_dir is nonempty, the directories will be # relative to the chroot directory specified; -$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; +$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin:/opt/bin'; # Specify one string or a search list of strings (first match wins). # The string (or: each string in a list) may be an absolute path, @@ -1466,7 +1485,7 @@ # of the option local_tests_only. See Mail::SpamAssassin man page. # If set to 1, no SA tests that require internet access will be performed. # -$sa_local_tests_only = 1; # (default: false) +$sa_local_tests_only = 0; # (default: false) #$sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant # for SA 3.0, its cf option is use_auto_whitelist) @@ -1525,7 +1544,7 @@ #$sa_spam_report_header = 0; # insert X-Spam-Report header field? default false # stop anti-virus scanning when the first scanner detects a virus? -#$first_infected_stops_scan = 1; # default is false, all scanners in a section +$first_infected_stops_scan = 1; # default is false, all scanners in a section # are called # @av_scanners is a list of n-tuples, where fields semantics is: @@ -1798,7 +1817,7 @@ ### http://www.nai.com/ ['NAI McAfee AntiVirus (uvscan)', 'uvscan', - '--secure -rv --mime --summary --noboot - {}', [0], [13], + '--secure --mime --program --mailbox -rv --summary --noboot --timeout 180 - {}', [0], [13], qr/(?x) Found (?: \ the\ (.+)\ (?:virus|trojan) | \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | @@ -1909,7 +1928,7 @@ ### http://www.f-prot.com/ - backs up F-Prot Daemon ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'], - '-dumb -archive -packed {}', [0,8], [3,6], + '-dumb -ai -packed -server {}', [0,8], [3,6], qr/Infection: (.+)/ ], ### http://www.trendmicro.com/ - backs up Trophie