NoPaste

amavis

von Anonymous

SNIPPET_TEXT:
  1. use strict;
  2.  
  3. # ADMINISTRATORS:
  4. # Debian suggests that any changes you need to do that should never
  5. # be "updated" by the Debian package should be made in another file,
  6. # overriding the settings in this file.
  7. #
  8. # The package will *not* overwrite your settings, but by keeping
  9. # them separate, you will make the task of merging changes on these
  10. # configuration files much simpler...
  11.  
  12. #   see /usr/share/doc/amavisd-new/examples/amavisd.conf-default for
  13. #       a list of all variables with their defaults;
  14. #   see /usr/share/doc/amavisd-new/examples/amavisd.conf-sample for
  15. #       a traditional-style commented file  
  16. #   [note: the above files were not converted to Debian settings!]
  17. #
  18. #   for more details see documentation in /usr/share/doc/amavisd-new
  19. #   and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html
  20.  
  21. $QUARANTINEDIR = "$MYHOME/virusmails";
  22. $quarantine_subdir_levels = 1; # enable quarantine dir hashing
  23.  
  24. $log_recip_templ = undef;    # disable by-recipient level-0 log entries
  25. $DO_SYSLOG = 1;              # log via syslogd (preferred)
  26. $syslog_ident = 'amavis';    # syslog ident tag, prepended to all messages
  27. $syslog_facility = 'mail';
  28. $syslog_priority = 'debug';  # switch to info to drop debug output, etc
  29. $log_level = 4;
  30.  
  31. $enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
  32. $enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1
  33.  
  34. $inet_socket_port = 10024;   # default listening socket
  35.  
  36. $sa_spam_subject_tag = '*****SPAM***** ';
  37. $sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
  38. $sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
  39. $sa_kill_level_deflt = 6.31; # triggers spam evasive actions
  40. $sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
  41.  
  42. $sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
  43. $sa_local_tests_only = 0;    # only tests which do not require internet access?
  44.  
  45. # Quota limits to avoid bombs (like 42.zip)
  46.  
  47. $MAXLEVELS = 14;
  48. $MAXFILES = 1500;
  49. $MIN_EXPANSION_QUOTA =      100*1024;  # bytes
  50. $MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes
  51.  
  52. # You should:
  53. #   Use D_DISCARD to discard data (viruses)
  54. #   Use D_BOUNCE to generate local bounces by amavisd-new
  55. #   Use D_REJECT to generate local or remote bounces by the calling MTA
  56. #   Use D_PASS to deliver the message
  57. #
  58. # Whatever you do, *NEVER* use D_REJECT if you have other MTAs *forwarding*
  59. # mail to your account.  Use D_BOUNCE instead, otherwise you are delegating
  60. # the bounce work to your friendly forwarders, which might not like it at all.
  61. #
  62. # On dual-MTA setups, one can often D_REJECT, as this just makes your own
  63. # MTA generate the bounce message.  Test it first.
  64. #
  65. # Bouncing viruses is stupid, always discard them after you are sure the AV
  66. # is working correctly.  Bouncing real SPAM is also useless, if you cannot
  67. # D_REJECT it (and don't D_REJECT mail coming from your forwarders!).
  68.  
  69. $final_virus_destiny      = D_BOUNCE;  # (data not lost, see virus quarantine)
  70. $final_banned_destiny     = D_BOUNCE;   # D_REJECT when front-end MTA
  71. $final_spam_destiny       = D_PASS;
  72. $final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)
  73.  
  74. $virus_admin = "postmaster\@$mydomain"; # due to D_DISCARD default
  75.  
  76. # Set to empty ("") to add no header
  77. $X_HEADER_LINE = "Debian $myproduct_name at $mydomain";
  78.  
  79. # REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS
  80.  
  81. #
  82. # DO NOT SEND VIRUS NOTIFICATIONS TO OUTSIDE OF YOUR DOMAIN. EVER.
  83. #
  84. # These days, almost all viruses fake the envelope sender and mail headers.
  85. # Therefore, "virus notifications" became nothing but undesired, aggravating
  86. # SPAM.  This holds true even inside one's domain.  We disable them all by
  87. # default, except for the EICAR test pattern.
  88. #
  89.  
  90. @viruses_that_fake_sender_maps = (new_RE(
  91.   [qr'\bEICAR\b'i => 0],            # av test pattern name
  92.   [qr/.*/ => 1],  # true for everything else
  93. ));
  94.  
  95. @keep_decoded_original_maps = (new_RE(
  96. # qr'^MAIL$',   # retain full original message for virus checking (can be slow)
  97.   qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
  98.   qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
  99. # qr'^Zip archive data',     # don't trust Archive::Zip
  100. ));
  101.  
  102.  
  103. # for $banned_namepath_re, a new-style of banned table, see amavisd.conf-sample
  104.  
  105. $banned_filename_re = new_RE(
  106. # qr'^UNDECIPHERABLE$',  # is or contains any undecipherable components
  107.   [ qr'^\.(zip|rar)$'=> 0 ],  # ZIP und RAR erlauben
  108.   [  qr'^\.exe-ms$' => 0 ], # EXE erlauben
  109.   [  qr'^\.exe$', => 0 ], # EXE erlauben
  110.  
  111.   # block certain double extensions anywhere in the base name
  112. #  qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
  113.  
  114.   qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Windows Class ID CLSID, strict
  115.  
  116. #  qr'^application/x-msdownload$'i,                  # block these MIME types
  117. #  qr'^application/x-msdos-program$'i,
  118. #  qr'^application/hta$'i,
  119.  
  120. # qr'^application/x-msmetafile$'i,      # Windows Metafile MIME type
  121. # qr'^\.wmf$',                          # Windows Metafile file(1) type
  122.  
  123. # qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME types
  124.  [ qr'^\.(exe-ms)$'             => 0 ],  # erlaubt bestimmte EXE-Dateien
  125.  [ qr'^\.(Z|gz|bz2)$'           => 0 ],  # allow any in Unix-compressed
  126.  [ qr'^\.(rpm|cpio|tar)$'       => 0 ],  # allow any in Unix-type archives
  127.  [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ],  # allow any within such archives
  128.  
  129. #  qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
  130. # qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
  131. #        inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|
  132. #        ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
  133. #        wmf|wsc|wsf|wsh)$'ix,  # banned ext - long
  134.  
  135. # qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i,  # banned extension - WinZip vulnerab.
  136.  
  137. #  qr'^\.(exe-ms)$',                       # banned file(1) types
  138. # qr'^\.(exe|lha|tnef|cab|dll)$',         # banned file(1) types
  139. );
  140. # See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
  141. # and http://www.cknow.com/vtutor/vtextensions.htm
  142.  
  143.  
  144. # ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING
  145.  
  146. @score_sender_maps = ({ # a by-recipient hash lookup table,
  147.                         # results from all matching recipient tables are summed
  148.  
  149. # ## per-recipient personal tables  (NOTE: positive: black, negative: white)
  150. # 'user1@example.com'  => [{'bla-mobile.press@example.com' => 10.0}],
  151. # 'user3@example.com'  => [{'.ebay.com'                 => -3.0}],
  152. # 'user4@example.com'  => [{'cleargreen@cleargreen.com' => -7.0,
  153. #                           '.cleargreen.com'           => -5.0}],
  154.  
  155.   ## site-wide opinions about senders (the '.' matches any recipient)
  156.   '.' => [  # the _first_ matching sender determines the score boost
  157.  
  158.    new_RE(  # regexp-type lookup table, just happens to be all soft-blacklist
  159.     [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i         => 5.0],
  160.     [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
  161.     [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
  162.     [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i   => 5.0],
  163.     [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  => 5.0],
  164.     [qr'^(your_friend|greatoffers)@'i                                => 5.0],
  165.     [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    => 5.0],
  166.    ),
  167.  
  168. #  read_hash("/var/amavis/sender_scores_sitewide"),
  169.  
  170.    { # a hash-type lookup table (associative array)
  171.      'nobody@cert.org'                        => -3.0,
  172.      'cert-advisory@us-cert.gov'              => -3.0,
  173.      'owner-alert@iss.net'                    => -3.0,
  174.      'slashdot@slashdot.org'                  => -3.0,
  175.      'securityfocus.com'                      => -3.0,
  176.      'ntbugtraq@listserv.ntbugtraq.com'       => -3.0,
  177.      'security-alerts@linuxsecurity.com'      => -3.0,
  178.      'mailman-announce-admin@python.org'      => -3.0,
  179.      'amavis-user-admin@lists.sourceforge.net'=> -3.0,
  180.      'amavis-user-bounces@lists.sourceforge.net' => -3.0,
  181.      'spamassassin.apache.org'                => -3.0,
  182.      'notification-return@lists.sophos.com'   => -3.0,
  183.      'owner-postfix-users@postfix.org'        => -3.0,
  184.      'owner-postfix-announce@postfix.org'     => -3.0,
  185.      'owner-sendmail-announce@lists.sendmail.org'   => -3.0,
  186.      'sendmail-announce-request@lists.sendmail.org' => -3.0,
  187.      'donotreply@sendmail.org'                => -3.0,
  188.      'ca+envelope@sendmail.org'               => -3.0,
  189.      'noreply@freshmeat.net'                  => -3.0,
  190.      'owner-technews@postel.acm.org'          => -3.0,
  191.      'ietf-123-owner@loki.ietf.org'           => -3.0,
  192.      'cvs-commits-list-admin@gnome.org'       => -3.0,
  193.      'rt-users-admin@lists.fsck.com'          => -3.0,
  194.      'clp-request@comp.nus.edu.sg'            => -3.0,
  195.      'surveys-errors@lists.nua.ie'            => -3.0,
  196.      'emailnews@genomeweb.com'                => -5.0,
  197.      'yahoo-dev-null@yahoo-inc.com'           => -3.0,
  198.      'returns.groups.yahoo.com'               => -3.0,
  199.      'clusternews@linuxnetworx.com'           => -3.0,
  200.      lc('lvs-users-admin@LinuxVirtualServer.org')    => -3.0,
  201.      lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
  202.  
  203.      # soft-blacklisting (positive score)
  204.      'sender@example.net'                     =>  3.0,
  205.      '.example.net'                           =>  1.0,
  206.  
  207.    },
  208.   ],  # end of site-wide tables
  209. });
  210.  
  211. 1;  # ensure a defined return

Quellcode

Hier kannst du den Code kopieren und ihn in deinen bevorzugten Editor einfügen. PASTEBIN_DOWNLOAD_SNIPPET_EXPLAIN