use strict; # # Place your configuration directives here. They will override those in # earlier files. # # See /usr/share/doc/amavisd-new/ for documentation and examples of # the directives you can use in this file # # GENERAL $MYHOME = '/var/lib/amavis'; $mydomain = 'exemple.com'; $myhostname = 'exemple.com'; $max_servers = 4; $max_requests = 20; $child_timeout = 5*60; read_hash(\%local_domains, '/etc/amavis/local_domains'); @mynetworks = qw( 127.0.0.0/8 ); @mynetworks_maps = (\@mynetworks); # LOGGING AND DEBUGGING $DO_SYSLOG = 1; # MTA INTERFACE - INPUT $inet_socket_port = 10024; $inet_socket_bind = '127.0.0.1'; @inet_acl = qw(127.0.0.1 [::1]); $insert_received_line = 0; $unix_socketname = undef; # MTA INTERFACE - OUTPUT # MAIL FORWARDING $forward_method = 'smtp:[127.0.0.1]:10025'; # QUARANTINE $QUARANTINEDIR = "$MYHOME/virusmails"; $virus_quarantine_method = 'local:virus-%m'; $spam_quarantine_method = 'local:spam-%m'; $banned_files_quarantine_method = 'local:banned-%m'; $bad_header_quarantine_method = 'local:badh-%m'; $virus_quarantine_to = "virus\@$mydomain; $banned_quarantine_to = undef; $bad_header_quarantine_to = undef; $spam_quarantine_to = "spam\@$mydomain"; # NOTIFICATIONS $notify_method = $forward_method; $mailfrom_notify_admin = "postmaster\@$mydomain"; $mailfrom_notify_recip = "postmaster\@$mydomain"; $mailfrom_notify_spamadmin = "postmaster\@$mydomain"; $warnvirussender = undef; $warnvirusrecip = undef; $virus_admin = undef; $warnbannedsender = undef; $warnbadhsender = undef; $warnbannedrecip = undef; $warnspamsender = undef; $warn_offsite = 1; # ADDING ADDRESS EXTENSIONS TO RECIPIENTS - 'plus addressing' # MAIL DECODING # BAD HEADER $final_bad_header_destiny = D_PASS; # ANTI-VIRUS AND INVALID/FORBIDDEN CONTENTS CONTROLS @bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); @bypass_virus_checks_acl = map ( {'!'.$_} keys(%local_domains)); push(@bypass_virus_checks_acl,'.'); $final_virus_destiny = D_DISCARD; $first_infected_stops_scan = 1; # BANNING $final_banned_destiny = D_PASS; # ANTI-SPAM CONTROLS @bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); @bypass_spam_checks_acl = map ( {'!'.$_} keys(%local_domains)); push(@bypass_spam_checks_acl,'.'); $final_spam_destiny = D_DISCARD; $sa_local_tests_only = undef; $sa_auto_whitelist = undef; $sa_tag_level_deflt = -1000; # Ajout d'en-tetes decrivant l'etat "spam" du mail $sa_tag2_level_deflt = 5; # Modification du sujet pour cette note $sa_kill_level_deflt = 7; # Mise en quarantaine si > a cette note $sa_dsn_cutoff_level = undef; $sa_spam_subject_tag = '***SPAM*** '; $sa_spam_modifies_subj = undef; # Whitelist @whitelist_sender_acl = qw( .blabla.fr ); # MAPPING A CONTENTS CATEGORY TO A SETTING CHOSEN # POLICY BANKS $policy_bank{'MYNETS'} = { bypass_spam_checks_maps => [1], bypass_banned_checks_maps => [1] }; #------------ Do not modify anything below this line ------------- 1; # insure a defined return # vim: filetype=perl
Contenu du fichier /etc/amavis/local_domains :
exemple.com exmeple.org ...
Editez le fichier /etc/postfix/master.cf :
smtp inet n - - - - smtpd
en :
smtp inet n - - - - smtpd -o content_filter=smtp-amavis:[127.0.0.1]:10024
127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 smtp-amavis unix - - - - 4 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes
pyzor discover pyzor ping
Remarques :
public.pyzor.org:24441
su - amavis razor-admin -discover razor-admin -create razor-admin -register -user postmaster@test.com razor-admin -discover
Remarque :
apt-get install arc arj bzip2 cabextract gzip lzop p7zip pax ripole rpm2cpio unrar-free zip zoo
Il peut arriver après un certain temps que le filtrage bayésien d'Amavis (utilisant Spamassasin) devienne efficace qu'auparavant. Il peut alors être nécessaire de réinitialiser la base de filtrage. Pour cela :
su - amavis sa-learn --clear exit service amavis restart
Amavis peut s'occuper de la signature DKIM de vos mails sortant. Pour cela :
$ su - amavis $ mkdir /var/lib/amavis/db/dkim $ /usr/sbin/amavisd-new genrsa /var/lib/amavis/db/dkim/example.com.key.pem Private RSA key successfully written to file "/var/lib/amavis/db/dkim/example.com.key.pem" (1024 bits, PEM format)
$ su - amavis $ /usr/sbin/amavisd-new show showkeys ; key#1, domain example.com, /var/lib/amavis/db/dkim/example.com.key.pem main._domainkey.example.com. 3600 TXT ( "v=DKIM1; p=" "MIGfMA0GCSqGSXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" "XXXXXXXXXXXXXXXXXXQAB")
$enable_dkim_verification = 1; dkim_key("example.com", "main", "/var/lib/amavis/db/dkim/example.com.key.pem"); @dkim_signature_options_bysender_maps = ( { "." => { ttl => 21*24*3600, c => "relaxed/simple" } } );
enable_dkim_signing => 1,
$ su - amavis $ /usr/sbin/amavisd-new testkeys TESTING#1: main._domainkey.example.com => pass