Ceci est une ancienne révision du document !
Exemple de fichier de configuration : //50-user//
use strict; # # Place your configuration directives here. They will override those in # earlier files. # # See /usr/share/doc/amavisd-new/ for documentation and examples of # the directives you can use in this file # # GENERAL $MYHOME = '/var/lib/amavis'; # (default is '/var/amavis') $mydomain = 'test.com'; # (no useful default) #$myhostname = //; $daemon_user = 'amavis'; # (no default (undef)) $daemon_group = 'amavis'; # (no default (undef)) $TEMPBASE = $MYHOME; # (must be set if other config vars use is) #$helpers_home = $MYHOME; # (defaults to $MYHOME) $pid_file = "/var/run/amavis/amavisd.pid"; # (default: "$MYHOME/amavisd.pid") $lock_file = "/var/run/amavis/amavisd.lock"; # (default: "$MYHOME/amavisd.lock") $ENV{TMPDIR} = $TEMPBASE; # wise to set TMPDIR, but not obligatory $max_servers = 2; # number of pre-forked children (default 2) $max_requests = 10; # retire a child after that many accepts (default 10) $child_timeout=5*60; # abort child if it does not complete each task in n sec # (default: 8*60 seconds) read_hash(\%local_domains, '/etc/amavis/local_domains'); #... @local_domains_acl = ( ".test.com" ); # LOGGING AND DEBUGGING $DO_SYSLOG = 1; # (defaults to false) #$SYSLOG_LEVEL = 'user.info'; # (facility.priority, default 'mail.info') #NOTE: levels are not strictly observed and are somewhat arbitrary # 0: startup/exit/failure messages, viruses detected # 1: args passed from client, some more interesting messages # 2: virus scanner output, timing # 3: server, client # 4: decompose parts # 5: more debug details $log_level = 0; # (defaults to 0) # MTA INTERFACE - INPUT $inet_socket_port = 10024; # accept SMTP on this local TCP port $inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface @inet_acl = qw( 127.0.0.1 [::1]); # allow SMTP access only from localhost IP $insert_received_line = 1; $unix_socketname = undef; # disable listening on a unix socket # MTA INTERFACE - OUTPUT # Mail Forwarding $forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail # NOTIFICATIONS $notify_method = $forward_method; # where to submit notifications #$mailfrom_notify_admin = "virusalert\@$mydomain"; #$mailfrom_notify_recip = "virusalert\@$mydomain"; #$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; $warn_offsite = undef; # (defaults to false (undef), i.e. only notify locals) # BAD HEADER $final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested $bad_header_quarantine_to = undef; $warnbadhsender = undef; # (defaults to false (undef)) # ANTI-VIRUS AND INVALID/FORBIDDEN CONTENTS CONTROLS @bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); @bypass_virus_checks_acl = map ( {'!'.$_} keys(%local_domains)); push(@bypass_virus_checks_acl,'.'); $final_virus_destiny = D_BOUNCE; # (defaults to D_BOUNCE) $virus_quarantine_to = 'virus@test.com'; $first_infected_stops_scan = 1; # default is false, all scanners are called $X_HEADER_TAG = 'X-Virus-Scanned'; # (default: undef) $remove_existing_x_scanned_headers = undef; # leave existing X-Virus-Scanned alone $replace_existing_extension = 1; # (default is false) $localpart_is_case_sensitive = undef; # (default is false) $warnvirussender = 1; # (defaults to false (undef)) $warnvirusrecip = 1; # (defaults to false (undef)) $virus_admin = "postmaster\@$mydomain"; # due to D_DISCARD default # BANNING $final_banned_destiny = D_PASS; # (defaults to D_BOUNCE) $banned_quarantine_to = undef; $warnbannedrecip = 1; # (defaults to false (undef)) $warnbannedsender = 1; # (defaults to false (undef)) #$banned_filename_re = new_RE( ## qr'^UNDECIPHERABLE$', # is or contains any undecipherable components # qr'\.[^.]*\.(exe|vbs|pif|scr|bat|cmd|com|dll)$'i, # some double extensions # qr'[{}]', # curly braces in names (serve as Class ID extensions - CLSID) ## qr'.\.(exe|vbs|pif|scr|bat|cmd|com)$'i, # banned extension - basic ## qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js| ## jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb| ## vbe|vbs|wsc|wsf|wsh)$'ix, # banned extension - long ## qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab. ## qr'^\.(zip|lha|tnef|cab)$'i, # banned file(1) types ## qr'^\.exe$'i, # banned file(1) types ## qr'^application/x-msdownload$'i, # banned MIME types ## qr'^application/x-msdos-program$'i, # qr'^message/partial$'i, # rfc2046. this one is deadly for Outcrook ## qr'^message/external-body$'i, # block rfc2046 #); # ANTI-SPAM CONTROLS @bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); @bypass_spam_checks_acl = map ( {'!'.$_} keys(%local_domains)); push(@bypass_spam_checks_acl,'.'); $final_spam_destiny = D_BOUNCE; # (defaults to D_REJECT) $sa_local_tests_only = undef; # (default: false) $sa_auto_whitelist = undef; # defaults to undef $sa_tag_level_deflt = -10000; # add spam info headers if at, or above that level $sa_tag2_level_deflt = 6; # add 'spam detected' headers at that level $sa_kill_level_deflt = 12; # triggers spam evasive actions $sa_dsn_cutoff_level = undef; # spam level beyond which a DSN is not sent, # effectively turning D_BOUNCE into D_DISCARD; # undef disables this feature and is a default; $sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disabled) $sa_spam_modifies_subj = 0; # may be a ref to a lookup table, default is true $remove_existing_spam_headers = 0; # remove existing spam headers if $spam_quarantine_to = "spam\@test.com"; $warnspamsender = 1; # (defaults to false (undef)) #------------ Do not modify anything below this line ------------- 1; # insure a defined return # vim: filetype=perl
Signification D_PASS, D_REJECT, D_BOUNCE, D_DISCARD
- D_PASS :
- Le message sera distribué aux destinataires.
- A utiliser en général pour le marquage de spam.
- D_BOUNCE :
- Le message sera stoppé et une notification généré par AMAVIS sera envoyé.
- D_DISCARD :
- Le message sera stoppé de façon discrète et aucune notification ne sera envoyé.
- D_REJECT :
- Le message sera stoppé et une notification SMTP (non-delivery) sera envoyé.
Pyzor
pyzor discover pyzor ping
Remarques :
- Firewalling : le port 24441 UDP doit être ouvert vers l'extérieur.
- Si le discover pause problème. Ouvrir le fichier ~/.pyzor/servers et mettre dans le fichier :
82.94.255.100:24441
Razor
su - amavis razor-admin -discover razor-admin -create razor-admin -register -user postmaster@test.com razor-admin -discover
Remarque :
- Firewalling : le port 2703 TCP doit être ouvert vers l'extérieur.