-diff -ur amavisd-new-20021227.orig/amavisd amavisd-new-20021227/amavisd
---- amavisd-new-20021227.orig/amavisd Mon Dec 30 17:36:10 2002
-+++ amavisd-new-20021227/amavisd Tue Jan 7 18:00:57 2003
-@@ -214,7 +214,7 @@
- #
- # Receiving mail related
-
--# $unix_socketname = '/var/amavis/amavisd.sock'; # traditional amavis client protocol
-+# $unix_socketname = '/var/spool/amavis/runtime/amavisd.sock'; # traditional amavis client protocol
- # $inet_socket_port = 10024; # accept SMTP on this TCP port
- $inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface
-
-@@ -223,7 +223,7 @@
- $gets_addr_in_quoted_form = 0;
-
- # Temporary directory
--$TEMPBASE = "/var/amavis";
-+$TEMPBASE = "/var/spool/amavis/runtime";
-
- $notify_method = 'smtp:127.0.0.1:10025';
- $forward_method = 'smtp:127.0.0.1:10025';
-diff -ur amavisd-new-20021227.orig/amavisd.conf amavisd-new-20021227/amavisd.conf
---- amavisd-new-20021227.orig/amavisd.conf Fri Dec 27 16:04:17 2002
-+++ amavisd-new-20021227/amavisd.conf Tue Jan 7 18:00:02 2003
-@@ -40,7 +40,7 @@
- $daemon_group = 'amavis'; # (no default)
-
- # Runtime directory (no trailing slash, defaults to '/var/amavis')
--$TEMPBASE = '/var/amavis';
-+$TEMPBASE = '/var/spool/amavis/runtime';
-
-
- # MTA SETTINGS, UNCOMMENT AS APPROPRIATE, defaults to 'smtp:127.0.0.1:10025'
-@@ -59,7 +59,7 @@
- #$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -i -f ${sender} -- ${recipient}';
-
-
--#$daemon_chroot_dir = '/var/amavis'; # (default is undef => do not chroot)
-+#$daemon_chroot_dir = '/var/spool/amavis'; # (default is undef => do not chroot)
-
- #$pid_file = "$TEMPBASE/amavisd.pid"; # (default: "$TEMPBASE/amavisd.pid")
- #$lock_file = "$TEMPBASE/amavisd.lock"; # (default: "$TEMPBASE/amavisd.lock")
-@@ -221,12 +221,12 @@
- # assigning new text to template variables, or by reading template text
- # from files:
- #
--# $notify_sender_templ = read_text('/var/amavis/notify_sender.txt');
--# $notify_virus_sender_templ= read_text('/var/amavis/notify_virus_sender.txt');
--# $notify_virus_admin_templ = read_text('/var/amavis/notify_virus_admin.txt');
--# $notify_virus_recips_templ= read_text('/var/amavis/notify_virus_recips.txt');
--# $notify_spam_sender_templ = read_text('/var/amavis/notify_spam_sender.txt');
--# $notify_spam_admin_templ = read_text('/var/amavis/notify_spam_admin.txt');
-+# $notify_sender_templ = read_text('/var/spool/amavis/notify_sender.txt');
-+# $notify_virus_sender_templ= read_text('/var/spool/amavis/notify_virus_sender.txt');
-+# $notify_virus_admin_templ = read_text('/var/spool/amavis/notify_virus_admin.txt');
-+# $notify_virus_recips_templ= read_text('/var/spool/amavis/notify_virus_recips.txt');
-+# $notify_spam_sender_templ = read_text('/var/spool/amavis/notify_spam_sender.txt');
-+# $notify_spam_admin_templ = read_text('/var/spool/amavis/notify_spam_admin.txt');
-
- # Treat envelope sender address as unreliable and don't send
- # sender notification if name(s) of detected virus(es) match the list.
-@@ -255,9 +255,9 @@
- # for compatibility, which in turn defaults to undef (empty) )
- #
- $mailfrom_notify_sender = ''; # null reserse path. Should not be changed!
--$mailfrom_notify_admin = 'virusalert@example.com';
--$mailfrom_notify_recip = 'virusalert@example.com';
--$mailfrom_notify_spamadmin = 'spam.police@example.com';
-+$mailfrom_notify_admin = 'virusalert@localhost';
-+$mailfrom_notify_recip = 'virusalert@localhost';
-+$mailfrom_notify_spamadmin = 'spam.police@localhost';
-
- # 'From' HEADER FIELD for sender and admin notifications.
- # This should be a replyable address, see rfc1894. Not to be confused
-@@ -285,7 +285,7 @@
-
- # $virus_admin = undef; # do not send virus admin notifications (default)
- # $virus_admin = {'not.example.com' => '', '.' => 'virusalert@example.com'};
--$virus_admin = 'virus-admin@example.com';
-+$virus_admin = 'virus-admin@localhost';
-
- # equivalent to $virus_admin, but for spam admin notifications:
- # $spam_admin = undef; # do not send spam admin notifications (default)
-@@ -309,7 +309,7 @@
- # or a directory (no trailing slash)
- # (the default value is undef, meaning no quarantine)
- #
--$QUARANTINEDIR = '/var/virusmails';
-+$QUARANTINEDIR = '/var/spool/amavis/virusmails';
-
-
- # A finer control of quarantining is available through variable
-@@ -638,7 +638,7 @@
- # a hash lookup table can be read from a file,
- # one address per line, comments and empty lines are permitted:
- #
--read_hash(\%whitelist_sender, '/var/amavis/whitelist_sender');
-+read_hash(\%whitelist_sender, '/var/spool/amavis/whitelist_sender');
-
- # ... or set directly:
- map { $whitelist_sender{lc($_)}=1 } (qw(
-Only in amavisd-new-20021227: amavisd~
+diff -urp amavis-v2.12.1.orig/amavisd.conf amavis-v2.12.1/amavisd.conf
+--- amavis-v2.12.1.orig/amavisd.conf 2020-11-13 13:55:37.000000000 +0100
++++ amavis-v2.12.1/amavisd.conf 2021-01-24 21:25:54.841592502 +0100
+@@ -10,32 +10,32 @@ use strict;
+ # COMMONLY ADJUSTED SETTINGS:
+
+ # @bypass_virus_checks_maps = (1); # controls running of anti-virus code
+-# @bypass_spam_checks_maps = (1); # controls running of anti-spam code
++@bypass_spam_checks_maps = (1); # controls running of anti-spam code
+ # $bypass_decode_parts = 1; # controls running of decoders&dearchivers
+
+ # $myprogram_name = $0; # set to 'amavisd' or similar to avoid process name
+ # truncation in /proc/<pid>/stat and ps -e output
+
+ $max_servers = 2; # num of pre-forked children (2..30 is common), -m
+-$daemon_user = 'vscan'; # (no default; customary: vscan or amavis), -u
+-$daemon_group = 'vscan'; # (no default; customary: vscan or amavis), -g
++$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u
++$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g
+
+ $mydomain = 'example.com'; # a convenient default for other settings
+
+-# $MYHOME = '/var/amavis'; # a convenient default for other settings, -H
+-$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T
++$MYHOME = '/var/spool/amavis'; # a convenient default for other settings, -H
++$TEMPBASE = "$MYHOME/runtime"; # working directory, needs to exist, -T
+ $ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR, used by SA, etc.
+-$QUARANTINEDIR = '/var/virusmails'; # -Q
++$QUARANTINEDIR = '/var/spool/amavis/virusmails'; # -Q
+ # $quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine
+ # $release_format = 'resend'; # 'attach', 'plain', 'resend'
+ # $report_format = 'arf'; # 'attach', 'plain', 'resend', 'arf'
+
+ # $daemon_chroot_dir = $MYHOME; # chroot directory or undef, -R
+
+-# $db_home = "$MYHOME/db"; # dir for bdb nanny/cache/snmp databases, -D
++$db_home = "$MYHOME/db"; # dir for bdb nanny/cache/snmp databases, -D
+ # $helpers_home = "$MYHOME/var"; # working directory for SpamAssassin, -S
+-# $lock_file = "$MYHOME/var/amavisd.lock"; # -L
+-# $pid_file = "$MYHOME/var/amavisd.pid"; # -P
++$lock_file = "/var/run/amavisd/amavisd.lock"; # -L
++$pid_file = "/var/run/amavisd/amavisd.pid"; # -P
+ #NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually
+
+ $log_level = 0; # verbosity 0..5, -d
+@@ -55,7 +55,8 @@ $enable_dkim_signing = 1; # load DKIM
+ @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
+ 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
+
+-$unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-milter
++#$unix_socketname = "/var/run/amavisd/amavisd.sock"; # amavisd-release or amavis-milter
++$unix_socketname = undef; # disable listening on a unix socket
+ # option(s) -p overrides $inet_socket_port and $unix_socketname
+
+ $inet_socket_port = 10024; # listen on this local TCP port(s)
+@@ -382,16 +383,15 @@ $banned_filename_re = new_RE(
+ # qr/^(?:310|420)[,\s]*(?:.* <<< )?(.+?)(?: ; |$)/m ],
+ # settings for the SAVAPI3.conf: ArchiveScan=1, HeurLevel=2, MailboxScan=1
+
+-# ### http://www.clamav.net/
+-# ['ClamAV-clamd',
+-# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
+-# qr/\bOK$/m, qr/\bFOUND$/m,
+-# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
+-# # NOTE: run clamd under the same user as amavisd - or run it under its own
+-# # uid such as clamav, add user clamav to the amavis group, and then add
+-# # AllowSupplementaryGroups to clamd.conf;
+-# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
+-# # this entry; when running chrooted one may prefer a socket under $MYHOME.
++['ClamAV-clamd',
++ \&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd.socket"],
++ qr/\bOK$/, qr/\bFOUND$/,
++ qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
++# NOTE: run clamd under the same user as amavisd - or run it under its own
++# uid such as clamav, add user clamav to the amavis group, and then add
++# AllowSupplementaryGroups to clamd.conf;
++# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
++# this entry; when running chrooted one may prefer a socket under $MYHOME.
+
+ # ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred)
+ # # note that Mail::ClamAV requires perl to be build with threading!
+@@ -580,16 +580,21 @@ $banned_filename_re = new_RE(
+ # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer
+ # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783
+
+- ### http://mks.com.pl/english.html
+- ['MkS_Vir for Linux (beta)', ['mks32','mks'],
+- '-s {}/*', [0], [1,2],
+- qr/--[ \t]*(.+)/m ],
++# Moved to secondary scanner
++# ### http://mks.com.pl/english.html
++# ['MkS_Vir for Linux (beta)', ['mks32','mks'],
++# '-s {}/*', [0], [1,2],
++# qr/--[ \t]*(.+)/m ],
+
+ ### http://mks.com.pl/english.html
+ ['MkS_Vir daemon', 'mksscan',
+ '-s -q {}', [0], [1..7],
+ qr/^... (\S+)/m ],
+
++ ['MkS_Vir for Linux (beta)', ['mks32','mks'],
++ '-s {}/*', [0], [1,2],
++ qr/--[ \t]*(.+)/m ],
++
+ # ### http://www.nod32.com/, version v2.52 (old)
+ # ['ESET NOD32 for Linux Mail servers',
+ # ['/opt/eset/nod32/bin/nod32cli', 'nod32cli'],