--- amavisd-new.orig/amavisd.conf-sample 2006-06-27 13:31:44.000000000 +0200 +++ amavisd-new/amavisd.conf-sample 2006-08-06 00:22:10.986675750 +0200 @@ -63,7 +63,7 @@ # $MYHOME serves as a quick default for some other configuration settings. # More refined control is available with each individual setting further down. # $MYHOME is not used directly by the program. No trailing slash! -#$MYHOME = '/var/lib/amavis'; # (default is '/var/amavis'), -H +$MYHOME = '/var/spool/amavis'; # (default is '/var/amavis'), -H # $mydomain serves as a quick default for some other configuration settings. # More refined control is available with each individual setting further down. @@ -74,16 +74,16 @@ # Set the user and group to which the daemon will change if started as root # (otherwise just keeps the UID unchanged, and these settings have no effect): -$daemon_user = 'vscan'; # (no default; customary: vscan or amavis), -u -$daemon_group = 'vscan'; # (no default; customary: vscan or amavis), -g +$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u +$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g # Runtime working directory (cwd), and a place where # temporary directories for unpacking mail are created. # (no trailing slash, may be a scratch file system) -$TEMPBASE = $MYHOME; # (must be set if other config vars use is), -T +$TEMPBASE = $MYHOME/runtime; # (must be set if other config vars use is), -T #$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean? -#$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db", -D +$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db", -D # $helpers_home sets environment variable HOME, and is passed as option # 'home_dir_for_helpers' to Mail::SpamAssassin::new. It should be a directory @@ -93,8 +93,8 @@ # Run the daemon in the specified chroot jail if nonempty: #$daemon_chroot_dir = $MYHOME; # (default is undef, meaning: do not chroot), -R -#$pid_file = "$MYHOME/amavisd.pid"; # (default is "$MYHOME/amavisd.pid"), -P -#$lock_file = "$MYHOME/amavisd.lock"; # (default is "$MYHOME/amavisd.lock"), -L +$pid_file = "/var/run/amavisd/amavisd.pid"; # (default is "$MYHOME/amavisd.pid"), -P +$lock_file = "/var/run/amavisd/amavisd.lock"; # (default is "$MYHOME/amavisd.lock"), -L # set environment variables if you want (no defaults): $ENV{TMPDIR} = $TEMPBASE; # wise to set TMPDIR, but not obligatory @@ -112,6 +112,8 @@ #$forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail #$notify_method = $forward_method; # where to submit notifications +#@auth_mech_avail = ('PLAIN','LOGIN'); # empty list disables incoming AUTH + #$os_fingerprint_method = 'p0f:127.0.0.1:2345'; # query p0f-analyzer.pl # To make it possible for several hosts to share one content checking daemon, @@ -171,7 +173,7 @@ # and see further down what these two lookup lists really mean. # # @bypass_virus_checks_maps = (1); # uncomment to DISABLE anti-virus code -# @bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code +@bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code # # Any setting can be changed with a new assignment, so make sure # you do not unintentionally override these settings further down! @@ -217,8 +219,8 @@ # AMAVIS-CLIENT PROTOCOL INPUT SETTINGS (e.g. with amavisd-release, or # sendmail milter through helper clients like amavis-milter.c and amavis.c) # option(s) -p overrides $inet_socket_port and $unix_socketname -$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket -#$unix_socketname = undef; # disable listening on a unix socket +#$unix_socketname = "/var/run/amavisd/amavisd.sock"; # amavis helper protocol socket +$unix_socketname = undef; # disable listening on a unix socket # (default is undef, i.e. disabled) # (usual setting is $MYHOME/amavisd.sock) @@ -301,7 +303,7 @@ # choose from: emerg, alert, crit, err, warning, notice, info, debug # Log file (if not using syslog) -$LOGFILE = "$MYHOME/amavis.log"; # (defaults to empty, no log) +#$LOGFILE = "$MYHOME/amavis.log"; # (defaults to empty, no log) #NOTE: levels are not strictly observed and are somewhat arbitrary # 0: startup/exit/failure messages, viruses detected @@ -310,7 +312,7 @@ # 3: server, client # 4: decompose parts # 5: more debug details -$log_level = 2; # (defaults to 0), -d +#$log_level = 2; # (defaults to 0), -d # Customizable template for the most interesting log file entry (e.g. with # $log_level=0) (take care to properly quote Perl special characters like '\') @@ -684,7 +686,8 @@ # or a directory (no trailing slash) # (the default value is undef, meaning no quarantine) # -$QUARANTINEDIR = '/var/virusmails'; # -Q +#$QUARANTINEDIR = '/var/virusmails'; # -Q +$QUARANTINEDIR = '/var/spool/amavis/virusmails'; # -Q #$quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine @@ -1806,13 +1809,13 @@ # ['Sophos SAVI', \&sophos_savi ], # ### http://www.clamav.net/ -# ['ClamAV-clamd', -# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], -# qr/\bOK$/, qr/\bFOUND$/, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], -# # NOTE: the easiest is to run clamd under the same user as amavisd; match the -# # socket name (LocalSocket) in clamav.conf to the socket name in this entry -# # When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"], + ['ClamAV-clamd', + \&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd.socket"], + qr/\bOK$/, qr/\bFOUND$/, + qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], +# NOTE: the easiest is to run clamd under the same user as amavisd; match the +# socket name (LocalSocket) in clamav.conf to the socket name in this entry +# When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"], # ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred) # ['Mail::ClamAV', \&ask_clamav, "*", [0], [1], qr/^INFECTED: (.+)/], @@ -1969,10 +1972,11 @@ # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783 - ### http://mks.com.pl/english.html - ['MkS_Vir for Linux (beta)', ['mks32','mks'], - '-s {}/*', [0], [1,2], - qr/--[ \t]*(.+)/ ], +# Moved to secondary scanner +# ### http://mks.com.pl/english.html +# ['MkS_Vir for Linux (beta)', ['mks32','mks'], +# '-s {}/*', [0], [1,2], +# qr/--[ \t]*(.+)/ ], ### http://mks.com.pl/english.html ['MkS_Vir daemon', 'mksscan', @@ -2175,6 +2179,10 @@ # ], # # other options to consider: -mime -oe -idedir=/usr/local/sav + ['MkS_Vir for Linux (beta)', ['mks32','mks'], + '-s {}/*', [0], [1,2], + qr/--[ \t]*(.+)/ ], + # always succeeds (uncomment to consider mail clean if all other scanners fail) # ['always-clean', sub {0}],