--- ./amavisd.conf-sample.org 2006-05-23 12:01:01.000000000 +0200 +++ ./amavisd.conf-sample 2006-05-23 11:59:26.000000000 +0200 @@ -63,27 +63,31 @@ # $MYHOME serves as a quick default for some other configuration settings. # More refined control is available with each individual setting further down. # $MYHOME is not used directly by the program. No trailing slash! -#$MYHOME = '/var/lib/amavis'; # (default is '/var/amavis') +$MYHOME = '/var/spool/amavis'; # (default is '/var/amavis') # $mydomain serves as a quick default for some other configuration settings. # More refined control is available with each individual setting further down. # $mydomain is never used directly by the program. -$mydomain = 'example.com'; # (no useful default) +#$mydomain = 'example.com'; # (no useful default) + +# This seems to be prefixed to host's domain name. +# You may get mail rejects of virus information as send from not +# existing host ( virusalert@localhost.whatever.your.domain.is ) +$mydomain = 'mail.whatever.your.domain.is'; # (no useful default) # $myhostname = 'host.example.com'; # fqdn of this host, default by uname(3) # Set the user and group to which the daemon will change if started as root # (otherwise just keeps the UID unchanged, and these settings have no effect): -$daemon_user = 'vscan'; # (no default; customary: vscan or amavis) -$daemon_group = 'vscan'; # (no default; customary: vscan or amavis or sweep) +$daemon_user = 'amavis'; # (no default; customary: vscan or amavis) +$daemon_group = 'amavis'; # (no default; customary: vscan or amavis or sweep) # Runtime working directory (cwd), and a place where # temporary directories for unpacking mail are created. # (no trailing slash, may be a scratch file system) -$TEMPBASE = $MYHOME; # (must be set if other config vars use is) -#$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean? +$TEMPBASE = "$MYHOME/runtime"; # (must be set if other config vars use is) -#$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db" +$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db" # $helpers_home sets environment variable HOME, and is passed as option # 'home_dir_for_helpers' to Mail::SpamAssassin::new. It should be a directory @@ -93,8 +97,8 @@ # Run the daemon in the specified chroot jail if nonempty: #$daemon_chroot_dir = $MYHOME; # (default is undef, meaning: do not chroot) -#$pid_file = "$MYHOME/amavisd.pid"; # (default is "$MYHOME/amavisd.pid") -#$lock_file = "$MYHOME/amavisd.lock"; # (default is "$MYHOME/amavisd.lock") +$pid_file = "/var/run/amavisd/amavisd.pid"; # (default is "$MYHOME/amavisd.pid") +$lock_file = "/var/run/amavisd/amavisd.lock"; # (default is "$MYHOME/amavisd.lock") # set environment variables if you want (no defaults): $ENV{TMPDIR} = $TEMPBASE; # wise to set TMPDIR, but not obligatory @@ -112,6 +116,8 @@ #$forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail #$notify_method = $forward_method; # where to submit notifications +# @auth_mech_avail = ('PLAIN','LOGIN'); # empty list disables incoming AUTH + #$os_fingerprint_method = 'p0f:127.0.0.1:2345'; # query p0f-analyzer.pl # To make it possible for several hosts to share one content checking daemon, @@ -171,7 +177,7 @@ # and see further down what these two lookup lists really mean. # # @bypass_virus_checks_maps = (1); # uncomment to DISABLE anti-virus code -# @bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code +@bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code # # Any setting can be changed with a new assignment, so make sure # you do not unintentionally override these settings further down! @@ -217,8 +223,8 @@ # AMAVIS-CLIENT PROTOCOL INPUT SETTINGS (e.g. with sendmail milter) # (used with amavis helper clients like amavis-milter.c and amavis.c, # NOT needed for Postfix or Exim or dual-sendmail - keep it undefined. -$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket -#$unix_socketname = undef; # disable listening on a unix socket +#$unix_socketname = "/var/run/amavisd/amavisd.sock"; # amavis helper protocol socket +$unix_socketname = undef; # disable listening on a unix socket # (default is undef, i.e. disabled) # (usual setting is $MYHOME/amavisd.sock) @@ -301,7 +307,7 @@ # choose from: emerg, alert, crit, err, warning, notice, info, debug # Log file (if not using syslog) -$LOGFILE = "$MYHOME/amavis.log"; # (defaults to empty, no log) +#$LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log) #NOTE: levels are not strictly observed and are somewhat arbitrary # 0: startup/exit/failure messages, viruses detected @@ -310,7 +316,7 @@ # 3: server, client # 4: decompose parts # 5: more debug details -$log_level = 2; # (defaults to 0) +#$log_level = 2; # (defaults to 0) # Customizable template for the most interesting log file entry (e.g. with # $log_level=0) (take care to properly quote Perl special characters like '\') @@ -684,7 +690,8 @@ # or a directory (no trailing slash) # (the default value is undef, meaning no quarantine) # -$QUARANTINEDIR = '/var/virusmails'; +#$QUARANTINEDIR = '/var/virusmails'; +$QUARANTINEDIR = '/var/spool/amavis/virusmails'; #$quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine @@ -1788,13 +1795,13 @@ # ['Sophos SAVI', \&sophos_savi ], # ### http://www.clamav.net/ -# ['ClamAV-clamd', -# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], -# qr/\bOK$/, qr/\bFOUND$/, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], -# # NOTE: the easiest is to run clamd under the same user as amavisd; match the -# # socket name (LocalSocket) in clamav.conf to the socket name in this entry -# # When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"], + ['Clam AntiVirus-clamd', + \&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd.socket"], + qr/\bOK$/, qr/\bFOUND$/, + qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], + # NOTE: the easiest is to run clamd under the same user as amavisd; match the + # socket name (LocalSocket) in clamav.conf to the socket name in this entry + # When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"], # ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred) # ['Mail::ClamAV', \&ask_clamav, "*", [0], [1], qr/^INFECTED: (.+)/], @@ -1956,10 +1963,11 @@ '-s {}/*', [0], [1,2], qr/--[ \t]*(.+)/ ], - ### http://mks.com.pl/english.html - ['MkS_Vir daemon', 'mksscan', - '-s -q {}', [0], [1..7], - qr/^... (\S+)/ ], +# Moved to secondary scanner +# ### http://mks.com.pl/english.html +# ['MkS_Vir daemon', 'mksscan', +# '-s -q {}', [0], [1..7], +# qr/^... (\S+)/ ], ### http://www.nod32.com/ ['ESET Software NOD32 Command Line Interface v 2.51', 'nod32cli', @@ -2157,6 +2165,10 @@ # ], # # other options to consider: -mime -oe -idedir=/usr/local/sav + ['MkS_Vir for Linux (beta)', ['mks32','mks'], + '-s {}/*', [0], [1,2], + qr/--[ \t]*(.+)/ ], + # always succeeds (uncomment to consider mail clean if all other scanners fail) # ['always-clean', sub {0}],