Using altermime to change Subject header in BANNED email

[Josh Hamell]

Hi All,

I'm exploring the options available within the different detection
results (spam, banned, virus, bad header, unchecked), and would like to
mangle-but-pass the 'banned contents' emails along to users.  Nearly all
the traffic picked up by the banned routines (98%+) is from spammers
with what I can only presume to be some sort of malware payload.

On detection, I'd like:
 * Quarantine pristine/original email
 * All attachments removed
 * Information inserted into the email body stating all attachments were
removed, contact postmaster for release
 * Subject line to prepend "(ATTACHMENTS QUARANTINED)".
 * Altered email passed along to the user

In short, just in case the email and attachments are legitimate, I'd
like the stripping to be fully obvious.  And since most aren't
legitimate, minimize annoyance ($warnbannedrecip = 0;).

I have the following in /etc/amavis/conf.d/50-user:
> $final_banned_destiny     = D_PASS;
> $defang_banned='altermime';

As for the altermime args, the following works from the command line:

altermime --verbose --input=test-email --htmltoo
--disclaimer-html=/etc/amavis/banned-disclaimer.html
--disclaimer=/etc/amavis/banned-disclaimer.txt --alter-header="Subject"
--alter-with="(ATTACHMENTS QUARANTINED)" --alter-mode=prefix

However, it does not work (no Subject rewrite) when used in
@altermime_args_defang.  The only option that appears to work is the
--disclaimer.

Am I trying to abuse the amavis/altermime interaction in a way it
doesn't support?

Thank you,
Josh