Notifying banned file senders and policy banks ?

jarno.huuskonen+amavis at uef.fi jarno.huuskonen+amavis at uef.fi
Wed Apr 20 14:17:12 CEST 2011 

Hello,

I'm trying to use two different policy banks with amavisd-new(2.6.5):

MYNETS (tcp port 10026):
clients from local networks go to this policy (postfix:
  check_client_access    cidr:/etc/postfix/maps/mynetworks.cidr).
- emails are checked for viruses -> emails with viruses are discarded
  and nobody is notified
- emails are not spam checked
- emails are checked for unwanted attachments -> emails with unwanted
  attachments are quarantined and sender is notified (ONLY IF sender address
  matches my local domain).

INCOMING (tcp port 10024): postfix content_filter=lmtp2amavis:[127.0.0.1]:10024
- emails are checked for viruses -> emails with viruses are discarded
  and nobody is notified
- emails are spam checked: amavisd/spamassassin adds spam headers and
  messages are delivered (no notifications)
- emails are checked for unwanted attachments -> emails with unwanted
  attachments are quarantined and recipient is notified (ONLY IF
  recipient address is my local domain).

This is what I have in amavisd.conf, I think it kind of works (haven't tested
everything yet). I'd appreciate if somebody could take a look and
point out any obvious mistakes (especially notifications).

@local_domains_maps = ( [".$mydomain", 'uef.fi', 'restofourdomains.fi' ] );
$inet_socket_port = [10024,10026]; 
$interface_policy{'10024'} = 'INCOMING';
$interface_policy{'10026'} = 'MYNETS';

$policy_bank{'MYNETS'} = {
  originating => 1,
  os_fingerprint_method => undef,

  bypass_spam_checks_maps  => [ 1 ],
  first_infected_stops_scan => 1,

  virus_admin_maps => [ undef ], # Do NOT notify about viruses
  mailfrom_notify_admin   => "postmaster\@$mydomain",  # notifications sender
  mailfrom_notify_recip   => "postmaster\@$mydomain",  # notifications sender
  mailfrom_notify_spamadmin => "postmaster\@$mydomain", # notifications sender
  mailfrom_to_quarantine => '',

  # Banned notifications senders
  hdrfrom_notify_sender => "helpdesk <postmaster\@$mydomain>",

  final_virus_destiny      => D_DISCARD,
  final_banned_destiny     => D_BOUNCE, # D_DISCARD -> doesn't notify senders
  final_spam_destiny       => D_PASS,
  final_bad_header_destiny => D_PASS,
  bad_header_quarantine_method => undef,

 # Warn banned sender (if local domain)
  warn_offsite => undef, # warn_offsite doesn't match senders ...
                         # so the dsn_cutoff magic handles this

  # Only warn banned senders for our domains
  spam_dsn_cutoff_level_maps => [
  { '.' => -99.0 } ],

  spam_crediblefrom_dsn_cutoff_level_bysender_maps => [
    { lc(".$mydomain") => 99.0,
    'someotherourdomain.fi' => 99.0,
    '.' => -99.0 } ],
  # messages get spam score 0.00, if sender domain is not "ours", then
  # message gets dsn_cutoff -99.0 < 0.00 --> DSN disabled

  warnbannedrecip_maps => [ undef ],
  warnvirussender => undef,
  warnbadhsender => undef,
  warnvirusrecip_maps => [ undef ],
  warnbadhrecip_maps => [ undef ],
  notify_virus_sender_templ => read_text("/etc/amavisd-blocked-sender-template.txt"),

  # Don't quarantine viruses
  virus_quarantine_to_maps => [ undef ],
};


$policy_bank{'INCOMING'} = {
  originating => 0

  final_virus_destiny      => D_DISCARD,
  final_banned_destiny     => D_DISCARD,
  final_spam_destiny       => D_PASS,
  final_bad_header_destiny => D_PASS,
  bad_header_quarantine_method => undef,

  virus_admin_maps => [ undef ], # Do NOT notify about viruses
  mailfrom_notify_admin   => "postmaster\@$mydomain",  # notifications sender
  mailfrom_notify_recip   => "postmaster\@$mydomain",  # notifications sender
  mailfrom_notify_spamadmin => "postmaster\@$mydomain", # notifications sender
  mailfrom_to_quarantine => '',

  # Banned notifications senders
  hdrfrom_notify_recip  => "helpdesk <postmaster\@$mydomain>",

  warnvirussender => undef,
  warnbannedsender => undef,
  warnbadhsender => undef,
  warnvirusrecip_maps => [ undef ],
  warnbadhrecip_maps => [ undef ],
  notify_virus_recips_templ => read_text("/etc/amavisd-blocked-template.txt"),
  # Warn banned recipient (if local domain)
  warn_offsite => undef,
  warnbannedrecip_maps => [ 1 ], # should this include our localdomains ?

  # Don't quarantine viruses
  virus_quarantine_to_maps => [ undef ],
};

Thanks,
-Jarno

-- 
Jarno Huuskonen

More information about the amavis-users mailing list