Notify Sender when a virus is detected

Damien Robinet damien at
Wed May 25 14:54:17 CEST 2011

Hi Gary,

Not, it's not possible, because if you have a SMTP login to my server,
I check if you use the good FROM.

I start my policy with that:
if($attr{"sasl_username"} =~ /^[\w\.-_]+\@[\w\.-]+$/) {

One example of my rule:
                if($status == 0) {
                        my $track1 = $mysql->prepare("SELECT domain
FROM mail_rewrite WHERE domain = '\@$sender_from' AND goto =
                        if(my $ref1 = $track1->fetchrow_hashref()) {
                                $status = 1;

And if the sender (from) are not allowed with the sasl login:
                        return "reject Sender address $sender_from not
owned by $sender_domain";

If the sender match, i return "dunno".

I use my policy with the smtpd_end_of_data_restrictions of postfix :)


2011/5/24 Gary V <mr88talent at>:
> I think if it's a virus it could still fake sender address regardless
> of whether it comes from trusted networks or authenticated clients. I
> think if it is smart enough to be able to relay through your server,
> it would at least be smart enough to attempt forging the sender
> address. Same applies to spam or banned files that are created by
> spambots/malware or whatever.
> --
> Gary V

More information about the amavis-users mailing list