Banned notify
Simon Brereton
simon.brereton at buongiorno.com
Tue May 15 18:42:23 CEST 2012
Hi Mark
I have this in my config:
grep -inr _admin /etc/amavis/conf.d/*
/etc/amavis/conf.d/20-debian_defaults:124:$virus_admin =
"postmaster\@$mydomain"; # due to D_DISCARD default
I like to get notified of viruses just in case one of my users gets
infected. However, I frequently get notifications like:
No viruses were found.
Banned name: .exe,.exe-ms,DHL report.exe
Content type: Banned
Internal reference code for the message is 16541-20/tWFdvtt+bT73
First upstream SMTP client IP address: [120.59.73.245]
According to a 'Received:' trace, the message originated at: [184.73.117.173],
[184.73.117.173] account peacocksb96 at kurdogluholding.com.tr HELO
kymea.xrjthjuwnchfczr.org
Return-Path: <underdevelopedjl76 at pacunion.com>
From: "DHL Inc." <status at dhl.com>
Message-ID: <6898465608.LAF1U37T578728 at lwhgidtiykp.pvrlzbekgrukn.net>
Subject: DHL Package delivery status
The message has been quarantined as: banned-tWFdvtt+bT73
This is because I have:
grep -inr banned /etc/amavis/conf.d/*
/etc/amavis/conf.d/20-debian_defaults:120:$final_banned_destiny =
D_DISCARD; # D_REJECT when front-end MTA
But I would like to not be informed of banned files (most of them are
phishing and are only .exe to get through the spam filters). How can
I enforce this?
Thanks.
Simon
More information about the amavis-users
mailing list