Trying to warn senders of virus/spam

Alexander Hoogerhuis via amavis-users amavis-users at
Sat Mar 8 20:10:00 CET 2014

My setup has a few policy banks, one of them being "ORIGINATING".

I have multiple different internal domains being filtered, and I'd like 
to be able to send warnings back to various different recipients 
depending what domain is trying to send virus/spam.

Currently I've hacked up this:

> $policy_bank{'ORIGINATING'} = {  # mail supposedly originating from our users
>   originating => 1,  # declare that mail was submitted by our smtp client
>   virus_admin_maps => [ {
>    ''      => 'support at',
>    ''   => 'support at',
>    '.'                  => 'foo at',
>   } ],
>   # forward to a smtpd service providing DKIM signing service
>   forward_method => 'smtp:[]:10027',
>   # force MTA conversion to 7-bit (e.g. before DKIM signing)
>   smtpd_discard_ehlo_keywords => ['8BITMIME'],
>   bypass_banned_checks_maps => [1],  # allow sending any file names and types
>   terminate_dsn_on_notify_success => 0,  # don't remove NOTIFY=SUCCESS option
> };

But virus_admin_maps seems to be based on recipient domain, not sender's 

Is there any way to turn this on it's head so I can mail of warnings to 
bad sender's IT departments?

(And yes, this is to get warnings back to our own internal groups, we 
are not planning on having having the policy banks dealing with incoming 
mail do this, we are not going to bounce piles of crap to innocent 
people that are victims of fake sender names)

Alexander Hoogerhuis |
Boxed Solutions AS   | +47 908 21 485 - alexh at
"Given enough eyeballs, all bugs are shallow." -Eric S. Raymond

More information about the amavis-users mailing list