Policy enforcement
Christian Rößner
c at roessner-network-solutions.com
Thu Sep 18 08:31:21 CEST 2014
Hi,
I have two Postfix instances. One is submission, the other a combined mxin/mxout/hub.
I do amavisd-milter on incoming and outgoing mail on the mxin/mxout.
On the mxout I give a ORIGINATINg macro to do a special policy-bank for submission users that does not check spam (for legal reasons). But it does check for viruses. I have set the final_virus_destiny to D_BOUNCE.
I also have a special policy-bank for the EICA-test virus. That should also do a D_BOUNCE.
Sep 18 08:18:33 mx amavis[4588]: (04588-01) Blocked INFECTED (Eicar-Test-Signature) {NoBounceOutbound,Quarantined}, AM.PDP-SOCK/ORIGINATING/EICAR_TEST LOCAL [193.239.107.42] [193.239.106.201] <c at roessner-network-solutions.com> -> <cr at deltaweb.de>, quarantine: nErWWT6nkl_s, Queue-ID: 3hz7KN0rRqzGp0j, Message-ID: <209C73CC-2067-44C9-AAAE-5F5D68790090 at roessner-network-solutions.com>, mail_id: nErWWT6nkl_s, Hits: -, size: 6628, 1400 ms, EICAR test message, not to worry
Sep 18 08:18:33 mx amavis[4588]: (04588-01) Blocked INFECTED (Eicar-Test-Signature), <c at roessner-network-solutions.com> -> <cr at deltaweb.de>, Hits: -, tag=0, tag2=0, kill=0, 0/0/0/0
Sep 18 08:18:33 mx amavisd-milter[2425]: 3hz7KN0rRqzGp0j: log_id=04588-01
Sep 18 08:18:33 mx amavisd-milter[2425]: 3hz7KN0rRqzGp0j: return_value=discard
Sep 18 08:18:33 mx postfix/cleanup[4642]: 3hz7KN0rRqzGp0j: milter-discard: END-OF-MESSAGE from mail.roessner-net.de[193.239.107.42]: milter triggers DISCARD action; from=<c at roessner-network-solutions.com> to=<cr at deltaweb.de> proto=ESMTP helo=<mail.roessner-net.de>
Unfortunately it is not bounced and it gets discarded. Only the postmaster does get a notify that a virus was caught.
Here are the settings that I focused on:
$policy_bank{'ORIGINATING'} = {
originating => 1,
final_banned_destiny => D_BOUNCE,
final_virus_destiny => D_BOUNCE,
allow_disclaimers => 1,
bypass_spam_checks_maps => [1],
enable_ldap => 0,
};
$policy_bank{'EICAR_TEST'} = {
log_templ => $log_short_templ . ', EICAR test message, not to worry',
final_destiny_maps_by_ccat => { CC_VIRUS() => D_BOUNCE },
};
$warn_offsite = 0;
$warnbannedsender = 0;
$warnbannedrecip = 1;
$warnvirussender = 0;
$warnvirusrecip = 1;
$warnbadhsender = 0;
$warnbadhrecip = 0;
$final_virus_destiny = D_REJECT;
%final_destiny_maps_by_ccat = (
CC_VIRUS, sub { c('final_virus_destiny') },
CC_BANNED, sub { c('final_banned_destiny') },
CC_UNCHECKED, sub { c('final_unchecked_destiny') },
CC_UNCHECKED.',1', D_PASS,
CC_SPAM, sub { c('final_spam_destiny') },
CC_BADH, sub { c('final_bad_header_destiny') },
CC_MTA.',1', D_TEMPFAIL,
CC_MTA.',2', D_REJECT,
CC_OVERSIZED, D_BOUNCE,
CC_CATCHALL, D_PASS,
);
%admin_maps_by_ccat = (
CC_VIRUS, sub { ca('virus_admin_maps') },
CC_BANNED, sub { ca('banned_admin_maps') },
CC_UNCHECKED, sub { ca('virus_admin_maps') },
CC_UNCHECKED.',1', undef,
CC_SPAM, sub { ca('spam_admin_maps') },
CC_BADH, sub { ca('bad_header_admin_maps') },
);
I probably do not understand all meaning here, so I guess I misconfigured something. Does the order play a role, in which settings have been done here? I have copied all relevant snippets in the order they appear in my config file.
Can I turn a NoBounceOutbound?
Thanks in advance
Christian
--
Bachelor of Science Informatik
Erlenwiese 14, 36304 Alsfeld
T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345
USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3089 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20140918/2afcede9/attachment.bin>
More information about the amavis-users
mailing list