Policy enforcement

Christian Rößner c at roessner-network-solutions.com
Thu Sep 18 08:31:21 CEST 2014


Hi,

I have two Postfix instances. One is submission, the other a combined mxin/mxout/hub.

I do amavisd-milter on incoming and outgoing mail on the mxin/mxout.

On the mxout I give a ORIGINATINg macro to do a special policy-bank for submission users that does not check spam (for legal reasons). But it does check for viruses. I have set the final_virus_destiny to D_BOUNCE.

I also have a special policy-bank for the EICA-test virus. That should also do a D_BOUNCE.

Sep 18 08:18:33 mx amavis[4588]: (04588-01) Blocked INFECTED (Eicar-Test-Signature) {NoBounceOutbound,Quarantined}, AM.PDP-SOCK/ORIGINATING/EICAR_TEST LOCAL [193.239.107.42] [193.239.106.201] <c at roessner-network-solutions.com> -> <cr at deltaweb.de>, quarantine: nErWWT6nkl_s, Queue-ID: 3hz7KN0rRqzGp0j, Message-ID: <209C73CC-2067-44C9-AAAE-5F5D68790090 at roessner-network-solutions.com>, mail_id: nErWWT6nkl_s, Hits: -, size: 6628, 1400 ms, EICAR test message, not to worry
Sep 18 08:18:33 mx amavis[4588]: (04588-01) Blocked INFECTED (Eicar-Test-Signature), <c at roessner-network-solutions.com> -> <cr at deltaweb.de>, Hits: -, tag=0, tag2=0, kill=0, 0/0/0/0
Sep 18 08:18:33 mx amavisd-milter[2425]: 3hz7KN0rRqzGp0j: log_id=04588-01
Sep 18 08:18:33 mx amavisd-milter[2425]: 3hz7KN0rRqzGp0j: return_value=discard
Sep 18 08:18:33 mx postfix/cleanup[4642]: 3hz7KN0rRqzGp0j: milter-discard: END-OF-MESSAGE from mail.roessner-net.de[193.239.107.42]: milter triggers DISCARD action; from=<c at roessner-network-solutions.com> to=<cr at deltaweb.de> proto=ESMTP helo=<mail.roessner-net.de>

Unfortunately it is not bounced and it gets discarded. Only the postmaster does get a notify that a virus was caught.

Here are the settings that I focused on:

$policy_bank{'ORIGINATING'} = {
  originating                     => 1,
  final_banned_destiny            => D_BOUNCE,
  final_virus_destiny             => D_BOUNCE,
  allow_disclaimers               => 1,
  bypass_spam_checks_maps         => [1],
  enable_ldap                     => 0,
};

$policy_bank{'EICAR_TEST'} = {
  log_templ => $log_short_templ . ', EICAR test message, not to worry',
  final_destiny_maps_by_ccat      => { CC_VIRUS() => D_BOUNCE },
};

$warn_offsite = 0;
$warnbannedsender = 0;
$warnbannedrecip = 1;
$warnvirussender = 0;
$warnvirusrecip = 1;
$warnbadhsender = 0;
$warnbadhrecip = 0;

$final_virus_destiny = D_REJECT;

%final_destiny_maps_by_ccat = (
  CC_VIRUS,             sub { c('final_virus_destiny') },
  CC_BANNED,            sub { c('final_banned_destiny') },
  CC_UNCHECKED,         sub { c('final_unchecked_destiny') },
  CC_UNCHECKED.',1',    D_PASS,
  CC_SPAM,              sub { c('final_spam_destiny') },
  CC_BADH,              sub { c('final_bad_header_destiny') },
  CC_MTA.',1',          D_TEMPFAIL,
  CC_MTA.',2',          D_REJECT,
  CC_OVERSIZED,         D_BOUNCE,
  CC_CATCHALL,          D_PASS,
);

%admin_maps_by_ccat = (
  CC_VIRUS,       sub { ca('virus_admin_maps') },
  CC_BANNED,      sub { ca('banned_admin_maps') },
  CC_UNCHECKED,   sub { ca('virus_admin_maps') },
  CC_UNCHECKED.',1',    undef,
  CC_SPAM,        sub { ca('spam_admin_maps') },
  CC_BADH,        sub { ca('bad_header_admin_maps') },
);

I probably do not understand all meaning here, so I guess I misconfigured something. Does the order play a role, in which settings have been done here? I have copied all relevant snippets in the order they appear in my config file.

Can I turn a NoBounceOutbound?

Thanks in advance

Christian
--
Bachelor of Science Informatik
Erlenwiese 14, 36304 Alsfeld
T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345
USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3089 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20140918/2afcede9/attachment.bin>


More information about the amavis-users mailing list