Send recipient notification of quarantined spam

Dino Edwards dino.edwards at mydirectmail.net
Fri Feb 8 11:10:31 CET 2019 

We have been able to accomplish what you are asking for with our appliance. We have a job that runs on a scheduled basis (2, 4, 8 hours or daily depending on recipient preferences) that goes through the msgs table and selects any messages that were quarantined during that time period  (viruses, banned files, spam, bad headers) and creates a report that it sends to the recipient with a list of the messages that were quarantined. The report contains the listing as well as a link to view/release the message back to the recipients mailbox.

Our appliance is open source and free. You can read it about it and download it here if you are interested:

https://www.deeztek.com/products/hermes-secure-email-gateway/

Source code is also posted on github if you wanna see how we went about implementing that functionality, or you can simply download and implement our appliance in your environment. We also have very extensive documentation.




From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at amavis.org] On Behalf Of Tom Robinson
Sent: Thursday, February 7, 2019 5:23 PM
To: amavis-users at amavis.org
Subject: Re: Send recipient notification of quarantined spam


On 7/2/19 6:00 pm, Dominic Raferd wrote:
>
>
> On Thu, 7 Feb 2019 at 04:46, Tom Robinson <tom.robinson at motec.com.au
<mailto:tom.robinson at motec.com.au%20%0b>> <mailto:tom.robinson at motec.com.au>> wrote:
>
>     bump
>
>     On 5/2/19 12:08 pm, Tom Robinson wrote:
>>
>>     Hi,
>>
>>     I'm sure this has been answered before but I just can't seem to find the right settings.
>>
>>     I want the recipient of a quarantined SPAM email to receive a notification that it was
>>     quarantined.
>>
>>     Notifications are working for viruses that get quarantined but I can't get it to work for SPAM.
>>
>>     I have the following in my amavisd.conf
>>
>>     $virus_admin               = "postmaster\@$mydomain";                   # notifications recip.
>>     $mailfrom_notify_admin     = "virusalert\@$mydomain";                   # notifications sender
>>     $mailfrom_notify_recip     = "virusalert\@$mydomain";                   # notifications sender
>>     $mailfrom_notify_spamadmin = "spamalert\@$mydomain";                    # notifications sender
>>     $mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
>>
>>     $final_virus_destiny      = D_DISCARD;
>>     $final_banned_destiny     = D_DISCARD;
>>     $final_spam_destiny       = D_DISCARD;  #!!!  D_DISCARD / D_REJECT
>>     $final_bad_header_destiny = D_PASS;
>>     $virus_quarantine_method        = 'local:virus/%m';
>>     $spam_quarantine_method         = 'local:spam/%m.gz';
>>     $banned_files_quarantine_method = 'local:banned/%m';
>>     $bad_header_quarantine_method   = 'local:badh/%m';
>>
>>     $warnvirusrecip = 1;
>>     $warnbannedrecip = 1;
>>     $warnbannedsender = 0;
>>
> Try: https://lists.amavis.org/pipermail/amavis-users/2012-July/001717.html
> I'm not clear how amavis decides whether a recipient is 'local'. Might be worth setting
> $warn_offsite to 1 if only to rule this out.
>
> Looking at comments in amavisd-new code 2.11.0 it seems that warnbannedrecip is deprecated in
> favour of warnbannedrecip_maps (although it should still work).
>
> You aren't using any named policy banks are you? If so, it might also need to be set explicitly
> inside each named policy bank (as do a lot of things, sadly), and with different syntax
> (warnbannedrecip  => 1,).

Thanks Dominic.

Just to be clear, I'm using CentOS 7, amavisd-new 2.11.0.

I can't find ANY decent documentation about how to configure warnbannedrecip_maps. How can I use
this configuration option?

The only policy banks in my amavisd.conf are the default ones that are already configured in the
CentOS 7 packages:

$policy_bank{'MYNETS'} = {   # mail originating from @mynetworks
$policy_bank{'ORIGINATING'} = {  # mail supposedly originating from our users
$policy_bank{'AM.PDP-SOCK'} = {

The warnbannedrecip_maps is nowhere to be found in my amavisd.conf

I've also read that setting $warn_offsite on can create backscatter. Really not sure how to handle this.

Where is the documentation? RTFM comes to mind but it's hard when you can't find any!

The following is an interesting read but the discussion is about 'sender notification'

https://lists.amavis.org/pipermail/amavis-users/2016-November/004649.html

I need 'recipient notification'

I'm very hesitant to set $warn_offsite until I can be sure what it will do. :-/


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.amavis.org/pipermail/amavis-users/attachments/20190208/c7984b0f/attachment.html>

More information about the amavis-users mailing list