hi all, i'm using amavis-perl actually for scanning my emails. postfix and amavis-perl are working perfectly in the moment and scanning in- and outgoing emails. there's just one problem: in a couple of days this server is a newsletter-server which will send hundreds of emails out and i don't want to scan every mail which is sent out by postfix. is there a possibility to only scan incoming mail ? the mailbox_command= pipe isn't working for me and i think this mailbox_command is only working for mails from outside to local users. i also want to scan local->local. they are incoming mails too, or ?;) the actual vscan pipe for amavis is included in the master.cf from postfix. maybe there's a chance to only pipe incoming mails to vscan ? thanks, marco -- tr@nsnet internet services phone : +49-89-48-90-33-50 lilienstr. 3-5 fax : +49-89-48-90-33-55 81669 munich/germany url : http://www.trans.net/ gpg key: mail -s "get gpg key" marco.ahrendt@trans.net »Compared to system administration, being cursed forever is a step up.«
Marco wrote:
hi all,
i'm using amavis-perl actually for scanning my emails. postfix and amavis-perl are working perfectly in the moment and scanning in- and outgoing emails. there's just one problem: in a couple of days this server is a newsletter-server which will send hundreds of emails out and i don't want to scan every mail which is sent out by postfix. is there a possibility to only scan incoming mail ? the mailbox_command= pipe isn't working for me and i think this mailbox_command is only working for mails from outside to local users. i also want to scan local->local. they are incoming mails too, or ?;) the actual vscan pipe for amavis is included in the master.cf from postfix. maybe there's a chance to only pipe incoming mails to vscan ?
are you using content_filter? if yes, no problem, a mail is scanned only once and after that postifx does the delivery, so if you send a mail to 200 rcpt's, the mail is scanned only one time. -- intraDAT AG http://www.intradat.com Wilhelm-Leuschner-Strasse 7 Tel: +49 69-25629-0 D - 60329 Frankfurt am Main Fax: +49 69-25629-256 Junk mail is war. RFCs do not apply.
Hi
i'm using amavis-perl actually for scanning my emails.
When all mails were scaned I think thats the best way. If there are hundred of mails that should also be no matter for skip scanning. My problem is I'm using amavis-perl in combination with qmail and there seams I've a problem with the setuid-perlscript. When I send out mails under root-account amavis starts the virusscanner (InoculateIT for Linux) scans the mail and send it out when no virus is found otherwise the mail will be quarantined. When I use my workaccount I get an error with a temporary error ( qmail-inject qq ...) Does someone know how to fix the problem - setting suid-bit in ac will produce an scripterror because the script is detecting ac-settings and stop if the bit is set. --------------------------------------------------------------- Vielleicht zufällig ein Projekt zu vergeben und nun auf der Suche nach einem Freelancer? Dann doch gleichmal vorbeischauen unter http://www.gulp.de/profil/rhelms.html ----------------------------------------------------------------
On Wed, 14 Nov 2001 rhelms@mayn.de wrote:
My problem is I'm using amavis-perl in combination with qmail and there seams I've a problem with the setuid-perlscript. When I send out mails under root-account amavis starts the virusscanner (InoculateIT for Linux) scans the mail and send it out when no virus is found otherwise the mail will be quarantined. When I use my workaccount I get an error with a temporary error ( qmail-inject qq ...)
I'd say it's a permission problem, please double-check README.qmail. Please read http://www.amavis.org/amavis-faq.php3, MTA-config-issues, section qmail, too. In general, I'd suggest to ask amavis-related questions in the amavis-user mailing list, see www.amavis.org for subscribtion details. Thanks.
Does someone know how to fix the problem - setting suid-bit in ac will produce an scripterror because the script is detecting ac-settings and stop if the bit is set. Excuse my ignorance, but what's the meaning of "ac" here? Im pretty sure, it's not Alan Cox ;) [1]
best regards, Rainer Link [1] Well, just as a side note: as he told me, he had a look at AMaViS a year ago or so as he searched for a tool for adding disclaimers ... -- Rainer Link | SuSE - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (www.amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)
Hi,
On Wed, 14 Nov 2001 rhelms@mayn.de wrote:
When I use my workaccount I get an error with a temporary error ( qmail-inject qq ...)
I'd say it's a permission problem, please double-check README.qmail. Please read http://www.amavis.org/amavis-faq.php3, MTA-config-issues, section qmail, too.
In fact this is a permission problem. The granted rights for /var/qmail/bin/sendmail must have executeright not only for the root-account. This sendmailprogram is calling qmail-inject for delivery. After the correct setting you can use the setuidscript normaly. I don't know if the setuid-scipt is changing from any workaccount to root while running. If that is so I think thats is a securityproblem and should be fixed. Regards, Ruprecht ---------------------- For gemans Vielleicht zufällig ein Projekt zu vergeben und nun auf der Suche nach einem Freelancer? Dann doch gleichmal vorbeischauen unter http://www.gulp.de/profil/rhelms.html ----------------------
On Mon, 19 Nov 2001 rhelms@mayn.de wrote:
I'd say it's a permission problem, please double-check README.qmail. Please read http://www.amavis.org/amavis-faq.php3, MTA-config-issues, section qmail, too.
In fact this is a permission problem. The granted rights for /var/qmail/bin/sendmail must have executeright not only for the root-account. This sendmailprogram is calling qmail-inject for delivery. After the correct setting you can use the setuidscript normaly.
Huh? Show me the snippet of README.qmail which talks about changing the permissions of /var/qmail/bin/sendmail. qmail-queue (the amavis script) and qmail-queue-real (the original qmail-queue binary) are qmailq:qmail, mode 4711. That are just the normal permissions as of qmail-queue without amavis. If you dislike that qmail-queue (the amavis) script requires the setuid bit, then use the qmail-queue wrapper as discribed at www.amavis.org/amavis-faq.php3 If you still do not like this concept for security reasons, then don't use qmail ;-). qmail-scanner from Jason basically uses the same concept as amavis-perl. best regards, Rainer Link -- Rainer Link | SuSE - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (www.amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)
participants (4)
-
Marco
-
Rainer Link
-
rhelms@mayn.de
-
Sven Michels