Mailinglist Archive: opensuse-de (2429 mails)

< Previous Next >
Re: Amavis-new
  • From: Sandy Drobic <suse-linux@xxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 23 Jan 2006 23:49:03 +0100
  • Message-id: <43D55D5F.10507@xxxxxxxxxxxxxxxxxxxxxxx>
olaf.uhlemann wrote:
Amavis fügt zum Glück nur Headerzeilen ein und verändert schlimmstensfalls den Betreff.


Natürlich ist das der Weg ;-)


welche Version von Suse/postfix/amavis/spamassassin verwendest du?

9.2; 2.1.5; 0.88; 3.0.0
suse; postfix; clam-av; spamassassin?



Poste mal die Ausgabe von: grep -v "^#" /etc/amavisd.conf


linux:/var/virusmail # grep -v "^#" /etc/amavisd.conf
use strict;

$myhostname = 'sertrec.com';
$mydomain = 'sertrec.com';
$daemon_user = 'clamav';
$daemon_group = 'clamav';
$MYHOME = '/var/amavis';
$TEMPBASE = "$MYHOME/tmp";
$ENV{TMPDIR} = $TEMPBASE;
$helpers_home = "$MYHOME/var";
$db_home = "$MYHOME/db";
$max_servers = 2;
$enable_db = 1;
$enable_global_cache = 1;
read_hash(\%local_domains, '/etc/postfix/virtualdomains');

$log_level = 3;
$inet_socket_port = 10024;

$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_BOUNCE;

Das hier könnte schon das Problem sein. Setze mal
$final_spam_destiny = D_PASS

Warum die Mail ändern, wenn sie ohnehin in die Quarantäne wandert oder zurückgeschickt wird?

$final_bad_header_destiny = D_PASS;

$virus_quarantine_method = 'local:virus-%m';
$spam_quarantine_method = 'local:spam-%m';
$banned_files_quarantine_method = 'local:banned-%m';
$bad_header_quarantine_method = 'local:badh-%m';

$QUARANTINEDIR = '/var/virusmail';
$quarantine_subdir_levels = 1;

$virus_quarantine_to = 'virus'; # via
%local_delivery_aliases
$banned_quarantine_to = 'banned';
$bad_header_quarantine_to = 'badh';
$spam_quarantine_to = 'spam';

@virus_quarantine_to_maps = (\$virus_quarantine_to);
@banned_quarantine_to_maps = (\$banned_quarantine_to);
@bad_header_quarantine_to_maps = (\$bad_header_quarantine_to);
@spam_quarantine_to_maps = (\$spam_quarantine_to);

$mailfrom_to_quarantine = '';

$virus_admin = "virusalter\@$mydomain";

$warnvirussender = 0;
$warnspamsender = 0;
$warnbannedsender = 0;
$warnbadhsender = 0;
$warnvirusrecip = 1;
$warnbannedrecip = 1;
$warnbadhrecip = 1;

$insert_received_line = 1;
$remove_existing_x_scanned_headers = 0;
$remove_existing_spam_headers = 1;

$X_HEADER_TAG = 'X-Virus-Scanned'; #
after-default
$X_HEADER_LINE = "$myproduct_name at $mydomain"; #

Ich sehe in deiner Konfig keine Zuweisung für $myproduct_name.

after-default

$defang_all = 0;

$undecipherable_subject_tag = '***UNCHECKED*** ';
$sa_spam_subject_tag = '*** S P A M *** ';
$sa_spam_modifies_subj = 1;
$sa_spam_level_char = '*';
$sa_spam_report_header = 1;

@keep_decoded_original_maps = (...);

$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024;
$MAX_EXPANSION_QUOTA = 300*1024*1024;

$path =
'/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';

@decoders = (...);

@av_scanners = (...);
@av_scanners_backup = (...);
$first_infected_stops_scan = 0;

@viruses_that_fake_sender_maps = (...);

$banned_filename_re = new_RE(...);
$sa_mail_body_size_limit = 200*1024;
$sa_tag_level_deflt = -20;
$sa_tag2_level_deflt = 2.0;
$sa_kill_level_deflt = 20.0;

@score_sender_maps = (...);
1;

Was steht im Log von Postfix


postfix/smtpd[21750]: connect from
bdu198.neoplus.adsl.tpnet.pl[83.28.6.198]
postfix/smtpd[21750]: 16950255A4:
client=bdu198.neoplus.adsl.tpnet.pl[83.28.6.198]
postfix/cleanup[21751]: 16950255A4:
message-id=<000001c62066$7f3b8d00$0100007f@sylwia>
postfix/qmgr[20641]: 16950255A4: from=<adam@xxxxxxxxxxxxxxxx>,
size=6955, nrcpt=1 (queue active)
amavis[21794]: (21794-01) loaded base policy bank
amavis[21794]: (21794-01) lookup_ip_acl (inet_acl): key="127.0.0.1"
matches "127.0.0.1", result=1
amavis[21794]: (21794-01) prolong_timer after new request - timer reset:
remaining time = 480 s
amavis[21794]: (21794-02) SMTP> 220 [127.0.0.1] ESMTP amavisd-new
service ready
amavis[21794]: (21794-02) prolong_timer after reading SMTP command:
remaining time = 480 s
amavis[21794]: (21794-02) SMTP< EHLO sertrec.com\r\n
amavis[21794]: (21794-02) ESMTP> 250-[127.0.0.1]
amavis[21794]: (21794-02) ESMTP> 250-PIPELINING
amavis[21794]: (21794-02) ESMTP> 250-SIZE
amavis[21794]: (21794-02) ESMTP> 250-8BITMIME
amavis[21794]: (21794-02) ESMTP> 250-ENHANCEDSTATUSCODES
amavis[21794]: (21794-02) ESMTP> 250 XFORWARD NAME ADDR PROTO HELO
amavis[21794]: (21794-02) prolong_timer after reading SMTP command:
remaining time = 480 s
amavis[21794]: (21794-02) ESMTP< MAIL FROM:<adam@xxxxxxxxxxxxxxxx>
SIZE=6955\r\n
amavis[21794]: (21794-02) prolong_timer after MAIL FROM received - timer
reset: remaining time = 480 s
amavis[21794]: (21794-02) check_mail_begin_task: task_count=2
amavis[21794]: (21794-02) lookup (debug_sender) => undef,
"adam@xxxxxxxxxxxxxxxx" does not match
amavis[21794]: (21794-02) ESMTP> 250 2.1.0 Sender adam@xxxxxxxxxxxxxxxx
OK
amavis[21794]: (21794-02) prolong_timer after reading SMTP command:
remaining time = 480 s
amavis[21794]: (21794-02) ESMTP< RCPT TO:<olaf.uhlemann@xxxxxxxxxxx>\r\n
amavis[21794]: (21794-02) ESMTP> 250 2.1.5 Recipient
olaf.uhlemann@xxxxxxxxxxx OK
amavis[21794]: (21794-02) prolong_timer after reading SMTP command:
remaining time = 480 s
amavis[21794]: (21794-02) ESMTP< DATA\r\n
amavis[21794]: (21794-02) prolong_timer after DATA received - timer
reset: remaining time = 480 s
amavis[21794]: (21794-02) ESMTP::10024
/var/amavis/tmp/amavis-20060123T224519-21794: <adam@xxxxxxxxxxxxxxxx> ->
<olaf.uhlemann@xxxxxxxxxxx> Received: SIZE=6955 from sertrec.com
([127.0.0.1]) by localhost (sertrec.com [127.0.0.1]) (amavisd-new, port
10024) with ESMTP id 21794-02 for <olaf.uhlemann@xxxxxxxxxxx>; Mon, 23
Jan 2006 22:47:15 +0100 (CET)
amavis[21794]: (21794-02) ESMTP> 354 End data with <CR><LF>.<CR><LF>
amavis[21794]: (21794-02) ESMTP< .\r\n
amavis[21794]: (21794-02) setting body type: 7BIT (0,0)
amavis[21794]: (21794-02) body hash: 704c509acc205e320fd7ba7ad1930d94
amavis[21794]: (21794-02) Original mail size: 6955; quota set to:
3477500 bytes
amavis[21794]: (21794-02) Checking: 7LiInKuAVAk7 <adam@xxxxxxxxxxxxxxxx>
-> <olaf.uhlemann@xxxxxxxxxxx>
amavis[21794]: (21794-02) lookup (bypass_virus_checks) => undef,
"olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) Extracting mime components
amavis[21794]: (21794-02) Issued a new file name: p001
amavis[21794]: (21794-02) Issued a new file name: p002
amavis[21794]: (21794-02) Issued a new pseudo part: p003
amavis[21794]: (21794-02) p003 1 Content-Type: multipart/alternative
amavis[21794]: (21794-02) Charging 754 bytes to remaining quota 3477500
(out of 3477500, (0%)) - by mime_decode
amavis[21794]: (21794-02) p001 1/1 Content-Type: text/plain, size: 754
B, name:
amavis[21794]: (21794-02) Charging 4721 bytes to remaining quota 3476746
(out of 3477500, (0%)) - by mime_decode
amavis[21794]: (21794-02) p002 1/2 Content-Type: text/html, size: 4721
B, name:
amavis[21794]: (21794-02) prolong_timer after mime_decode-1: remaining
time = 480 s
amavis[21794]: (21794-02) decode_parts: level=1, #parts=3 : p001, p002,
p003
amavis[21794]: (21794-02) lookup (map_full_type_to_short_type) => true,
"ASCII text" matches, result="asc",
matching_key="(?i-xsm:^(ASCII|text)\\b)"
amavis[21794]: (21794-02) File-type of p001: ASCII text; (asc)
amavis[21794]: (21794-02) lookup (map_full_type_to_short_type) => true,
"HTML document text" matches, result="html", matching_key="(?-xism:^HTML
document text\\b)"
amavis[21794]: (21794-02) File-type of p002: HTML document text; (html)
amavis[21794]: (21794-02) do_ascii: Decoding part p001
amavis[21794]: (21794-02) do_ascii: Decoding part p001 (0 items), uulib
V0.5pl20
amavis[21794]: (21794-02) decompose_part: p001 - atomic
amavis[21794]: (21794-02) decompose_part: p002 - atomic
amavis[21794]: (21794-02) prolong_timer after parts_decode: remaining
time = 480 s
amavis[21794]: (21794-02) lookup (bypass_header_checks) => undef,
"olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) Checking for banned types and filenames
amavis[21794]: (21794-02) lookup (bypass_banned_checks) => undef,
"olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) lookup (banned_filename), 1 matches for
"olaf.uhlemann@xxxxxxxxxxx", results: "(constant:DEFAULT)"=>"DEFAULT"
amavis[21794]: (21794-02) collect banned table[0]:
olaf.uhlemann@xxxxxxxxxxx, tables:
DEFAULT=>Amavis::Lookup::RE=ARRAY(0x84dc180)
amavis[21794]: (21794-02) starting banned checks - traversing message
structure tree
amavis[21794]: (21794-02) check_for_banned (p003,p001)
multipart/alternative | text/plain,.asc
amavis[21794]: (21794-02) lookup (check_bann:olaf.uhlemann@xxxxxxxxxxx)
=> undef, ["multipart/alternative","text/plain",".asc"] does not match
amavis[21794]: (21794-02) p.path olaf.uhlemann@xxxxxxxxxxx:
"P=p003,L=1,M=multipart/alternative | P=p001,L=1/1,M=text/plain,T=asc"
amavis[21794]: (21794-02) check_for_banned (p003,p002)
multipart/alternative | text/html,.html
amavis[21794]: (21794-02) lookup (check_bann:olaf.uhlemann@xxxxxxxxxxx)
=> undef, ["multipart/alternative","text/html",".html"] does not match
amavis[21794]: (21794-02) p.path olaf.uhlemann@xxxxxxxxxxx:
"P=p003,L=1,M=multipart/alternative | P=p002,L=1/2,M=text/html,T=html"
amavis[21794]: (21794-02) banned check: any=0, all=N (1)
amavis[21794]: (21794-02) lookup (keep_decoded_original) => undef,
"MAIL" does not match
amavis[21794]: (21794-02) Using ClamAV-clamd: (built-in interface)
amavis[21794]: (21794-02) Using (ClamAV-clamd) on dir: CONTSCAN
/var/amavis/tmp/amavis-20060123T224519-21794/parts\n
amavis[21794]: (21794-02) ClamAV-clamd: Connecting to socket
/var/run/clamav/clamd
amavis[21794]: (21794-02) ClamAV-clamd: Sending CONTSCAN
/var/amavis/tmp/amavis-20060123T224519-21794/parts\n to UNIX socket
/var/run/clamav/clamd
amavis[21794]: (21794-02) ask_av (ClamAV-clamd) result:
/var/amavis/tmp/amavis-20060123T224519-21794/parts: OK\n
amavis[21794]: (21794-02) ask_av (ClamAV-clamd):
/var/amavis/tmp/amavis-20060123T224519-21794/parts CLEAN
amavis[21794]: (21794-02) ClamAV-clamd result: clean
amavis[21794]: (21794-02) prolong_timer after virus_scan: remaining time
= 480 s
amavis[21794]: (21794-02) lookup (bypass_virus_checks) => undef,
"olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) lookup (bypass_spam_checks) => undef,
"olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) wbl: checking sender <adam@xxxxxxxxxxxxxxxx>
amavis[21794]: (21794-02) lookup
(blacklist_recip<olaf.uhlemann@xxxxxxxxxxx>) => undef,
"olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) lookup (blacklist_sender) => undef,
"adam@xxxxxxxxxxxxxxxx" does not match
amavis[21794]: (21794-02) lookup
(whitelist_recip<olaf.uhlemann@xxxxxxxxxxx>) => undef,
"olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) lookup (whitelist_sender) => undef,
"adam@xxxxxxxxxxxxxxxx" does not match
amavis[21794]: (21794-02) lookup (score_sender), 1 matches for
"olaf.uhlemann@xxxxxxxxxxx", results:
"."=>[Amavis::Lookup::RE=ARRAY(0x84dab78),HASH(0x84dab90)]
amavis[21794]: (21794-02) lookup (score_sender<adam@xxxxxxxxxxxxxxxx>)
=> undef, "adam@xxxxxxxxxxxxxxxx" does not match
amavis[21794]: (21794-02) CALLING SA check
postfix/smtpd[21750]: disconnect from
bdu198.neoplus.adsl.tpnet.pl[83.28.6.198]
amavis[21794]: (21794-02) RETURNED FROM SA check, time left: 28 s
amavis[21794]: (21794-02) prolong_timer after spam_scan_SA: remaining
time = 480 s
amavis[21794]: (21794-02) spam_scan: score=20.145
tests=[DRUGS_ANXIETY=0,DRUGS_ANXIETY_EREC=0,DRUGS_DIET=0.415,DRUGS_ERECT
ILE=0.026,DRUGS_MANYKINDS=2.734,DRUGS_PAIN=0.041,DRUGS_SLEEP=0.107,DRUGS
_SLEEP_EREC=2.719,DRUG_ED_GENERIC=1.181,HG_HORMONE=1.252,HTML_FONT_BIG=0
.232,HTML_MESSAGE=0.001,HTML_TAG_EXIST_TBODY=0.233,INFO_TLD=0.481,RCVD_I
N_NJABL_DUL=1.655,URIBL_AB_SURBL=2.007,URIBL_OB_SURBL=1.996,URIBL_SBL=0.
629,URIBL_SC_SURBL=3.897,URIBL_WS_SURBL=0.539]
amavis[21794]: (21794-02) prolong_timer after spam_scan: remaining time
= 480 s
amavis[21794]: (21794-02) lookup (spam_kill_level) => true,
"olaf.uhlemann@xxxxxxxxxxx" matches, result="20",
matching_key="(constant:20)"
amavis[21794]: (21794-02) lookup (spam_lovers) => undef,
"olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) SPAM-KILL, <adam@xxxxxxxxxxxxxxxx> ->
<olaf.uhlemann@xxxxxxxxxxx>, score=20.145+0, kill=20
amavis[21794]: (21794-02) lookup (spam_tag_level) => true,
"olaf.uhlemann@xxxxxxxxxxx" matches, result="-20",
matching_key="(constant:-20)"
amavis[21794]: (21794-02) lookup (spam_tag2_level) => true,
"olaf.uhlemann@xxxxxxxxxxx" matches, result="2",
matching_key="(constant:2)"
amavis[21794]: (21794-02) lookup (spam_kill_level) => true,
"olaf.uhlemann@xxxxxxxxxxx" matches, result="20",
matching_key="(constant:20)"
amavis[21794]: (21794-02) lookup (spam_quarantine_bysender_to) => undef,
"adam@xxxxxxxxxxxxxxxx" does not match
amavis[21794]: (21794-02) lookup (spam_quarantine_to) => true,
"olaf.uhlemann@xxxxxxxxxxx" matches, result="spam",
matching_key="(constant:spam)"
amavis[21794]: (21794-02) lookup (spam_quarantine_cutoff_level) =>
undef, "olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) lookup (spam_admin) => undef,
"olaf.uhlemann@xxxxxxxxxxx" does not match
amavis[21794]: (21794-02) no key 'spam' in %local_delivery_aliases, skip
local delivery
amavis[21794]: (21794-02) skip local delivery(1): <> -> <spam>
amavis[21794]: (21794-02) SPAM, <adam@xxxxxxxxxxxxxxxx> ->
<olaf.uhlemann@xxxxxxxxxxx>, Yes, score=20.145 tag=-20 tag2=2 kill=20
tests=[DRUGS_ANXIETY=0, DRUGS_ANXIETY_EREC=0, DRUGS_DIET=0.415,
DRUGS_ERECTILE=0.026, DRUGS_MANYKINDS=2.734, DRUGS_PAIN=0.041,
DRUGS_SLEEP=0.107, DRUGS_SLEEP_EREC=2.719, DRUG_ED_GENERIC=1.181,
HG_HORMONE=1.252, HTML_FONT_BIG=0.232, HTML_MESSAGE=0.001,
HTML_TAG_EXIST_TBODY=0.233, INFO_TLD=0.481, RCVD_IN_NJABL_DUL=1.655,
URIBL_AB_SURBL=2.007, URIBL_OB_SURBL=1.996, URIBL_SBL=0.629,
URIBL_SC_SURBL=3.897, URIBL_WS_SURBL=0.539], autolearn=spam, quarantine
7LiInKuAVAk7 (spam)
amavis[21794]: (21794-02) Skip spam admin notification, no
administrators
amavis[21794]: (21794-02) prolong_timer after checking_sender_ip:
remaining time = 480 s
amavis[21794]: (21794-02) warnsender_with_pass= (0,0,0,0), dsn_needed=1,
cnt=, exit=0, 250 2.5.0 Ok, id=21794-02, BOUNCE
amavis[21794]: (21794-02) lookup (spam_dsn_cutoff_level) => true,
"olaf.uhlemann@xxxxxxxxxxx" matches, result="25",
matching_key="(constant:25)"
amavis[21794]: (21794-02) notification chosen: OutDsnSpamMsgs,
SCALAR(0x877a780)
amavis[21794]: (21794-02) lookup_ip_acl (publicnetworks):
key="83.28.6.198" matches "[::FFFF:0:0]/96", result=1
amavis[21794]: (21794-02) (about to connect to [127.0.0.1]:10025) SEND
via SMTP: <> -> <adam@xxxxxxxxxxxxxxxx>

Okay, und hier geht die Bounce zurück. Bist du sicher, dass du die Spams an die (eventuell gefälschten) Absender zurückschicken willst? Besser D_PASS für Spam und dann markieren oder D_DISCARD für sicher erkannte Viren.

Sandy
--
Antworten bitte nur in die Mailingliste!
PMs bitte an: news-reply2 (@) japantest (.) homelinux (.) com


< Previous Next >
References