On Sun, 21 Dec 2003 at 10:09:38AM -0500, hanasaki wrote: > whats the difference between amavis-ng and milter and amavisd-new? are > some going away? which one do you use for what? or clamscan directly? > how can virus scanning be added? clamscan and spam Spam assassin seem > to be the norms from googling. the configuration files to integrate > with exim are befuddling. ##Transport section #####ADDED FOR MAVIS AV Scan##### amavis: driver = pipe command = "/usr/bin/amavis -f <${sender_address}> -d ${pipe_addresses}" prefix = suffix = check_string = escape_string = return_output = false return_path_add = false user = amavis group = amavis path = "/bin:/sbin:/usr/bin:/usr/sbin" current_directory = "/var/spool/amavis-ng" ##Directors Section #Put this first, ORDER MATTERS! ###ADDED FOR MAVIS AV SCANNER#### amavis_director: condition = "${if eq {$received_protocol}{scanned-ok} {0}{1}}" driver = smartuser transport = amavis > the plan is too hook a virus scanner into exim4 from sarge. any > thoughts are appreciated. A copy of someone's working exim4 config > would be great! > > how does one integrate the following with exim? And which do you folks > recommend for what reasons? > SPAM > Spamassassin > bogofilter Defiantly bogofilter. Bogofilter has the ability to learn and adjust to new spam. I would suggest you set up a set of bogofilter dbs for each user since what each user considers spam is different. Then you have your users use IMAP and create a few mailboxes for them: MisMarkedAsGood (runs bogofilter -Ns) MisMarkedAsBad (runs bogofilter -Sn) MarkGood (bogofilter -n) MarkBad (bogofilter -s) The last two mbox files are only used if you use tristate filtering (Good, Bad, Unsure). Then you run cron jobs like this in the user's crontab... 4 4 * * * stripdaemonmail.pl ~/Mail/MisMarkedAsBad | bogofilter -Sn ; stripdaemonmail.pl ~/Mail/MisMarkedAsBad >> /var/mail/username ; rm ~/Mail/MisMarkedAsBad ; touch ~/Mail/MisMarkedAsBad 5 4 * * * stripdaemonmail.pl ~/Mail/MisMarkedAsGood | bogofilter -Ns ; rm ~/Mail/MisMarkedAsGood ; touch ~/Mail/MisMarkedAsGood 6 4 * * * stripdaemonmail.pl ~/Mail/MarkBad | bogofilter -s ; rm ~/Mail/MarkBad ; touch ~/Mail/MarkBad 7 4 * * * stripdaemonmail.pl ~/Mail/MarkGood | bogofilter -n ; stripdaemonmail.pl ~/Mail/MarkGood >> /var/mail/username ; rm ~/Mail/MarkGood ; touch ~/Mail/MarkGood stripmail.pl (attached) is a simple perl script that removes mbox emails that are left by the imap daemon. If you find a bug in the perl script I would definitely appreciate it if you would let me know. Even though it is not "formally" documented the script should be considered GPL. The user's .procmailrc (you are using procmail, yes?) can be configured like so: ---------start procmailrc-------- :0 f | bogofilter -p -u -3 -l :0: * ^X-Bogosity: Yes Mail/Junk :0: * ^X-Bogosity: Unsure Mail/Unsure --------end procmailrc---------- After this users move items in "Junk" to MisMarkedAsBad if it is a good email that ended up in the "Junk" folder. Likewise they move mails that are spam that ended up in the Inbox to "MisMarkedAsGood". MarkGood/MarkBad are for emails that end up in the "Unsure" folder. Hope this helps! > VIRUS > amavis > amavisd-new No comment about amavis/amavisd-new. > clamscans This is not related to amavis. Amavis is responsible for parsing the MIME and saving them to files in /tmp. Clamscan is then used to scan the files placed in /tmp by amavis. Clamscan has come a long way. They now have over 10,000 definitions. However, you can use commercial av's (like Sophis) with amavis if you wish. Last I checked several months ago Sophis has over 80,000 definitions. Hope this helps. -- Phillip Hofmeister PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.asc | gpg --import -- Excuse #137: Broadcast packets on wrong frequency
Attachment:
stripdaemonmail.pl
Description: Perl program