On Sun, 21 Dec 2003 at 10:09:38AM -0500, hanasaki wrote:
> whats the difference between amavis-ng and milter and amavisd-new? are
> some going away? which one do you use for what? or clamscan directly?
> how can virus scanning be added? clamscan and spam Spam assassin seem
> to be the norms from googling. the configuration files to integrate
> with exim are befuddling.
##Transport section
#####ADDED FOR MAVIS AV Scan#####
amavis:
driver = pipe
command = "/usr/bin/amavis -f <${sender_address}> -d
${pipe_addresses}"
prefix =
suffix =
check_string =
escape_string =
return_output = false
return_path_add = false
user = amavis
group = amavis
path = "/bin:/sbin:/usr/bin:/usr/sbin"
current_directory = "/var/spool/amavis-ng"
##Directors Section
#Put this first, ORDER MATTERS!
###ADDED FOR MAVIS AV SCANNER####
amavis_director:
condition = "${if eq {$received_protocol}{scanned-ok} {0}{1}}"
driver = smartuser
transport = amavis
> the plan is too hook a virus scanner into exim4 from sarge. any
> thoughts are appreciated. A copy of someone's working exim4 config
> would be great!
>
> how does one integrate the following with exim? And which do you folks
> recommend for what reasons?
> SPAM
> Spamassassin
> bogofilter
Defiantly bogofilter. Bogofilter has the ability to learn and adjust to
new spam. I would suggest you set up a set of bogofilter dbs for each
user since what each user considers spam is different. Then you have
your users use IMAP and create a few mailboxes for them:
MisMarkedAsGood (runs bogofilter -Ns)
MisMarkedAsBad (runs bogofilter -Sn)
MarkGood (bogofilter -n)
MarkBad (bogofilter -s)
The last two mbox files are only used if you use tristate filtering
(Good, Bad, Unsure).
Then you run cron jobs like this in the user's crontab...
4 4 * * * stripdaemonmail.pl ~/Mail/MisMarkedAsBad | bogofilter -Sn ; stripdaemonmail.pl ~/Mail/MisMarkedAsBad >> /var/mail/username ; rm ~/Mail/MisMarkedAsBad ; touch ~/Mail/MisMarkedAsBad
5 4 * * * stripdaemonmail.pl ~/Mail/MisMarkedAsGood | bogofilter -Ns ; rm ~/Mail/MisMarkedAsGood ; touch ~/Mail/MisMarkedAsGood
6 4 * * * stripdaemonmail.pl ~/Mail/MarkBad | bogofilter -s ; rm ~/Mail/MarkBad ; touch ~/Mail/MarkBad
7 4 * * * stripdaemonmail.pl ~/Mail/MarkGood | bogofilter -n ; stripdaemonmail.pl ~/Mail/MarkGood >> /var/mail/username ; rm ~/Mail/MarkGood ; touch ~/Mail/MarkGood
stripmail.pl (attached) is a simple perl script that removes mbox emails that
are left by the imap daemon. If you find a bug in the perl script I
would definitely appreciate it if you would let me know. Even though it
is not "formally" documented the script should be considered GPL.
The user's .procmailrc (you are using procmail, yes?) can be configured like
so:
---------start procmailrc--------
:0 f
| bogofilter -p -u -3 -l
:0:
* ^X-Bogosity: Yes
Mail/Junk
:0:
* ^X-Bogosity: Unsure
Mail/Unsure
--------end procmailrc----------
After this users move items in "Junk" to MisMarkedAsBad if it is a good
email that ended up in the "Junk" folder. Likewise they move mails that
are spam that ended up in the Inbox to "MisMarkedAsGood".
MarkGood/MarkBad are for emails that end up in the "Unsure" folder.
Hope this helps!
> VIRUS
> amavis
> amavisd-new
No comment about amavis/amavisd-new.
> clamscans
This is not related to amavis. Amavis is responsible for parsing the
MIME and saving them to files in /tmp. Clamscan is then used to scan
the files placed in /tmp by amavis. Clamscan has come a long way. They
now have over 10,000 definitions. However, you can use commercial av's
(like Sophis) with amavis if you wish. Last I checked several months
ago Sophis has over 80,000 definitions.
Hope this helps.
--
Phillip Hofmeister
PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.asc | gpg --import
--
Excuse #137: Broadcast packets on wrong frequency
Attachment:
stripdaemonmail.pl
Description: Perl program