Administrace komentářů

use strict;
$MYHOME = '/var/spool/amavis';   # (default is '/var/spool/amavis')
$mydomain = 'lion.sk';      # (no useful default)
$myhostname = 'mail.lion.sk';  # fqdn of this host, default by uname(3)
$daemon_user  = 'amavis';   # (no default;  customary: vscan or amavis)
$daemon_group = 'amavis';   # (no default;  customary: vscan or amavis or sweep)
$TEMPBASE = "$MYHOME/tmp";     # prefer to keep home dir /var/spool/amavis clean?
$db_home = "$MYHOME/db";	# DB databases directory, default "$MYHOME/db"
$ENV{TMPDIR} = $TEMPBASE;       # wise to set TMPDIR, but not obligatory
$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1
$forward_method = 'smtp:[127.0.0.1]:10025';  # where to forward checked mail
$notify_method = $forward_method;            # where to submit notifications
$max_servers  =  2;   # number of pre-forked children          (default 2)
$max_requests = 20;   # retire a child after that many accepts (default 10)
$child_timeout=5*60;  # abort child if it does not complete each task in
@local_domains_maps = ( [".$mydomain", "teleperformance.sk", "lion.sk"] );  # $mydomain and its subdomains
$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
$inet_socket_port = 10024;        # accept SMTP on this local TCP port
@inet_acl = qw( 127.0.0.1 ::1 );  # allow SMTP access only from localhost IP
$DO_SYSLOG = 0;                   # (defaults to false)
$SYSLOG_LEVEL = 'daemon.debug';     # (facility.priority, default 'mail.info')
$LOGFILE = "/var/log/amavis.log";  # (defaults to empty, no log)
$log_level = 5;		  # (defaults to 0)
$log_recip_templ = undef;  # undef disables by-recipient level-0 log entries
$final_virus_destiny      = D_DISCARD;  # (defaults to D_DISCARD)
$final_banned_destiny     = D_DISCARD;  # (defaults to D_BOUNCE)
$final_spam_destiny       = D_DISCARD;  # (defaults to D_BOUNCE)
$final_bad_header_destiny = D_PASS;  # (defaults to D_PASS), D_BOUNCE suggested
@viruses_that_fake_sender_maps = (new_RE(
  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
  qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i,
  qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i,
  qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i,
  qr'@mm|@MM',    # mass mailing viruses as labeled by f-prot and uvscan
  qr'Worm'i,      # worms as labeled by ClamAV, Kaspersky, etc
  [qr'^(EICAR|Joke\.|Junk\.)'i         => 0],
  [qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i  => 0],
  [qr/.*/ => 1],  # true by default  (remove or comment-out if undesired)
));
$virus_admin = 'suvakin@teleperformance.sk';
$spam_admin = "suvakin\@teleperformance.sk";
$mailfrom_notify_admin     = "virusalert\@$mydomain";
$mailfrom_notify_recip     = "virusalert\@$mydomain";
$mailfrom_notify_spamadmin = "spam.police\@$mydomain";
$mailfrom_to_quarantine = '';   # override sender address with null return path
$QUARANTINEDIR = '/var/spool/amavis/virusmails';
$virus_quarantine_method        = 'local:virus/virus-%i-%n';
$spam_quarantine_method         = 'local:spam/spam-%b-%i-%n';
$banned_files_quarantine_method = 'local:banned/banned-%i-%n';
$bad_header_quarantine_method   = 'local:badh/badh-%i-%n';
$X_HEADER_TAG = 'X-Virus-Scanned';	# (default: 'X-Virus-Scanned')
$X_HEADER_LINE = "$myproduct_name at $mydomain";
$undecipherable_subject_tag = '***UNCHECKED*** ';  # undef disables it
$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone
$remove_existing_spam_headers  = 1;     # remove existing spam headers if
@keep_decoded_original_maps = (new_RE(
  qr'^MAIL-UNDECIPHERABLE$',  # retain full mail if it contains undecipherables
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
  qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
  qr'^application/x-msdownload$'i,                  # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,
  [ qr'^\.(rpm|cpio|tar)$'       => 0 ],  # allow any type in Unix archives
  qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
  qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|exe|fxp|hlp|hta|inf|ins|isp|
        js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|ops|pcd|pif|prg|
        reg|scr|sct|shb|shs|vb|vbe|vbs|wsc|wsf|wsh)$'ix,  # banned ext - long
  qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i,  # banned extension - WinZip vulnerab.
  qr'^\.(exe-ms)$',                       # banned file(1) types
);
$banned_namepath_re = new_RE(
  qr'(?#NO X-MSDOWNLOAD)   ^(.*\t)? M=application/x-msdownload   (\t.*)? $'xmi,
  qr'(?#NO X-MSDOS-PROGRAM)^(.*\t)? M=application/x-msdos-program(\t.*)? $'xmi,
  qr'(?#NO HTA)            ^(.*\t)? M=application/hta            (\t.*)? $'xmi,
  [ qr'(?#rule-4) ^ (.*\t)? T=(tar|rpm|cpio) (\t.*)? $'xmi => 0 ],  # allow
  qr'(?# BLOCK DOUBLE-EXTENSIONS )
     ^ (.*\t)? N= [^\t\n]* \. [^./\t\n]* \.
                  (exe|vbs|pif|scr|bat|cmd|com|cpl|dll) \.? (\t.*)? $'xmi,
  qr'(?# BLOCK COMMON NAME EXENSIONS )
     ^ (.*\t)? N= [^\t\n]* \. (exe|vbs|pif|scr|bat|com|cpl) (\t.*)? $'xmi,
  [ qr'(?# BLOCK EMPTY MIME PART APPLICATION/OCTET-STREAM )
       ^ (.*\t)? M=application/octet-stream \t(.*\t)* T=empty (\t.*)? $'xmi
    => 'DISCARD' ],
  qr'(?# BLOCK Microsoft EXECUTABLES )
     ^ (.*\t)? T=exe-ms (\t.*)? $'xm,              # banned file(1) type
);
  $banned_namepath_re = undef;  # to disable new-style
$sql_select_white_black_list = undef;  # undef disables SQL white/blacklisting
$localpart_is_case_sensitive = 0;	# (default is false)
@score_sender_maps = ({  # a by-recipient hash lookup table
  '.' => [  # the _first_ matching sender determines the score boost
   new_RE(  # regexp-type lookup table, just happens to be all soft-blacklist
    [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i         => 5.0],
    [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
    [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
    [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i   => 5.0],
    [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  => 5.0],
    [qr'^(your_friend|greatoffers)@'i                                => 5.0],
    [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    => 5.0],
   ),
   { # a hash-type lookup table (associative array)
     'nobody@cert.org'                        => -3.0,
     'cert-advisory@us-cert.gov'              => -3.0,
     'owner-alert@iss.net'                    => -3.0,
     'slashdot@slashdot.org'                  => -3.0,
     'bugtraq@securityfocus.com'              => -3.0,
     'ntbugtraq@listserv.ntbugtraq.com'       => -3.0,
     'security-alerts@linuxsecurity.com'      => -3.0,
     'mailman-announce-admin@python.org'      => -3.0,
     'amavis-user-admin@lists.sourceforge.net'=> -3.0,
     'notification-return@lists.sophos.com'   => -3.0,
     'owner-postfix-users@postfix.org'        => -3.0,
     'owner-postfix-announce@postfix.org'     => -3.0,
     'owner-sendmail-announce@lists.sendmail.org'   => -3.0,
     'sendmail-announce-request@lists.sendmail.org' => -3.0,
     'donotreply@sendmail.org'                => -3.0,
     'ca+envelope@sendmail.org'               => -3.0,
     'noreply@freshmeat.net'                  => -3.0,
     'owner-technews@postel.acm.org'          => -3.0,
     'ietf-123-owner@loki.ietf.org'           => -3.0,
     'cvs-commits-list-admin@gnome.org'       => -3.0,
     'rt-users-admin@lists.fsck.com'          => -3.0,
     'clp-request@comp.nus.edu.sg'            => -3.0,
     'surveys-errors@lists.nua.ie'            => -3.0,
     'emailnews@genomeweb.com'                => -5.0,
     'yahoo-dev-null@yahoo-inc.com'           => -3.0,
     'returns.groups.yahoo.com'               => -3.0,
     'clusternews@linuxnetworx.com'           => -3.0,
     lc('lvs-users-admin@LinuxVirtualServer.org')    => -3.0,
     lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
     'sender@example.net'                     =>  3.0,
     '.example.net'                           =>  1.0,
   },
  ],  # end of site-wide tables
});
@blacklist_sender_maps = ( new_RE(
    qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
    qr'^(investments|lose_weight_today|market\.alert|money2you|MyGreenCard)@'i,
    qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,
    qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
    qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
    qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,
));
$MAXLEVELS = 14;		# (default is undef, no limit)
$MAXFILES = 1500;		# (default is undef, no limit)
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)
$MIN_EXPANSION_FACTOR =   5;  # times original mail size  (default is 5)
$MAX_EXPANSION_FACTOR = 500;  # times original mail size  (default is 500)
$virus_check_negative_ttl=  3*60; # time to remember that mail was not infected
$virus_check_positive_ttl= 30*60; # time to remember that mail was infected
$spam_check_negative_ttl = 30*60; # time to remember that mail was not spam
$spam_check_positive_ttl = 30*60; # time to remember that mail was spam
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file   = 'file';   # file(1) utility; use 3.41 or later to avoid vulnerability
$gzip   = 'gzip';
$bzip2  = 'bzip2';
$lzop   = 'lzop';
$rpm2cpio   = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze   = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc        = ['nomarch', 'arc'];
$unarj      = ['arj', 'unarj'];  # both can extract, arj is recommended
$unrar      = ['rar', 'unrar'];  # both can extract, same options
$zoo    = 'zoo';
$lha    = 'lha';
$cpio   = ['gcpio','cpio']; # gcpio is a GNU cpio on OpenBSD, which supports
$ar     = 'ar';  # Unix binary archives and Debian binary packages
$dspam  = 'dspam';
$sa_local_tests_only = 0;   # (default: false)
$sa_mail_body_size_limit = 2000*1024; # don't waste time on SA if mail is larger
$sa_tag_level_deflt  = undef; # add spam info headers if at, or above that level;
$sa_tag2_level_deflt = 4.0; # add 'spam detected' headers at that level to
$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;  # spam level beyond which a DSN is not sent,
$sa_spam_subject_tag = '***SPAM*** ';	# (defaults to undef, disabled)
$sa_spam_modifies_subj = 1; # in @sa_spam_modifies_subj_maps, default is true
$sa_spam_level_char = '*';  # char for X-Spam-Level bar, defaults to '*';
$sa_spam_report_header = 1; # insert X-Spam-Report header field? default false
@av_scanners = (
['ClamAV-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
  qr/\bOK$/, qr/\bFOUND$/,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
@av_scanners_backup = (
  ['ClamAV-clamscan', 'clamscan',
    "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
1;  # insure a defined return