Byl vydán Debian 13.6, tj. šestá opravná verze Debianu 13 s kódovým názvem Trixie a Debian 12.15, tj. poslední patnáctá opravná verze Debianu 12 s kódovým názvem Bookworm, k dispozici je LTS. Řešeny jsou především bezpečnostní problémy, ale také několik vážných chyb. Instalační média Debianu 13 a Debianu 12 lze samozřejmě nadále k instalaci používat. Po instalaci stačí systém aktualizovat.
V jádře Linux byla nalezena a v upstreamu již byla opravena kritická zranitelnost GhostLock aneb CVE-2026-43499. Lokálnímu uživateli umožňuje získat práva roota a také obejít kontejnerovou izolaci. Zranitelnost existovala v Linuxu 15 let, tj. od roku 2011, od Linuxu verze 2.6.39.
Evropská komise předběžně shledala, že návykový design aplikací Instagram a Facebook od americké společnosti Meta porušuje unijní nařízení o digitálních službách (DSA). Návykový design zahrnuje například takzvané nekonečné posouvání, automatické přehrávání videí, tzv. push notifikace, kdy aplikace uživatele vybízí k návratu do jejího prostředí, či vysoce personalizovaný algoritmus, který rychle pozná, co uživatele baví a snaží
… více »Byla vydána verze 1.97.0 programovacího jazyka Rust (Wikipedie). Podrobnosti v poznámkách k vydání. Vyzkoušet Rust lze například na stránce Rust by Example.
Švýcarská společnost Punkt. má nově v nabídce telefon Punkt. MC03. Telefon byl navržen ve Švýcarsku s důrazem na soukromí a digitální suverenitu a vyroben v Německu. V telefonu běží operační systém AphyOS (Apostrophy OS) založený na AOSP (Android Open Source Project) 15. Cena telefonu je 745 eur.
TypeScript (Wikipedie), tj. JavaScript rozšířený o statické typování a další atributy, byl vydán v nové verzi 7.0. Kompilátor byl kvůli výkonu přepsán z TypeScriptu do Go.
Europarlament podpořil pozměněnou verzi výjimky známé jako „chat control 1.0“ umožňující firmám skenovat soukromou komunikaci na internetu kvůli ochraně dětí před zneužitím. Pozměňovací návrhy přijaté europoslanci však počítají s tím, že z výjimky bude vyřazena šifrovaná komunikace. Výjimka přestala platit začátkem dubna poté, co se Evropský parlament a Rada EU nedokázaly shodnout na jejím prodloužení. Rada následně přijala
… více »Nejnovější X.Org X server 21.1.24 a Xwayland 24.1.13 řeší 2 bezpečnostní chyby.
Clement "Clem" Lefebvre publikoval souhrn dění v Linux Mintu za červen 2026. Vypíchnuta je vylepšená podpora Waylandu. Už není považována za experimentální. V příští verzi Linux Mintu, plánována je na Vánoce, bude běh Cinnamonu plně podporován na X11 i Waylandu. V květnu na vývoj Linux Mintu přispělo 611 dárců celkovou částkou 19 612 dolarů. Dalších 2 326 patronů přispělo na Patreonu celkovou částkou 5 334 dolarů.
V Linuxu v KVM byla nalezena a v upstreamu již byla opravena kritická zranitelnost Januscape aneb CVE-2026-53359. Root na hostovaném počítači (virtuální stroj) může obejít izolaci a získat plnou kontrolu nad hostitelským systémem (DoS útok nebo vzdálené spuštění kódu s právy roota). Na obou hlavních architekturách – Intel i AMD. Zranitelnost v Linuxu existovala téměř 16 let (od srpna 2010 do června 2026).
Clamav virse chyta ako ma, ale SA na mna kasla... V mailoch mam hlavicky: X-Virus-Scanned: amavisd-new at lion.sk X-Spam-Score: 0 X-Spam-Level: X-Spam-Status: No, score=0 required=4 tests=[none] Zhruba to vyzera takto, to je kus /var/log/amavisd.log, mode debug:
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) ESMTP::10024 /var/spool/amavis/tmp/amavis-20070612T164547-11112: some@mail ->
some@mail SIZE=4213 Received: from mail ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for some@mail
; Tue, 12 Jun 2007 17:14:30 +0200 (CEST)
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) body hash: d38541a0426add93ae9d33c7db6c4484
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) Checking: Al1Wntwnzlfn [217.118.96.202] some@mail -> some@mail
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) p001 1 Content-Type: text/plain, size: 1328 B, name:
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) Checking for banned types and filenames
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) collect banned table[0]: bdf@lion.sk, tables: DEFAULT=>Amavis::Lookup::RE=ARRAY(0x8cda31c)
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) p.path some@mail: "P=p001,L=1,M=text/plain,T=txt"
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) Using ClamAV-clamd: (built-in interface)
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) Using (ClamAV-clamd) on dir: CONTSCAN /var/spool/amavis/tmp/amavis-20070612T164547-11112/par
ts\n
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) ClamAV-clamd: Connecting to socket /var/run/clamav/clamd.sock
Jun 12 17:14:30 mail /usr/sbin/amavisd[11112]: (11112-05) ClamAV-clamd: Sending CONTSCAN /var/spool/amavis/tmp/amavis-20070612T164547-11112/parts\n to
UNIX socket /var/run/clamav/clamd.sock
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) ask_av (ClamAV-clamd): /var/spool/amavis/tmp/amavis-20070612T164547-11112/parts CLEAN
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) ClamAV-clamd result: clean
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) spam_scan: score=0 tests=[none]
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) do_notify_and_quarantine: ccat=Clean, (1,0)
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) AUTH not needed, user='', MTA offers ''
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) response to RCPT TO for some@mail: "250 Ok"
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) FWD via SMTP: some@mail -> some@mail, 250 2.6.0 Ok, id=11112-05, from MTA([
127.0.0.1]:10025): 250 Ok: queued as 2CD78280034
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) Passed CLEAN, [217.118.96.202] [62.168.208.129] some@mail -> some@mail, Mes
sage-ID: <20070612150922.16CCFCBA65@blablabla>, mail_id: Al1Wntwnzlfn, Hits: 0., queued_as: 2CD78280034, 397 ms
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) TIMING [total 401 ms] - SMTP EHLO: 2 (1%)1, SMTP pre-MAIL: 1 (0%)1, SMTP pre-DATA-flush: 2 (
1%)1, SMTP DATA: 78 (19%)21, body_digest: 1 (0%)21, gen_mail_id: 0 (0%)21, mime_decode: 7 (2%)23, get-file-type1: 8 (2%)25, parts_decode: 0 (0%)25, AV-scan-1:
9 (2%)27, spam-wb-list: 2 (0%)28, SA msg read: 1 (0%)28, SA parse: 3 (1%)29, SA check: 145 (36%)65, SA finish: 1 (0%)65, update_cache: 1 (0%)65, decide_mail_
destiny: 1 (0%)65, fwd-connect: 22 (5%)71, fwd-mail-from: 2 (1%)71, fwd-rcpt-to: 3 (1%)72, fwd-data-cmd: 1 (0%)72, write-header: 1 (0%)72, fwd-data-contents:
1 (0%)73, fwd-data-end: 98 (24%)97, fwd-rundown: 1 (0%)97, prepare-dsn: 0 (0%)97, main_log_entry: 8 (2%)99, update_snmp: 1 (0%)100, unlink-1-files: 1 (0%)100,
rundown: 0 (0%)100
Jun 12 17:14:31 mail /usr/sbin/amavisd[11112]: (11112-05) load: 0 %, total idle 1721.243 s, busy 2.197 s
master.cf:
# DO NOT SHARE THE POSTFIX QUEUE BETWEEN MULTIPLE POSTFIX INSTANCES.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_etrn_restrictions=reject
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
#tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
bigandslow unix - - n - - smtp
-o smtp_connect_timeout=20
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/bin/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
scache unix - - n - 1 scache
discard unix - - n - - discard
tlsmgr unix - - n 1000? 1 tlsmgr
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1
kusok main.cf:
.... content_filter = amavis:[127.0.0.1]:10024 ...local.cf:
# Add *****SPAM***** to the Subject header of spam e-mails # rewrite_header Subject *****SPAM***** # Save spam messages as a message/rfc822 MIME attachment instead of # modifying the original message (0: off, 2: use text/plain instead) # report_safe 1 # Set which networks or hosts are considered 'trusted' by your mail # server (i.e. not spammers) # # trusted_networks 10. 127. # Set file-locking method (flock is not safe over NFS, but is faster) # lock_method flock # Set the threshold at which a message is considered spam (default: 5.0) # required_score 4.0 # Use Bayesian classifier (default: 1) # use_bayes 1 # Bayesian classifier auto-learning (default: 1) # bayes_auto_learn 1Vopred vsetkym dakujem za pomoc.
amavisd.conf. Chyba bude v tom.
use strict;
$MYHOME = '/var/spool/amavis'; # (default is '/var/spool/amavis')
$mydomain = 'lion.sk'; # (no useful default)
$myhostname = 'mail.lion.sk'; # fqdn of this host, default by uname(3)
$daemon_user = 'amavis'; # (no default; customary: vscan or amavis)
$daemon_group = 'amavis'; # (no default; customary: vscan or amavis or sweep)
$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/spool/amavis clean?
$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db"
$ENV{TMPDIR} = $TEMPBASE; # wise to set TMPDIR, but not obligatory
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail
$notify_method = $forward_method; # where to submit notifications
$max_servers = 2; # number of pre-forked children (default 2)
$max_requests = 20; # retire a child after that many accepts (default 10)
$child_timeout=5*60; # abort child if it does not complete each task in
@local_domains_maps = ( [".$mydomain", "teleperformance.sk", "lion.sk"] ); # $mydomain and its subdomains
$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
$inet_socket_port = 10024; # accept SMTP on this local TCP port
@inet_acl = qw( 127.0.0.1 ::1 ); # allow SMTP access only from localhost IP
$DO_SYSLOG = 0; # (defaults to false)
$SYSLOG_LEVEL = 'daemon.debug'; # (facility.priority, default 'mail.info')
$LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
$log_level = 5; # (defaults to 0)
$log_recip_templ = undef; # undef disables by-recipient level-0 log entries
$final_virus_destiny = D_DISCARD; # (defaults to D_DISCARD)
$final_banned_destiny = D_DISCARD; # (defaults to D_BOUNCE)
$final_spam_destiny = D_DISCARD; # (defaults to D_BOUNCE)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
@viruses_that_fake_sender_maps = (new_RE(
qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i,
qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i,
qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i,
qr'@mm|@MM', # mass mailing viruses as labeled by f-prot and uvscan
qr'Worm'i, # worms as labeled by ClamAV, Kaspersky, etc
[qr'^(EICAR|Joke\.|Junk\.)'i => 0],
[qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i => 0],
[qr/.*/ => 1], # true by default (remove or comment-out if undesired)
));
$virus_admin = 'suvakin@teleperformance.sk';
$spam_admin = "suvakin\@teleperformance.sk";
$mailfrom_notify_admin = "virusalert\@$mydomain";
$mailfrom_notify_recip = "virusalert\@$mydomain";
$mailfrom_notify_spamadmin = "spam.police\@$mydomain";
$mailfrom_to_quarantine = ''; # override sender address with null return path
$QUARANTINEDIR = '/var/spool/amavis/virusmails';
$virus_quarantine_method = 'local:virus/virus-%i-%n';
$spam_quarantine_method = 'local:spam/spam-%b-%i-%n';
$banned_files_quarantine_method = 'local:banned/banned-%i-%n';
$bad_header_quarantine_method = 'local:badh/badh-%i-%n';
$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: 'X-Virus-Scanned')
$X_HEADER_LINE = "$myproduct_name at $mydomain";
$undecipherable_subject_tag = '***UNCHECKED*** '; # undef disables it
$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone
$remove_existing_spam_headers = 1; # remove existing spam headers if
@keep_decoded_original_maps = (new_RE(
qr'^MAIL-UNDECIPHERABLE$', # retain full mail if it contains undecipherables
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any type in Unix archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|exe|fxp|hlp|hta|inf|ins|isp|
js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|ops|pcd|pif|prg|
reg|scr|sct|shb|shs|vb|vbe|vbs|wsc|wsf|wsh)$'ix, # banned ext - long
qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab.
qr'^\.(exe-ms)$', # banned file(1) types
);
$banned_namepath_re = new_RE(
qr'(?#NO X-MSDOWNLOAD) ^(.*\t)? M=application/x-msdownload (\t.*)? $'xmi,
qr'(?#NO X-MSDOS-PROGRAM)^(.*\t)? M=application/x-msdos-program(\t.*)? $'xmi,
qr'(?#NO HTA) ^(.*\t)? M=application/hta (\t.*)? $'xmi,
[ qr'(?#rule-4) ^ (.*\t)? T=(tar|rpm|cpio) (\t.*)? $'xmi => 0 ], # allow
qr'(?# BLOCK DOUBLE-EXTENSIONS )
^ (.*\t)? N= [^\t\n]* \. [^./\t\n]* \.
(exe|vbs|pif|scr|bat|cmd|com|cpl|dll) \.? (\t.*)? $'xmi,
qr'(?# BLOCK COMMON NAME EXENSIONS )
^ (.*\t)? N= [^\t\n]* \. (exe|vbs|pif|scr|bat|com|cpl) (\t.*)? $'xmi,
[ qr'(?# BLOCK EMPTY MIME PART APPLICATION/OCTET-STREAM )
^ (.*\t)? M=application/octet-stream \t(.*\t)* T=empty (\t.*)? $'xmi
=> 'DISCARD' ],
qr'(?# BLOCK Microsoft EXECUTABLES )
^ (.*\t)? T=exe-ms (\t.*)? $'xm, # banned file(1) type
);
$banned_namepath_re = undef; # to disable new-style
$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting
$localpart_is_case_sensitive = 0; # (default is false)
@score_sender_maps = ({ # a by-recipient hash lookup table
'.' => [ # the _first_ matching sender determines the score boost
new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
),
{ # a hash-type lookup table (associative array)
'nobody@cert.org' => -3.0,
'cert-advisory@us-cert.gov' => -3.0,
'owner-alert@iss.net' => -3.0,
'slashdot@slashdot.org' => -3.0,
'bugtraq@securityfocus.com' => -3.0,
'ntbugtraq@listserv.ntbugtraq.com' => -3.0,
'security-alerts@linuxsecurity.com' => -3.0,
'mailman-announce-admin@python.org' => -3.0,
'amavis-user-admin@lists.sourceforge.net'=> -3.0,
'notification-return@lists.sophos.com' => -3.0,
'owner-postfix-users@postfix.org' => -3.0,
'owner-postfix-announce@postfix.org' => -3.0,
'owner-sendmail-announce@lists.sendmail.org' => -3.0,
'sendmail-announce-request@lists.sendmail.org' => -3.0,
'donotreply@sendmail.org' => -3.0,
'ca+envelope@sendmail.org' => -3.0,
'noreply@freshmeat.net' => -3.0,
'owner-technews@postel.acm.org' => -3.0,
'ietf-123-owner@loki.ietf.org' => -3.0,
'cvs-commits-list-admin@gnome.org' => -3.0,
'rt-users-admin@lists.fsck.com' => -3.0,
'clp-request@comp.nus.edu.sg' => -3.0,
'surveys-errors@lists.nua.ie' => -3.0,
'emailnews@genomeweb.com' => -5.0,
'yahoo-dev-null@yahoo-inc.com' => -3.0,
'returns.groups.yahoo.com' => -3.0,
'clusternews@linuxnetworx.com' => -3.0,
lc('lvs-users-admin@LinuxVirtualServer.org') => -3.0,
lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
'sender@example.net' => 3.0,
'.example.net' => 1.0,
},
], # end of site-wide tables
});
@blacklist_sender_maps = ( new_RE(
qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
qr'^(investments|lose_weight_today|market\.alert|money2you|MyGreenCard)@'i,
qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,
qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,
));
$MAXLEVELS = 14; # (default is undef, no limit)
$MAXFILES = 1500; # (default is undef, no limit)
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$MIN_EXPANSION_FACTOR = 5; # times original mail size (default is 5)
$MAX_EXPANSION_FACTOR = 500; # times original mail size (default is 500)
$virus_check_negative_ttl= 3*60; # time to remember that mail was not infected
$virus_check_positive_ttl= 30*60; # time to remember that mail was infected
$spam_check_negative_ttl = 30*60; # time to remember that mail was not spam
$spam_check_positive_ttl = 30*60; # time to remember that mail was spam
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj']; # both can extract, arj is recommended
$unrar = ['rar', 'unrar']; # both can extract, same options
$zoo = 'zoo';
$lha = 'lha';
$cpio = ['gcpio','cpio']; # gcpio is a GNU cpio on OpenBSD, which supports
$ar = 'ar'; # Unix binary archives and Debian binary packages
$dspam = 'dspam';
$sa_local_tests_only = 0; # (default: false)
$sa_mail_body_size_limit = 2000*1024; # don't waste time on SA if mail is larger
$sa_tag_level_deflt = undef; # add spam info headers if at, or above that level;
$sa_tag2_level_deflt = 4.0; # add 'spam detected' headers at that level to
$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent,
$sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disabled)
$sa_spam_modifies_subj = 1; # in @sa_spam_modifies_subj_maps, default is true
$sa_spam_level_char = '*'; # char for X-Spam-Level bar, defaults to '*';
$sa_spam_report_header = 1; # insert X-Spam-Report header field? default false
@av_scanners = (
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
@av_scanners_backup = (
['ClamAV-clamscan', 'clamscan',
"--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
1; # insure a defined return
Tiskni
Sdílej: