steffen: server/kolab/kolab amavisd.conf.template, 1.1, 1.2 clamav.conf.template, 1.1, 1.2
cvs at intevation.de
cvs at intevation.de
Mon Apr 26 14:49:36 CEST 2004
Author: steffen
Update of /kolabrepository/server/kolab/kolab
In directory doto:/tmp/cvs-serv25667/kolab/kolab
Modified Files:
amavisd.conf.template clamav.conf.template
Log Message:
updated to new amavis/clamav packages
Index: amavisd.conf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/amavisd.conf.template,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- amavisd.conf.template 31 Mar 2004 13:23:12 -0000 1.1
+++ amavisd.conf.template 26 Apr 2004 12:49:33 -0000 1.2
@@ -54,7 +54,7 @@
# $MYHOME serves as a quick default for some other configuration settings.
# More refined control is available with each individual setting further down.
# $MYHOME is not used directly by the program. No trailing slash!
-#$MYHOME = '/var/lib/amavis'; # (default is '@l_prefix@/var/amavisd')
+#$MYHOME = '/var/lib/amavis'; # (default is '@l_prefix@/var/amavis')
# $mydomain serves as a quick default for some other configuration settings.
# More refined control is available with each individual setting further down.
@@ -66,8 +66,8 @@
# Set the user and group to which the daemon will change if started as root
# (otherwise just keeps the UID unchanged, and these settings have no effect):
-$daemon_user = 'kolab-r'; # (no default; customary: vscan or amavis)
-$daemon_group = 'kolab-r'; # (no default; customary: vscan or amavis)
+$daemon_user = q{@l_rusr@}; # (no default; customary: vscan or amavis)
+$daemon_group = q{@l_rgrp@}; # (no default; customary: vscan or amavis)
# Runtime working directory (cwd), and a place where
# temporary directories for unpacking mail are created.
@@ -109,7 +109,7 @@
# just a thought: can we use use -Am instead of -odd ?
# SENDMAIL (old non-milter setup, as relay):
-#$forward_method = 'pipe:flags=q argv=/usr/sbin/sendmail-i -f ${sender} -- ${recipient}';
+#$forward_method = 'pipe:flags=q argv=/usr/sbin/sendmail -C/etc/sendmail.orig.cf -i -f ${sender} -- ${recipient}';
#$notify_method = $forward_method;
# SENDMAIL (old non-milter setup, amavis.c calls local delivery agent):
@@ -271,7 +271,7 @@
#$SYSLOG_LEVEL = 'user.info'; # (facility.priority, default 'mail.info')
# Log file (if not using syslog)
-$LOGFILE = "$MYHOME/amavisd.log"; # (defaults to empty, no log)
+$LOGFILE = "$MYHOME/amavis.log"; # (defaults to empty, no log)
#NOTE: levels are not strictly observed and are somewhat arbitrary
# 0: startup/exit/failure messages, viruses detected
@@ -387,7 +387,7 @@
$final_virus_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
-$final_spam_destiny = D_REJECT; # (defaults to D_REJECT)
+$final_spam_destiny = D_BOUNCE; # (defaults to D_REJECT)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
# Alternatives to consider for spam:
@@ -882,11 +882,12 @@
# (affects spam checking only, has no effect on virus and other checks)
# WHITELISTING: use ENVELOPE SENDER lookups to ENSURE DELIVERY from whitelisted
-# senders even if the message is recognized as spam. Effectively, for the
-# specified senders, message RECIPIENTS temporarily become 'spam_lovers', with
-# further processing being the same as otherwise specified for spam lovers.
-# It does not turn off inserting spam-related headers, if they are enabled.
-#
+# senders even if the message would be recognized as spam. Effectively, for
+# the specified senders, message recipients temporarily become 'spam_lovers'.
+# To avoid surprises, whitelisted sender also suppresses inserting/editing
+# the tag2-level header fields (X-Spam-*, Subject), appending spam address
+# extension, and quarantining.
+
# BLACKLISTING: messages from specified SENDERS are DECLARED SPAM.
# Effectively, for messages from blacklisted senders, spam level
# is artificially pushed high, and the normal spam processing applies,
@@ -897,9 +898,11 @@
# set of tests in this report header field (if available from SpamAssassin,
# which may have not been called) is not adjusted.
#
-# A sender may be both white- and blacklisted at the same time,
-# settings are independent. For example, being both white- and blacklisted,
-# message is delivered to recipients, but is tagged as spam.
+# A sender may be both white- and blacklisted at the same time, settings
+# are independent. For example, being both white- and blacklisted, message
+# is delivered to recipients, but is not tagged as spam (X-Spam-Flag: No;
+# X-Spam-Status: No, ...), but the reported spam level (if computed) may
+# still indicate high spam score.
#
# If ALL recipients of the message either white- or blacklist the sender,
# spam scanning (calling the SpamAssassin) is bypassed, saving on time.
@@ -1076,14 +1079,16 @@
$unrar = ['rar', 'unrar']; # both can extract, same options
$zoo = 'zoo';
$lha = 'lha';
-$cpio = 'cpio'; # comment out if cpio does not support GNU options
+$cpio = ['gcpio','cpio']; # gcpio is a GNU cpio on OpenBSD, which supports
+ # the options needed; the rest of us use cpio
# SpamAssassin settings
# $sa_local_tests_only is passed to Mail::SpamAssassin::new as a value
# of the option local_tests_only. See Mail::SpamAssassin man page.
-# If set to 1, no tests that require internet access will be performed.
+# If set to 1, SA tests are restricted to local tests only, i.e. no tests
+# that require internet access will be performed.
#
$sa_local_tests_only = 1; # (default: false)
#$sa_auto_whitelist = 1; # turn on AWL (default: false)
@@ -1115,10 +1120,10 @@
# tag2_level controls adding 'X-Spam-Flag: YES', and editing Subject,
# kill_level controls 'evasive actions' (reject, quarantine, extensions);
# it only makes sense to maintain the relationship:
-# tag_level <= tag2_level <= kill_level
+# tag_level <= tag2_level <= kill_level < $sa_dsn_cutoff_level
# string to prepend to Subject header field when message exceeds tag2 level
-#$sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disables)
+#$sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disabled)
# (only seen when spam is not to be rejected
# and recipient is in local_domains*)
@@ -1232,13 +1237,14 @@
# qr/(?i)<name>(.+)<\/name>/ ],
['KasperskyLab AVP - aveclient',
- ['/usr/local/share/kav/bin/aveclient','/opt/kav/bin/aveclient','aveclient'],
- '-p /var/run/aveserver -s {}/*', [0,3,6,8], qr/\bINFECTED\b/,
- qr/INFECTED (.+)/,
+ ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
+ '/opt/kav/bin/aveclient','aveclient'],
+ '-p /var/run/aveserver -s {}/*', [0,3,6,8], qr/\b(INFECTED|SUSPICION)\b/,
+ qr/(?:INFECTED|SUSPICION) (.+)/,
],
['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
- '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ?
+ '-* -P -B -Y -O- {}', [0,8,16,24], [2,3,4,5,6, 18,19,20,21,22],
qr/infected: (.+)/,
sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
@@ -1251,14 +1257,15 @@
'/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
'/opt/AVP/AvpTeamDream', 'AvpTeamDream',
'/opt/AVP/avpdc', 'avpdc' ],
- "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/ ],
+ "-f=$TEMPBASE {}", [0,8,16,24], [2,3,4,5,6, 18,19,20,21,22],
+ qr/infected: ([^\r\n]+)/ ],
# change the startup-script in /etc/init.d/kavd to:
- # DPARMS="-* -Y -dl -f=@l_prefix@/var/amavisd @l_prefix@/var/amavisd"
- # (or perhaps: DPARMS="-I0 -Y -* @l_prefix@/var/amavisd" )
- # adjusting @l_prefix@/var/amavisd above to match your $TEMPBASE.
- # The '-f=@l_prefix@/var/amavisd' is needed if not running it as root, so it
+ # DPARMS="-* -Y -dl -f=@l_prefix@/var/amavis @l_prefix@/var/amavis"
+ # (or perhaps: DPARMS="-I0 -Y -* @l_prefix@/var/amavis" )
+ # adjusting @l_prefix@/var/amavis above to match your $TEMPBASE.
+ # The '-f=@l_prefix@/var/amavis' is needed if not running it as root, so it
# can find, read, and write its pid file, etc., see 'man kavdaemon'.
- # defUnix.prf: there must be an entry "*@l_prefix@/var/amavisd" (or whatever
+ # defUnix.prf: there must be an entry "*@l_prefix@/var/amavis" (or whatever
# directory $TEMPBASE specifies) in the 'Names=' section.
# cd /opt/AVP/DaemonClients; configure; cd Sample; make
# cp AvpDaemonClient /opt/AVP/
@@ -1291,30 +1298,33 @@
qr/^(?:Info|Virus Name):\s+(.+)/ ],
# NOTE: check options and patterns to see which entry better applies
- ### http://drweb.imshop.de/
+ ### http://www.sald.com/, http://drweb.imshop.de/
['drweb - DrWeb Antivirus',
['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'],
'-path={} -al -go -ot -cn -upn -ok-',
[0,32], [1,33], qr' infected (?:with|by)(?: virus)? (.*)$'],
-# NOTE: no longer compatible with DrWebD since 4.31
-# ['Dr.Web Daemon', \&ask_daemon,
-# [pack('N',1). # DRWEBD_SCAN_CMD - 1
-# pack('N',1). # DRWEBD_RETURN_VIRUSES
+# ### http://www.sald.com/, http://www.dials.ru/english/, http://www.drweb.ru/
+# ['DrWebD', \&ask_daemon, # DrWebD 4.31 or later
+# [pack('N',1). # DRWEBD_SCAN_CMD
+# pack('N',0x00280001). # DONT_CHANGEMAIL, IS_MAIL, RETURN_VIRUSES
# pack('N', # path length
# length("$TEMPBASE/amavis-yyyymmddTHHMMSS-xxxxx/parts/part-xxxxx")).
# '{}/*'. # path
-# pack('N',0) . pack('N',0),
-# '/usr/local/drweb/run/drwebd.sock'], # or e.g. /var/drweb/run/drwebd.sock
-# qr/^\x00(\x00|\x01)\x00\x00/,
-# qr/^\x00(\x00|\x01)\x00(\x20|\x40|\x80)/,
-# qr/infected with ([^\x00]+)\x00\z/
+# pack('N',0). # content size
+# pack('N',0),
+# '/var/drweb/run/drwebd.sock'], # or '127.0.0.1:3000'
+# qr/\A\x00(\x10|\x11)\x00\x00/s, # IS_CLEAN, EVAL_KEY
+# qr/\A\x00(\x00|\x01)\x00(\x20|\x40|\x80)/s, # KNOWN_V, UNKNOWN_V, V._MODIF
+# qr/\A.{12}(?:infected with )?([^\x00]+)\x00/s,
# ],
+# # NOTE: If you are using amavis-milter, change length to:
+# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/part-xxxxx").
### http://www.f-secure.com/products/anti-virus/
['F-Secure Antivirus', 'fsav',
- '--dumb --archive {}', [0], [3,8],
- qr/(?:infection|Infected): (.+)/ ],
+ '--dumb --mime --archive {}', [0], [3,8],
+ qr/(?:infection|Infected|Suspected): (.+)/ ],
['CAI InoculateIT', 'inocucmd',
'-sec -nex {}', [0], [100],
@@ -1400,9 +1410,9 @@
### http://www.bitdefender.com/
['BitDefender', 'bdc',
- '--all --arc {}', qr/^Infected files *:0(?!\d)/,
+ '--all --arc --mail {}', qr/^Infected files *:0(?!\d)/,
qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
- qr/(?:suspected|infected): (.*)\033/ ],
+ qr/(?:suspected|infected): (.*)$/ ],
);
@@ -1418,7 +1428,7 @@
### http://www.clamav.net/
['Clam Antivirus - @l_prefix@/bin/clamscan', '@l_prefix@/bin/clamscan',
- '--stdout --disable-summary -r {}', [0], [1],
+ '--stdout --no-summary -r {}', [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
### http://www.f-prot.com/
@@ -1463,7 +1473,8 @@
# Some more refined approaches:
-# If sender matches ACL, turn debugging fully up, just for this one message
+# If sender matches ACL, turn log level fully up, just for this one message,
+# and preserve temporary directory
#@debug_sender_acl = ( "test-sender\@$mydomain" );
#@debug_sender_acl = qw( debug at example.com );
Index: clamav.conf.template
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/clamav.conf.template,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- clamav.conf.template 31 Mar 2004 13:23:12 -0000 1.1
+++ clamav.conf.template 26 Apr 2004 12:49:33 -0000 1.2
@@ -91,10 +91,9 @@
# You may need to increase threads number for a server machine.
#MaxThreads 10
-# Thread (scanner - single task) will be stopped after this time (seconds).
-# Default is 180. Value of 0 disables the timeout. SECURITY HINT: Increase the
-# timeout instead of disabling it.
-#ThreadTimeout 500
+# Waiting for data from a client socket will timeout after this time (seconds).
+# Default is 120. Value of 0 disables the timeout.
+#ReadTimeout 300
# Maximal depth the directories are scanned at.
MaxDirectoryRecursion 15
@@ -111,8 +110,8 @@
# By default clamd checks itself every 3600 seconds (1 hour).
#SelfCheck 600
-# Execute a command when virus is found. In the command string %v and %f will
-# be replaced by the virus name and the infected file name respectively.
+# Execute a command when a virus is found. In the command string %v will
+# be replaced by the virus name.
#
# SECURITY WARNING: Make sure the virus event command cannot be exploited,
# eg. by using some special file name when %f is used.
@@ -135,6 +134,13 @@
#Debug
##
+## Document scanning
+##
+
+# This option enables scanning of Microsoft Office document macros.
+ScanOLE2
+
+##
## Mail support
##
@@ -182,6 +188,10 @@
# affects bzip2 decompressor only.
#ArchiveLimitMemoryUsage
+# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
+#ArchiveBlockEncrypted
+
+
##
## Clamuko settings
## WARNING: This is experimental software. It is very likely it will hang
@@ -189,7 +199,7 @@
##
# Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.
-#ClamukoScanOnLine
+#ClamukoScanOnAccess
# Set access mask for Clamuko.
ClamukoScanOnOpen
More information about the commits
mailing list