steffen: server/kolabd/kolabd/doc README.amavisd,NONE,1.1

cvs at intevation.de cvs at intevation.de
Sat Apr 9 23:42:20 CEST 2005


Author: steffen

Update of /kolabrepository/server/kolabd/kolabd/doc
In directory doto:/tmp/cvs-serv23029/kolabd/doc

Added Files:
	README.amavisd 
Log Message:
a bit of explanation of the virus-filter setup

--- NEW FILE: README.amavisd ---
Virus- and spam-filter setup for Kolab
======================================

Last edited: $Id: README.amavisd,v 1.1 2005/04/09 21:42:18 steffen Exp $

Introduction
------------

The Kolab server uses amavisd[1] in conjunction with clamav[2] and
spamassassin[3] to filter email for spam and virus. The clamav and
spamassassin versions are unpatched, but amavisd requires the
amavisd.MYUSERS.patch found in the Kolab cvs[4] to work with
Kolab. The patch adds functionality to amavisd to allow for different
configurations for local and non-local users[5].

Goal
----

To have a virus-filter that, if a virus is found, notifies the sender
of the virus if and only if the sender is a local user. 

To prevent "backscatter" the Kolab server should never send such
notifications to non-local users. If a virus is blocked by the filter
and originates from a non-local user, a notification should be sent to
the local user who would have been the recipient of the email
containing the virus if it had not been infected.

Any infected email that is blocked from reaching it's recipient is
archived to @l_prefix@/var/amavisd/virusmails on the server.

Spam-handling is different: Spam is not blocked by the filter, but
instead email potentially is spam is marked with the

X-Spam-Status: Yes, <reason...>
X-Spam-Flag: YES

headers to allow for easy server- and/or client-side filtering of
spam.

Configuration
-------------

The relevant parts of the amavisd.conf.template that apply to all
users are:

$final_virus_destiny      = D_DISCARD;  # (defaults to D_BOUNCE)
$final_banned_destiny     = D_DISCARD;  # (defaults to D_BOUNCE)
$final_spam_destiny       = D_PASS;  # (defaults to D_REJECT)
$viruses_that_fake_sender_re = new_RE();
@viruses_that_fake_sender_maps = ();
$warnvirusrecip = 1;    # (defaults to false (undef))
$warnbannedrecip = 1;   # (defaults to false (undef))
$QUARANTINEDIR = '@l_prefix@/var/amavisd/virusmails';
$virus_quarantine_to  = 'virus-quarantine';
@mynetworks = qw( @@@postfix-mynetworks@@@ );

In addition to that, a policy bank is defined that overrides some of
the above configuration in the case where the sender is a a local user
who is using his legitimate address:

$policy_bank{'MYUSERS'} = {  # mail from authenticated users on this system
  # Bounce only to local users
  final_virus_destiny      => D_BOUNCE,
  final_banned_destiny     => D_BOUNCE,
  warnvirusrecip_maps => undef, # (defaults to false (undef))
  warnbannedrecip_maps => undef,# (defaults to false (undef))
  warnvirussender => 1,
  warnbannedsender => 1,
  mynetworks => qw(0.0.0.0/0),
};

So, in the default case, all virus mail is discarded from the mail
system (but still archived in the quarantine) and the recipient is
notified about the problem.

In the case where the sender is local, the recipient is not notified,
but instead the sender get a notification (a bounce with an
error-message) from the mail server.

Any local additions or changes to the configuration can of course also
make use of this destinction between local and non-local users by
adding to either the global part of the configuration and/or to the
MYUSERS policy bank.

Notes
-----

[1] http://www.ijs.si/software/amavisd/
[2] http://www.clamav.net/
[3] http://spamassassin.apache.org/
[4] See http://www.kolab.org/
[5] A "local user" is a user with an email-account on the kolab
server, a "non-local user" is everyone else.




More information about the commits mailing list