maybe chmod 0644 'aliases.db'
maybe chmod 0755 'alternatives'
maybe chmod 0644 'alternatives/README'
+maybe chmod 0755 'amavis'
+maybe chmod 0644 'amavis/README.l10n'
+maybe chmod 0755 'amavis/conf.d'
+maybe chmod 0644 'amavis/conf.d/01-debian'
+maybe chmod 0644 'amavis/conf.d/05-domain_id'
+maybe chmod 0644 'amavis/conf.d/05-node_id'
+maybe chmod 0644 'amavis/conf.d/15-av_scanners'
+maybe chmod 0644 'amavis/conf.d/15-content_filter_mode'
+maybe chmod 0644 'amavis/conf.d/20-debian_defaults'
+maybe chmod 0644 'amavis/conf.d/21-ubuntu_defaults'
+maybe chmod 0644 'amavis/conf.d/25-amavis_helpers'
+maybe chmod 0644 'amavis/conf.d/30-template_localization'
+maybe chmod 0644 'amavis/conf.d/40-policy_banks'
+maybe chmod 0644 'amavis/conf.d/50-user'
+maybe chmod 0755 'amavis/en_US'
+maybe chmod 0644 'amavis/en_US/charset'
+maybe chmod 0644 'amavis/en_US/template-auto-response.txt'
+maybe chmod 0644 'amavis/en_US/template-dsn.txt'
+maybe chmod 0644 'amavis/en_US/template-problem-feedback.txt'
+maybe chmod 0644 'amavis/en_US/template-release-quarantine.txt'
+maybe chmod 0644 'amavis/en_US/template-spam-admin.txt'
+maybe chmod 0644 'amavis/en_US/template-spam-sender.txt'
+maybe chmod 0644 'amavis/en_US/template-virus-admin.txt'
+maybe chmod 0644 'amavis/en_US/template-virus-recipient.txt'
+maybe chmod 0644 'amavis/en_US/template-virus-sender.txt'
maybe chmod 0755 'apache2'
maybe chmod 0644 'apache2/apache2.conf'
maybe chmod 0755 'apache2/conf-available'
maybe chmod 0644 'console-setup/vtrgb.vga'
maybe chmod 0755 'cron.d'
maybe chmod 0644 'cron.d/.placeholder'
+maybe chmod 0644 'cron.d/amavisd-new'
maybe chmod 0644 'cron.d/certbot'
maybe chmod 0644 'cron.d/loolwsd'
maybe chmod 0644 'cron.d/php'
maybe chmod 0644 'debian_version'
maybe chmod 0755 'default'
maybe chmod 0644 'default/acpid'
+maybe chmod 0644 'default/amavis-mc'
+maybe chmod 0644 'default/amavisd-snmp-subagent'
maybe chmod 0644 'default/amd64-microcode'
maybe chmod 0644 'default/apache-htcacheclean'
maybe chmod 0644 'default/bsdmainutils'
maybe chmod 0755 'init'
maybe chmod 0755 'init.d'
maybe chmod 0755 'init.d/acpid'
+maybe chmod 0755 'init.d/amavis'
+maybe chmod 0755 'init.d/amavis-mc'
+maybe chmod 0755 'init.d/amavisd-snmp-subagent'
maybe chmod 0755 'init.d/apache-htcacheclean'
maybe chmod 0755 'init.d/apache2'
maybe chmod 0755 'init.d/apparmor'
maybe chmod 0644 'ld.so.conf.d/x86_64-linux-gnu.conf'
maybe chmod 0755 'ldap'
maybe chmod 0644 'ldap/ldap.conf'
+maybe chmod 0755 'ldap/schema'
+maybe chmod 0644 'ldap/schema/amavis.schema'
maybe chmod 0644 'legal'
maybe chmod 0755 'letsencrypt'
maybe chmod 0700 'letsencrypt/accounts'
maybe chmod 0644 'skel/.bash_logout'
maybe chmod 0644 'skel/.bashrc'
maybe chmod 0644 'skel/.profile'
+maybe chmod 0755 'spamassassin'
+maybe chmod 0755 'spamassassin/sa-update-hooks.d'
+maybe chmod 0755 'spamassassin/sa-update-hooks.d/amavisd-new'
maybe chmod 0755 'ssh'
maybe chmod 0644 'ssh/moduli'
maybe chmod 0644 'ssh/ssh_config'
--- /dev/null
+$Id: README.l10n 742 2005-12-26 17:15:22Z hmh $
+
+First of all, read /usr/share/doc/amavisd-new/README.customize.gz
+
+Amavisd-new is UTF8-aware, and it will do character-set conversion when dealing
+with DSN templates. The full unicode codespace is available, if used with the
+proper encodings... and you have to use the proper encodings if you don't want
+your DSNs to be flagged as more charset-challenged SPAM by other systems.
+
+ALWAYS respect the charset when adding l10n files.
+
+Amavisd-new does charset conversion twice: one when reading the text files with
+localized templates (to internal perl UTF8), and another when writing the email
+notification (from internal perl UTF8 to $hdr_encoding and $bdy_encoding).
+
+Headers will be RFC2047-encoded if they have any codepoints not allowed by
+RFC2822 after the charset conversions. The body text charset encoding is
+inserted in the proper MIME header.
+
+More details are available in /usr/share/doc/amavisd-new/RELEASE_NOTES.gz
+
--- /dev/null
+use strict;
+
+# ADMINISTRATORS:
+# Debian suggests that any changes you need to do that should never
+# be "updated" by the Debian package should be made in another file,
+# overriding the settings in this file.
+#
+# The package will *not* overwrite your settings, but by keeping
+# them separate, you will make the task of merging changes on these
+# configuration files much simpler...
+
+# see /usr/share/doc/amavisd-new/examples/amavisd.conf-default for
+# a list of all variables with their defaults;
+# see /usr/share/doc/amavisd-new/examples/amavisd.conf-sample for
+# a traditional-style commented file
+# [note: the above files were not converted to Debian settings!]
+#
+# for more details see documentation in /usr/share/doc/amavisd-new
+# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html
+
+
+# SETTINGS RARELY MODIFIED BY THE LOCAL ADMIN
+
+$ENV{PATH} = $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
+$file = 'file';
+$gzip = 'gzip';
+$bzip2 = 'bzip2';
+$lzop = 'lzop';
+$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
+$cabextract = 'cabextract';
+$uncompress = ['uncompress', 'gzip -d', 'zcat'];
+#$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat']; #disabled (non-free, no security support)
+$unfreeze = undef;
+$arc = ['nomarch', 'arc'];
+$unarj = ['arj', 'unarj'];
+#$unrar = ['rar', 'unrar']; #disabled (non-free, no security support)
+$unrar = ['unrar-free'];
+$zoo = 'zoo';
+$lha = 'lha';
+$lha = undef;
+$pax = 'pax';
+$cpio = 'cpio';
+$ar = 'ar';
+$ripole = 'ripole';
+$dspam = 'dspam';
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# $mydomain is used just for convenience in the config files and it is not
+# used internally by amavisd-new except in the default X_HEADER_LINE (which
+# Debian overrides by default anyway).
+
+chomp($mydomain = `head -n 1 /etc/mailname`);
+
+# amavisd-new needs to know which email domains are to be considered local
+# to the administrative domain. Only emails to "local" domains are subject
+# to certain functionality, such as the addition of spam tags.
+#
+# Default local domains to $mydomain and all subdomains. Remember to
+# override or redefine this if $mydomain is changed later in the config
+# sequence.
+
+@local_domains_acl = ( ".$mydomain" );
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# $myhostname is used by amavisd-new for node identification, and it is
+# important to get it right (e.g. for ESMTP EHLO, loop detection, and so on).
+
+chomp($myhostname = `hostname --fqdn`);
+
+# To manually set $myhostname, edit the following line with the correct Fully
+# Qualified Domain Name (FQDN) and remove the # at the beginning of the line.
+#
+#$myhostname = "mail.example.com";
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+##
+## AV Scanners (Debian version)
+##
+
+@av_scanners = (
+
+# ### http://www.clanfield.info/sophie/ (http://www.vanja.com/tools/sophie/)
+# ['Sophie',
+# \&ask_daemon, ["{}/\n", '/var/run/sophie'],
+# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m,
+# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ],
+
+# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/
+# ['Sophos SAVI', \&sophos_savi ],
+
+### http://www.clamav.net/
+ ['ClamAV-clamd',
+ \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
+ qr/\bOK$/m, qr/\bFOUND$/m,
+ qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
+# NOTE: run clamd under the same user as amavisd, or run it under its own
+# uid such as clamav, add user clamav to the amavis group, and then add
+# AllowSupplementaryGroups to clamd.conf;
+# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
+# this entry; when running chrooted one may prefer socket "$MYHOME/clamd".
+
+# ### http://www.openantivirus.org/
+# ['OpenAntiVirus ScannerDaemon (OAV)',
+# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'],
+# qr/^OK/m, qr/^FOUND: /m, qr/^FOUND: (.+)/m ],
+
+# ### http://www.vanja.com/tools/trophie/
+# ['Trophie',
+# \&ask_daemon, ["{}/\n", '/var/run/trophie'],
+# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m,
+# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ],
+
+# ### http://www.grisoft.com/
+# ['AVG Anti-Virus',
+# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:55555'],
+# qr/^200/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ],
+
+# ### http://www.f-prot.com/
+# ['F-Prot fpscand', # F-PROT Antivirus for BSD/Linux/Solaris, version 6
+# \&ask_daemon,
+# ["SCAN FILE {}/*\n", '127.0.0.1:10200'],
+# qr/^(0|8|64) /m,
+# qr/^([1235679]|1[01345]) |<[^>:]*(?i)(infected|suspicious|unwanted)/m,
+# qr/(?i)<[^>:]*(?:infected|suspicious|unwanted)[^>:]*: ([^>]*)>/m ],
+
+# ### http://www.f-prot.com/
+# ['F-Prot f-protd', # old version
+# \&ask_daemon,
+# ["GET {}/*?-dumb%20-archive%20-packed HTTP/1.0\r\n\r\n",
+# ['127.0.0.1:10200', '127.0.0.1:10201', '127.0.0.1:10202',
+# '127.0.0.1:10203', '127.0.0.1:10204'] ],
+# qr/(?i)<summary[^>]*>clean<\/summary>/m,
+# qr/(?i)<summary[^>]*>infected<\/summary>/m,
+# qr/(?i)<name>(.+)<\/name>/m ],
+
+# ### http://www.sald.com/, http://www.dials.ru/english/, http://www.drweb.ru/
+# ['DrWebD', \&ask_daemon, # DrWebD 4.31 or later
+# [pack('N',1). # DRWEBD_SCAN_CMD
+# pack('N',0x00280001). # DONT_CHANGEMAIL, IS_MAIL, RETURN_VIRUSES
+# pack('N', # path length
+# length("$TEMPBASE/amavis-yyyymmddTHHMMSS-xxxxx/parts/pxxx")).
+# '{}/*'. # path
+# pack('N',0). # content size
+# pack('N',0),
+# '/var/drweb/run/drwebd.sock',
+# # '/var/amavis/var/run/drwebd.sock', # suitable for chroot
+# # '/usr/local/drweb/run/drwebd.sock', # FreeBSD drweb ports default
+# # '127.0.0.1:3000', # or over an inet socket
+# ],
+# qr/\A\x00[\x10\x11][\x00\x10]\x00/sm, # IS_CLEAN,EVAL_KEY; SKIPPED
+# qr/\A\x00[\x00\x01][\x00\x10][\x20\x40\x80]/sm,# KNOWN_V,UNKNOWN_V,V._MODIF
+# qr/\A.{12}(?:infected with )?([^\x00]+)\x00/sm,
+# ],
+# # NOTE: If using amavis-milter, change length to:
+# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx").
+
+ ### http://www.kaspersky.com/ (kav4mailservers)
+ ['KasperskyLab AVP - aveclient',
+ ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
+ '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'],
+ '-p /var/run/aveserver -s {}/*',
+ [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m,
+ qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m,
+ ],
+ # NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious,
+ # currupted or protected archives are to be handled
+
+ ### http://www.kaspersky.com/
+ ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
+ '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ?
+ qr/infected: (.+)/m,
+ sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
+ sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
+ ],
+
+ ### The kavdaemon and AVPDaemonClient have been removed from Kasperky
+ ### products and replaced by aveserver and aveclient
+ ['KasperskyLab AVPDaemonClient',
+ [ '/opt/AVP/kavdaemon', 'kavdaemon',
+ '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
+ '/opt/AVP/AvpTeamDream', 'AvpTeamDream',
+ '/opt/AVP/avpdc', 'avpdc' ],
+ "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ],
+ # change the startup-script in /etc/init.d/kavd to:
+ # DPARMS="-* -Y -dl -f=/var/amavis /var/amavis"
+ # (or perhaps: DPARMS="-I0 -Y -* /var/amavis" )
+ # adjusting /var/amavis above to match your $TEMPBASE.
+ # The '-f=/var/amavis' is needed if not running it as root, so it
+ # can find, read, and write its pid file, etc., see 'man kavdaemon'.
+ # defUnix.prf: there must be an entry "*/var/amavis" (or whatever
+ # directory $TEMPBASE specifies) in the 'Names=' section.
+ # cd /opt/AVP/DaemonClients; configure; cd Sample; make
+ # cp AvpDaemonClient /opt/AVP/
+ # su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}"
+
+ ### http://www.centralcommand.com/
+ ['CentralCommand Vexira (new) vascan',
+ ['vascan','/usr/lib/Vexira/vascan'],
+ "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".
+ "--log=/var/log/vascan.log {}",
+ [0,3], [1,2,5],
+ qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ],
+ # Adjust the path of the binary and the virus database as needed.
+ # 'vascan' does not allow to have the temp directory to be the same as
+ # the quarantine directory, and the quarantine option can not be disabled.
+ # If $QUARANTINEDIR is not used, then another directory must be specified
+ # to appease 'vascan'. Move status 3 to the second list if password
+ # protected files are to be considered infected.
+
+ ### http://www.avira.com/
+ ### Avira AntiVir (formerly H+BEDV) or (old) CentralCommand Vexira Antivirus
+ ['Avira AntiVir', ['antivir','vexira'],
+ '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m,
+ qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
+ (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ],
+ # NOTE: if you only have a demo version, remove -z and add 214, as in:
+ # '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/,
+
+ ### http://www.commandsoftware.com/
+ ['Command AntiVirus for Linux', 'csav',
+ '-all -archive -packed {}', [50], [51,52,53],
+ qr/Infection: (.+)/m ],
+
+ ### http://www.symantec.com/
+ ['Symantec CarrierScan via Symantec CommandLineScanner',
+ 'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
+ qr/^Files Infected:\s+0$/m, qr/^Infected\b/m,
+ qr/^(?:Info|Virus Name):\s+(.+)/m ],
+
+ ### http://www.symantec.com/
+ ['Symantec AntiVirus Scan Engine',
+ 'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
+ [0], qr/^Infected\b/m,
+ qr/^(?:Info|Virus Name):\s+(.+)/m ],
+ # NOTE: check options and patterns to see which entry better applies
+
+# ### http://www.f-secure.com/products/anti-virus/ version 4.65
+# ['F-Secure Antivirus for Linux servers',
+# ['/opt/f-secure/fsav/bin/fsav', 'fsav'],
+# '--delete=no --disinf=no --rename=no --archive=yes --auto=yes '.
+# '--dumb=yes --list=no --mime=yes {}', [0], [3,6,8],
+# qr/(?:infection|Infected|Suspected): (.+)/m ],
+
+ ### http://www.f-secure.com/products/anti-virus/ version 5.52
+ ['F-Secure Antivirus for Linux servers',
+ ['/opt/f-secure/fsav/bin/fsav', 'fsav'],
+ '--virus-action1=report --archive=yes --auto=yes '.
+ '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8],
+ qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ],
+ # NOTE: internal archive handling may be switched off by '--archive=no'
+ # to prevent fsav from exiting with status 9 on broken archives
+
+# ### http://www.avast.com/
+# ['avast! Antivirus daemon',
+# \&ask_daemon, # greets with 220, terminate with QUIT
+# ["SCAN {}\015\012QUIT\015\012", '/var/run/avast4/mailscanner.sock'],
+# qr/\t\[\+\]/m, qr/\t\[L\]\t/m, qr/\t\[L\]\t([^[ \t\015\012]+)/m ],
+
+# ### http://www.avast.com/
+# ['avast! Antivirus - Client/Server Version', 'avastlite',
+# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1],
+# qr/\t\[L\]\t([^[ \t\015\012]+)/m ],
+
+ ['CAI InoculateIT', 'inocucmd', # retired product
+ '-sec -nex {}', [0], [100],
+ qr/was infected by virus (.+)/m ],
+ # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html
+
+ ### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT)
+ ['CAI eTrust Antivirus', 'etrust-wrapper',
+ '-arc -nex -spm h {}', [0], [101],
+ qr/is infected by virus: (.+)/m ],
+ # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer
+ # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783
+
+ ### http://mks.com.pl/english.html
+ ['MkS_Vir for Linux (beta)', ['mks32','mks'],
+ '-s {}/*', [0], [1,2],
+ qr/--[ \t]*(.+)/m ],
+
+ ### http://mks.com.pl/english.html
+ ['MkS_Vir daemon', 'mksscan',
+ '-s -q {}', [0], [1..7],
+ qr/^... (\S+)/m ],
+
+# ### http://www.nod32.com/, version v2.52 (old)
+# ['ESET NOD32 for Linux Mail servers',
+# ['/opt/eset/nod32/bin/nod32cli', 'nod32cli'],
+# '--subdir --files -z --sfx --rtp --adware --unsafe --pattern --heur '.
+# '-w -a --action-on-infected=accept --action-on-uncleanable=accept '.
+# '--action-on-notscanned=accept {}',
+# [0,3], [1,2], qr/virus="([^"]+)"/m ],
+
+# ### http://www.eset.com/, version v2.7 (old)
+# ['ESET NOD32 Linux Mail Server - command line interface',
+# ['/usr/bin/nod32cli', '/opt/eset/nod32/bin/nod32cli', 'nod32cli'],
+# '--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/m ],
+
+# ### http://www.eset.com/, version 2.71.12
+# ['ESET Software ESETS Command Line Interface',
+# ['/usr/bin/esets_cli', 'esets_cli'],
+# '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ],
+
+ ### http://www.eset.com/, version 3.0
+ ['ESET Software ESETS Command Line Interface',
+ ['/usr/bin/esets_cli', 'esets_cli'],
+ '--subdir {}', [0], [2,3],
+ qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ],
+
+ ## http://www.nod32.com/, NOD32LFS version 2.5 and above
+ ['ESET NOD32 for Linux File servers',
+ ['/opt/eset/nod32/sbin/nod32','nod32'],
+ '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '.
+ '-w -a --action=1 -b {}',
+ [0], [1,10], qr/^object=.*, virus="(.*?)",/m ],
+
+# Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31
+# ['ESET Software NOD32 Client/Server (NOD32SS)',
+# \&ask_daemon2, # greets with 200, persistent, terminate with QUIT
+# ["SCAN {}/*\r\n", '127.0.0.1:8448' ],
+# qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ],
+
+# Disabled as it conflicts with packaged /usr/bin/nvcc of "nvidia-cuda-toolkit"
+# (LP: 1582318)
+# ### http://www.norman.com/products_nvc.shtml
+# ['Norman Virus Control v5 / Linux', 'nvcc',
+# '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
+# qr/(?i).* virus in .* -> \'(.+)\'/m ],
+
+ ### http://www.pandasoftware.com/
+ ['Panda CommandLineSecure 9 for Linux',
+ ['/opt/pavcl/usr/bin/pavcl','pavcl'],
+ '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}',
+ qr/Number of files infected[ .]*: 0+(?!\d)/m,
+ qr/Number of files infected[ .]*: 0*[1-9]/m,
+ qr/Found virus :\s*(\S+)/m ],
+ # NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr'
+ # before starting amavisd - the bases are then loaded only once at startup.
+ # To reload bases in a signature update script:
+ # /opt/pavcl/usr/bin/pavcl -tsr -ulr; /opt/pavcl/usr/bin/pavcl -tsr
+ # Please review other options of pavcl, for example:
+ # -nomalw, -nojoke, -nodial, -nohackt, -nospyw, -nocookies
+
+# ### http://www.pandasoftware.com/
+# ['Panda Antivirus for Linux', ['pavcl'],
+# '-TSR -aut -aex -heu -cmp -nbr -nor -nso -eng {}',
+# [0], [0x10, 0x30, 0x50, 0x70, 0x90, 0xB0, 0xD0, 0xF0],
+# qr/Found virus :\s*(\S+)/m ],
+
+# GeCAD AV technology is acquired by Microsoft; RAV has been discontinued.
+# Check your RAV license terms before fiddling with the following two lines!
+# ['GeCAD RAV AntiVirus 8', 'ravav',
+# '--all --archive --mail {}', [1], [2,3,4,5], qr/Infected: (.+)/m ],
+# # NOTE: the command line switches changed with scan engine 8.5 !
+# # (btw, assigning stdin to /dev/null causes RAV to fail)
+
+ ### http://www.nai.com/
+ ['NAI McAfee AntiVirus (uvscan)', 'uvscan',
+ '--secure -rv --mime --summary --noboot - {}', [0], [13],
+ qr/(?x) Found (?:
+ \ the\ (.+)\ (?:virus|trojan) |
+ \ (?:virus|trojan)\ or\ variant\ ([^ ]+) |
+ :\ (.+)\ NOT\ a\ virus)/m,
+ # sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'},
+ # sub {delete $ENV{LD_PRELOAD}},
+ ],
+ # NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before
+ # anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6
+ # and then clear it when finished to avoid confusing anything else.
+ # NOTE2: to treat encrypted files as viruses replace the [13] with:
+ # qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/
+
+ ### http://www.virusbuster.hu/en/
+ ['VirusBuster', ['vbuster', 'vbengcl'],
+ "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
+ qr/: '(.*)' - Virus/m ],
+ # VirusBuster Ltd. does not support the daemon version for the workstation
+ # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of
+ # binaries, some parameters AND return codes have changed (from 3 to 1).
+ # See also the new Vexira entry 'vascan' which is possibly related.
+
+# ### http://www.virusbuster.hu/en/
+# ['VirusBuster (Client + Daemon)', 'vbengd',
+# '-f -log scandir {}', [0], [3],
+# qr/Virus found = (.*);/m ],
+# # HINT: for an infected file it always returns 3,
+# # although the man-page tells a different story
+
+ ### http://www.cyber.com/
+ ['CyberSoft VFind', 'vfind',
+ '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m,
+ # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'},
+ ],
+
+ ### http://www.avast.com/
+ ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
+ '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ],
+
+ ### http://www.ikarus-software.com/
+ ['Ikarus AntiVirus for Linux', 'ikarus',
+ '{}', [0], [40], qr/Signature (.+) found/m ],
+
+ ### http://www.bitdefender.com/
+ ['BitDefender', 'bdscan', # new version
+ '--action=ignore --no-list {}', qr/^Infected files *:0+(?!\d)/m,
+ qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m,
+ qr/(?:suspected|infected): (.*)(?:\033|$)/m ],
+
+ ### http://www.bitdefender.com/
+ ['BitDefender', 'bdc', # old version
+ '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m,
+ qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m,
+ qr/(?:suspected|infected): (.*)(?:\033|$)/m ],
+ # consider also: --all --nowarn --alev=15 --flev=15. The --all argument may
+ # not apply to your version of bdc, check documentation and see 'bdc --help'
+
+ ### ArcaVir for Linux and Unix http://www.arcabit.pl/
+ ['ArcaVir for Linux', ['arcacmd','arcacmd.static'],
+ '-v 1 -summary 0 -s {}', [0], [1,2],
+ qr/(?:VIR|WIR):[ \t]*(.+)/m ],
+
+# ['File::Scan', sub {Amavis::AV::ask_av(sub{
+# use File::Scan; my($fn)=@_;
+# my($f)=File::Scan->new(max_txt_size=>0, max_bin_size=>0);
+# my($vname) = $f->scan($fn);
+# $f->error ? (2,"Error: ".$f->error)
+# : ($vname ne '') ? (1,"$vname FOUND") : (0,"Clean")}, @_) },
+# ["{}/*"], [0], [1], qr/^(.*) FOUND$/m ],
+
+# ### fully-fledged checker for JPEG marker segments of invalid length
+# ['check-jpeg',
+# sub { use JpegTester (); Amavis::AV::ask_av(\&JpegTester::test_jpeg, @_) },
+# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ],
+# # NOTE: place file JpegTester.pm somewhere where Perl can find it,
+# # for example in /usr/local/lib/perl5/site_perl
+
+# ### example: simpleminded checker for JPEG marker segments with
+# ### invalid length (only checks first 32k, which is not thorough enough)
+# ['check-jpeg-simple',
+# sub { Amavis::AV::ask_av(sub {
+# my($f)=@_; local(*FF,$_,$1,$2); my(@r)=(0,'not jpeg');
+# open(FF,$f) or die "jpeg: open err $f: $!";
+# binmode(FF) or die "jpeg: binmode err $f: $!";
+# defined read(FF,$_,32000) or die "jpeg: read err $f: $!";
+# close(FF) or die "jpeg: close err $f: $!";
+# if (/^\xff\xd8\xff/) {
+# @r=(0,'jpeg ok');
+# while (!/\G(?:\xff\xd9|\z)/gc) { # EOI or eof
+# if (/\G\xff+(?=\xff|\z)/gc) {} # fill-bytes before marker
+# elsif (/\G\xff([\x01\xd0-\xd8])/gc) {} # TEM, RSTi, SOI
+# elsif (/\G\xff([^\x00\xff])(..)/gcs) { # marker segment start
+# my($n)=unpack("n",$2)-2;
+# $n=32766 if $n>32766; # Perl regexp limit
+# if ($n<0) {@r=(1,"bad jpeg: len=$n, pos=".pos); last}
+# elsif (/\G.{$n}/gcs) {} # ok
+# elsif (/\G.{0,$n}\z/gcs) {last} # truncated
+# else {@r=(1,"bad jpeg: unexpected, pos=".pos); last}
+# }
+# elsif (/\G[^\xff]+/gc) {} # ECS
+# elsif (/\G(?:\xff\x00)+/gc) {} # ECS
+# else {@r=(2,"bad jpeg: unexpected char, pos=".pos); last}
+# }
+# }; @r}, @_) },
+# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ],
+
+# ### an example/testing/template virus scanner (external), wastes 3 seconds
+# ['wasteful sleeper example',
+# '/bin/sleep', '3', # calls external program
+# undef, undef, qr/no such/m ],
+
+# ### an example/testing/template virus scanner (internal), does nothing
+# ['null',
+# sub {}, ["{}"], # supplies its own subroutine, no external program
+# undef, undef, qr/no such/m ],
+
+);
+
+
+# If no virus scanners from the @av_scanners list produce 'clean' nor
+# 'infected' status (i.e. they all fail to run or the list is empty),
+# then _all_ scanners from the @av_scanners_backup list are tried
+# (again, subject to $first_infected_stops_scan). When there are both
+# daemonized and equivalent or similar command-line scanners available,
+# it is customary to place slower command-line scanners in the
+# @av_scanners_backup list. The default choice is somewhat arbitrary,
+# move entries from one list to another as desired, keeping main scanners
+# in the primary list to avoid warnings.
+
+@av_scanners_backup = (
+
+ ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
+ ['ClamAV-clamscan', 'clamscan',
+ "--stdout --no-summary -r --tempdir=$TEMPBASE {}",
+ [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
+
+ ### http://www.f-prot.com/ - backs up F-Prot Daemon, V6
+ ['F-PROT Antivirus for UNIX', ['fpscan'],
+ '--report --mount --adware {}', # consider: --applications -s 4 -u 3 -z 10
+ [0,8,64], [1,2,3, 4+1,4+2,4+3, 8+1,8+2,8+3, 12+1,12+2,12+3],
+ qr/^\[Found\s+[^\]]*\]\s+<([^ \t(>]*)/m ],
+
+ ### http://www.f-prot.com/ - backs up F-Prot Daemon (old)
+ ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
+ '-dumb -archive -packed {}', [0,8], [3,6], # or: [0], [3,6,8],
+ qr/(?:Infection:|security risk named) (.+)|\s+contains\s+(.+)$/m ],
+
+ ### http://www.trendmicro.com/ - backs up Trophie
+ ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'],
+ '-za -a {}', [0], qr/Found virus/m, qr/Found virus (.+) in/m ],
+
+ ### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD
+ ['drweb - DrWeb Antivirus', # security LHA hole in Dr.Web 4.33 and earlier
+ ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'],
+ '-path={} -al -go -ot -cn -upn -ok-',
+ [0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'m ],
+
+ ### http://www.kaspersky.com/
+ ['Kaspersky Antivirus v5.5',
+ ['/opt/kaspersky/kav4fs/bin/kav4fs-kavscanner',
+ '/opt/kav/5.5/kav4unix/bin/kavscanner',
+ '/opt/kav/5.5/kav4mailservers/bin/kavscanner', 'kavscanner'],
+ '-i0 -xn -xp -mn -R -ePASBME {}/*', [0,10,15], [5,20,21,25],
+ qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.*)/m,
+# sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"},
+# sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
+ ],
+
+# Commented out because the name 'sweep' clashes with Debian and FreeBSD
+# package/port of an audio editor. Make sure the correct 'sweep' is found
+# in the path when enabling.
+#
+# ### http://www.sophos.com/ - backs up Sophie or SAVI-Perl
+# ['Sophos Anti Virus (sweep)', 'sweep',
+# '-nb -f -all -rec -ss -sc -archive -cab -mime -oe -tnef '.
+# '--no-reset-atime {}',
+# [0,2], qr/Virus .*? found/m,
+# qr/^>>> Virus(?: fragment)? '?(.*?)'? found/m,
+# ],
+# # other options to consider: -idedir=/usr/local/sav
+
+# Always succeeds and considers mail clean.
+# Potentially useful when all other scanners fail and it is desirable
+# to let mail continue to flow with no virus checking (when uncommented).
+# ['always-clean', sub {0}],
+
+);
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# You can modify this file to re-enable SPAM checking through spamassassin
+# and to re-enable antivirus checking.
+
+#
+# Default antivirus checking mode
+# Please note, that anti-virus checking is DISABLED by
+# default.
+# If You wish to enable it, please uncomment the following lines:
+
+
+#@bypass_virus_checks_maps = (
+# \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
+
+
+#
+# Default SPAM checking mode
+# Please note, that anti-spam checking is DISABLED by
+# default.
+# If You wish to enable it, please uncomment the following lines:
+
+
+#@bypass_spam_checks_maps = (
+# \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# ADMINISTRATORS:
+# Debian suggests that any changes you need to do that should never
+# be "updated" by the Debian package should be made in another file,
+# overriding the settings in this file.
+#
+# The package will *not* overwrite your settings, but by keeping
+# them separate, you will make the task of merging changes on these
+# configuration files much simpler...
+
+# see /usr/share/doc/amavisd-new/examples/amavisd.conf-default for
+# a list of all variables with their defaults;
+# see /usr/share/doc/amavisd-new/examples/amavisd.conf-sample for
+# a traditional-style commented file
+# [note: the above files were not converted to Debian settings!]
+#
+# for more details see documentation in /usr/share/doc/amavisd-new
+# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html
+
+$QUARANTINEDIR = "$MYHOME/virusmails";
+$quarantine_subdir_levels = 1; # enable quarantine dir hashing
+
+$log_recip_templ = undef; # disable by-recipient level-0 log entries
+$DO_SYSLOG = 1; # log via syslogd (preferred)
+$syslog_ident = 'amavis'; # syslog ident tag, prepended to all messages
+$syslog_facility = 'mail';
+$syslog_priority = 'debug'; # switch to info to drop debug output, etc
+
+$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
+$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
+
+$inet_socket_port = 10024; # default listening socket
+
+$sa_spam_subject_tag = '***SPAM*** ';
+$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
+$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
+$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
+$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
+
+$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
+$sa_local_tests_only = 0; # only tests which do not require internet access?
+
+# Quota limits to avoid bombs (like 42.zip)
+
+$MAXLEVELS = 14;
+$MAXFILES = 1500;
+$MIN_EXPANSION_QUOTA = 100*1024; # bytes
+$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes
+
+# You should:
+# Use D_DISCARD to discard data (viruses)
+# Use D_BOUNCE to generate local bounces by amavisd-new
+# Use D_REJECT to generate local or remote bounces by the calling MTA
+# Use D_PASS to deliver the message
+#
+# Whatever you do, *NEVER* use D_REJECT if you have other MTAs *forwarding*
+# mail to your account. Use D_BOUNCE instead, otherwise you are delegating
+# the bounce work to your friendly forwarders, which might not like it at all.
+#
+# On dual-MTA setups, one can often D_REJECT, as this just makes your own
+# MTA generate the bounce message. Test it first.
+#
+# Bouncing viruses is stupid, always discard them after you are sure the AV
+# is working correctly. Bouncing real SPAM is also useless, if you cannot
+# D_REJECT it (and don't D_REJECT mail coming from your forwarders!).
+
+$final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine)
+$final_banned_destiny = D_BOUNCE; # D_REJECT when front-end MTA
+$final_spam_destiny = D_BOUNCE;
+$final_bad_header_destiny = D_PASS; # False-positive prone (for spam)
+
+$enable_dkim_verification = 0; #disabled to prevent warning
+
+$virus_admin = "postmaster\@$mydomain"; # due to D_DISCARD default
+
+# Set to empty ("") to add no header
+$X_HEADER_LINE = "Debian $myproduct_name at $mydomain";
+
+# REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS
+
+#
+# DO NOT SEND VIRUS NOTIFICATIONS TO OUTSIDE OF YOUR DOMAIN. EVER.
+#
+# These days, almost all viruses fake the envelope sender and mail headers.
+# Therefore, "virus notifications" became nothing but undesired, aggravating
+# SPAM. This holds true even inside one's domain. We disable them all by
+# default, except for the EICAR test pattern.
+#
+
+@viruses_that_fake_sender_maps = (new_RE(
+ [qr'\bEICAR\b'i => 0], # av test pattern name
+ [qr/.*/ => 1], # true for everything else
+));
+
+@keep_decoded_original_maps = (new_RE(
+# qr'^MAIL$', # retain full original message for virus checking (can be slow)
+ qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
+ qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
+# qr'^Zip archive data', # don't trust Archive::Zip
+));
+
+
+# for $banned_namepath_re, a new-style of banned table, see amavisd.conf-sample
+
+$banned_filename_re = new_RE(
+# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components
+
+ # block certain double extensions anywhere in the base name
+ qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
+
+ qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?$'i, # Windows Class ID CLSID, strict
+
+ qr'^application/x-msdownload$'i, # block these MIME types
+ qr'^application/x-msdos-program$'i,
+ qr'^application/hta$'i,
+
+# qr'^application/x-msmetafile$'i, # Windows Metafile MIME type
+# qr'^\.wmf$', # Windows Metafile file(1) type
+
+# qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME types
+
+# [ qr'^\.(Z|gz|bz2)$' => 0 ], # allow any in Unix-compressed
+# [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
+# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives
+# [ qr'^application/x-zip-compressed$'i => 0], # allow any within such archives
+
+ qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
+# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
+# inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|
+# ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
+# wmf|wsc|wsf|wsh)$'ix, # banned ext - long
+
+# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab.
+
+ qr'^\.(exe-ms)$', # banned file(1) types
+# qr'^\.(exe|lha|tnef|cab|dll)$', # banned file(1) types
+);
+# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
+# and http://www.cknow.com/vtutor/vtextensions.htm
+
+
+# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING
+
+@score_sender_maps = ({ # a by-recipient hash lookup table,
+ # results from all matching recipient tables are summed
+
+# ## per-recipient personal tables (NOTE: positive: black, negative: white)
+# 'user1@example.com' => [{'bla-mobile.press@example.com' => 10.0}],
+# 'user3@example.com' => [{'.ebay.com' => -3.0}],
+# 'user4@example.com' => [{'cleargreen@cleargreen.com' => -7.0,
+# '.cleargreen.com' => -5.0}],
+
+ ## site-wide opinions about senders (the '.' matches any recipient)
+ '.' => [ # the _first_ matching sender determines the score boost
+
+ new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
+ [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
+ [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
+ [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
+ [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
+ [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
+ [qr'^(your_friend|greatoffers)@'i => 5.0],
+ [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
+ ),
+
+# read_hash("/var/amavis/sender_scores_sitewide"),
+
+# This are some examples for whitelists, since envelope senders can be forged
+# they are not enabled by default.
+ { # a hash-type lookup table (associative array)
+ #'nobody@cert.org' => -3.0,
+ #'cert-advisory@us-cert.gov' => -3.0,
+ #'owner-alert@iss.net' => -3.0,
+ #'slashdot@slashdot.org' => -3.0,
+ #'securityfocus.com' => -3.0,
+ #'ntbugtraq@listserv.ntbugtraq.com' => -3.0,
+ #'security-alerts@linuxsecurity.com' => -3.0,
+ #'mailman-announce-admin@python.org' => -3.0,
+ #'amavis-user-admin@lists.sourceforge.net'=> -3.0,
+ #'amavis-user-bounces@lists.sourceforge.net' => -3.0,
+ #'spamassassin.apache.org' => -3.0,
+ #'notification-return@lists.sophos.com' => -3.0,
+ #'owner-postfix-users@postfix.org' => -3.0,
+ #'owner-postfix-announce@postfix.org' => -3.0,
+ #'owner-sendmail-announce@lists.sendmail.org' => -3.0,
+ #'sendmail-announce-request@lists.sendmail.org' => -3.0,
+ #'donotreply@sendmail.org' => -3.0,
+ #'ca+envelope@sendmail.org' => -3.0,
+ #'noreply@freshmeat.net' => -3.0,
+ #'owner-technews@postel.acm.org' => -3.0,
+ #'ietf-123-owner@loki.ietf.org' => -3.0,
+ #'cvs-commits-list-admin@gnome.org' => -3.0,
+ #'rt-users-admin@lists.fsck.com' => -3.0,
+ #'clp-request@comp.nus.edu.sg' => -3.0,
+ #'surveys-errors@lists.nua.ie' => -3.0,
+ #'emailnews@genomeweb.com' => -5.0,
+ #'yahoo-dev-null@yahoo-inc.com' => -3.0,
+ #'returns.groups.yahoo.com' => -3.0,
+ #'clusternews@linuxnetworx.com' => -3.0,
+ #lc('lvs-users-admin@LinuxVirtualServer.org') => -3.0,
+ #lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
+
+ # soft-blacklisting (positive score)
+ #'sender@example.net' => 3.0,
+ #'.example.net' => 1.0,
+
+ },
+ ], # end of site-wide tables
+});
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+#
+# These are Ubuntu specific defaults for amavisd-new configuration
+#
+# DOMAIN KEYS IDENTIFIED MAIL (DKIM)
+$enable_dkim_verification = 1;
+# Don't be verbose about sending mail:
+@whitelist_sender_acl = qw( .$mydomain );
+$final_virus_destiny = D_DISCARD; # (defaults to D_BOUNCE)
+$final_banned_destiny = D_DISCARD; # (defaults to D_BOUNCE)
+$final_spam_destiny = D_DISCARD; # (defaults to D_REJECT)
+$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
+
+$virus_admin = undef;
+$spam_admin = undef;
+
+#------------ Do not modify anything below this line -------------
+1; # insure a defined return
--- /dev/null
+use strict;
+
+##
+## Functionality required for amavis helpers like
+## amavis-release.
+##
+
+# Enable required AM.PDP protocol socket.
+#
+# this is incompatible with the old helpers, but one can
+# have multiple inet (not unix) sockets to overcome this
+# issue. Refer to the amavisd-new documentation for more
+# information
+
+$unix_socketname = "/var/lib/amavis/amavisd.sock";
+
+$interface_policy{'SOCK'} = 'AM.PDP-SOCK';
+$policy_bank{'AM.PDP-SOCK'} = {
+ protocol => 'AM.PDP',
+ auth_required_release => 0, # don't require secret-id for release
+};
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# l10n (localization) of the AMaViSd-new DSN templates
+# Override or change as necessary
+
+# Select notifications text encoding when Unicode-aware Perl is converting
+# text from internal character representation to external encoding (charset
+# in MIME terminology). Used as argument to Perl Encode::encode subroutine.
+#
+# to be used in RFC 2047-encoded header field bodies, e.g. in Subject:
+#$hdr_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
+#
+# to be used in notification body text: its encoding and Content-type.charset
+#$bdy_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
+
+# Default template texts for notifications may be overruled by directly
+# assigning new text to template variables, or by reading template text
+# from files. A second argument may be specified in a call to read_text(),
+# specifying character encoding layer to be used when reading from the
+# external file, e.g. 'utf8', 'iso-8859-1', or often just $bdy_encoding.
+# Text will be converted to internal character representation by Perl 5.8.0
+# or later; second argument is ignored otherwise. See PerlIO::encoding,
+# Encode::PerlIO and perluniintro man pages.
+#
+# $notify_sender_templ = read_text('/var/amavis/notify_sender.txt');
+# $notify_virus_sender_templ= read_text('/var/amavis/notify_virus_sender.txt');
+# $notify_virus_admin_templ = read_text('/var/amavis/notify_virus_admin.txt');
+# $notify_virus_recips_templ= read_text('/var/amavis/notify_virus_recips.txt');
+# $notify_spam_sender_templ = read_text('/var/amavis/notify_spam_sender.txt');
+# $notify_spam_admin_templ = read_text('/var/amavis/notify_spam_admin.txt');
+
+# If notification template files are collectively available in some directory,
+# you can use read_l10n_templates which calls read_text for each known
+# template. Name the files as above, and include a file named "charset" with
+# the charset used in the files. This is how Debian ships l10n templates.
+#
+# syntax: read_l10n_templates(<directory>); OR
+# read_l10n_templates(<subdirectory>, <master directory>);
+#
+read_l10n_templates('en_US', '/etc/amavis');
+
+1; # ensure a defined return
--- /dev/null
+# DKIM signing domain whitelist. The domain to use is the domain after
+# d= in the DKIM header.
+
+@author_to_policy_bank_maps = ( {
+ # 'friends.example.net' => 'WHITELIST,NOBANNEDCHECK',
+ # 'user1@cust.example.net' => 'WHITELIST,NOBANNEDCHECK',
+ '.ebay.com' => 'WHITELIST',
+ '.ebay.co.uk' => 'WHITELIST',
+ 'ebay.at' => 'WHITELIST',
+ 'ebay.ca' => 'WHITELIST',
+ 'ebay.de' => 'WHITELIST',
+ 'ebay.fr' => 'WHITELIST',
+ '.paypal.co.uk' => 'WHITELIST',
+ '.paypal.com' => 'WHITELIST', # author signatures
+ './@paypal.com' => 'WHITELIST', # 3rd-party sign. by paypal.com
+ 'alert.bankofamerica.com' => 'WHITELIST',
+ 'amazon.com' => 'WHITELIST',
+ 'cisco.com' => 'WHITELIST',
+ '.cnn.com' => 'WHITELIST',
+ 'skype.net' => 'WHITELIST',
+ 'welcome.skype.com' => 'WHITELIST',
+ 'cc.yahoo-inc.com' => 'WHITELIST',
+ 'cc.yahoo-inc.com/@yahoo-inc.com' => 'WHITELIST',
+ # 'google.com' => 'MILD_WHITELIST',
+ # 'googlemail.com' => 'MILD_WHITELIST',
+ # './@googlegroups.com' => 'MILD_WHITELIST',
+ # './@yahoogroups.com' => 'MILD_WHITELIST',
+ # './@yahoogroups.co.uk' => 'MILD_WHITELIST',
+ # './@yahoogroupes.fr' => 'MILD_WHITELIST',
+ # 'yousendit.com' => 'MILD_WHITELIST',
+ # 'meetup.com' => 'MILD_WHITELIST',
+ # 'dailyhoroscope@astrology.com' => 'MILD_WHITELIST',
+ } );
--- /dev/null
+use strict;
+
+#
+# Place your configuration directives here. They will override those in
+# earlier files.
+#
+# See /usr/share/doc/amavisd-new/ for documentation and examples of
+# the directives you can use in this file
+#
+
+
+#------------ Do not modify anything below this line -------------
+1; # ensure a defined return
--- /dev/null
+# This is charset for en_US messages.
+# If you are creating new messages, use 'iconv -l' to get possible encodings.
+ascii # or iso-8859-1
+ignored lines after first one
--- /dev/null
+#
+# =============================================================================
+# This is a template for the plain text part of an auto response (e.g.
+# vacation, out-of-office), see RFC 3834.
+#
+From: %f
+Date: %d
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Reply-To: postmaster@%h
+Message-ID: <ARE%i@%h>
+Auto-Submitted: auto-replied
+[:wrap|76||\t|Subject: Auto: autoresponse to: %s]
+[? %m |#|In-Reply-To: %m]
+Precedence: junk
+
+This is an auto-response to a message \
+[? %a |\nreceived on %d,|received from\nIP address \[%a\] on %d,]
+envelope sender: %s
+(author) From: [:rfc2822_from]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+[?[:dkim|author]|#|
+A first-party DKIM or DomainKeys signature is valid, d=[:dkim|author].]
--- /dev/null
+#
+# =============================================================================
+# This is a template for (neutral: non-virus, non-spam, non-banned)
+# DELIVERY STATUS NOTIFICATIONS to sender.
+# For syntax and customization instructions see README.customize.
+# The From, To and Date header fields will be provided automatically.
+# Long header fields will be automatically wrapped by the program.
+#
+Subject: [?%#D|Undeliverable mail|Delivery status notification]\
+[? [:ccat|major] |||, MTA-BLOCKED\
+|, OVERSIZED message\
+|, invalid header section[=explain_badh|1]\
+[?[:ccat|minor]||: bad MIME|: unencoded 8-bit character\
+|: improper use of control char|: all-whitespace header line\
+|: header line longer than 998 characters|: header field syntax error\
+|: missing required header field|: duplicate header field|]\
+|, UNSOLICITED BULK EMAIL apparently from you\
+|, UNSOLICITED BULK EMAIL apparently from you\
+|, contents UNCHECKED\
+|, BANNED contents type (%F)\
+|, VIRUS in message apparently from you (%V)\
+]
+Message-ID: <DSN%i@%h>
+
+[? %#D |#|Your message WAS SUCCESSFULLY RELAYED to:[\n %D]
+[~[:dsn_notify]|["\\bSUCCESS\\b"]|\
+and you explicitly requested a delivery status notification on success.\n]\
+]
+[? %#N |#|The message WAS NOT relayed to:[\n %N]
+]
+[:wrap|78|||This [?%#D|nondelivery|delivery] report was \
+generated by the program amavisd-new at host %h. \
+Our internal reference code for your message is %n/%i]
+
+# ccat_min 0: other, 1: bad MIME, 2: 8-bit char, 3: NUL/CR,
+# 4: empty, 5: long, 6: syntax, 7: missing, 8: multiple
+[? [:explain_badh] ||[? [:ccat|minor]
+|INVALID HEADER
+|INVALID HEADER: BAD MIME HEADER SECTION OR BAD MIME STRUCTURE
+|INVALID HEADER: INVALID 8-BIT CHARACTERS IN HEADER SECTION
+|INVALID HEADER: INVALID CONTROL CHARACTERS IN HEADER SECTION
+|INVALID HEADER: FOLDED HEADER FIELD LINE MADE UP ENTIRELY OF WHITESPACE
+|INVALID HEADER: HEADER LINE LONGER THAN RFC 5322 LIMIT OF 998 CHARACTERS
+|INVALID HEADER: HEADER FIELD SYNTAX ERROR
+|INVALID HEADER: MISSING REQUIRED HEADER FIELD
+|INVALID HEADER: DUPLICATE HEADER FIELD
+|INVALID HEADER
+]
+[[:wrap|78| | |%X]\n]
+]\
+#
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From|100][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender|100]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? %#X|#|[? [:useragent] |#|[:wrap|78|| |[:useragent]]]]
+[? %j |#|[:wrap|78|| |Subject: [:header_field|Subject|100]]]
+
+# ccat_min 0: other, 1: bad MIME, 2: 8-bit char, 3: NUL/CR,
+# 4: empty, 5: long, 6: syntax, 7: missing, 8: multiple
+[? [:explain_badh] ||[? [:ccat|minor]
+|# 0: other
+|# 1: bad MIME
+|# 2: 8-bit char
+WHAT IS AN INVALID CHARACTER IN A MAIL HEADER SECTION?
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ It does not allow the use of characters with codes above 127 to be
+ used directly (non-encoded) in a mail header section.
+
+ If such characters (e.g. with diacritics) from ISO Latin or other
+ alphabets need to be included in a header section, these characters
+ need to be properly encoded according to RFC 2047. Such encoding
+ is often done transparently by mail reader (MUA), but if automatic
+ encoding is not available (e.g. by some older MUA) it is a user's
+ responsibility to avoid using such characters in a header section,
+ or to encode them manually. Typically the offending header fields
+ in this category are 'Subject', 'Organization', and comment fields
+ or display names in e-mail addresses of 'From', 'To' or 'Cc'.
+
+ Sometimes such invalid header fields are inserted automatically
+ by some MUA, MTA, content filter, or other mail handling service.
+ If this is the case, such service needs to be fixed or properly
+ configured. Typically the offending header fields in this category
+ are 'Date', 'Received', 'X-Mailer', 'X-Priority', 'X-Scanned', etc.
+
+ If you don't know how to fix or avoid the problem, please report it
+ to _your_ postmaster or system manager.
+#
+[~[:useragent]|^X-Mailer:\\s*Microsoft Outlook Express 6\\.00|["
+ If using Microsoft Outlook Express as your MUA, make sure its
+ settings under:
+ Tools -> Options -> Send -> Mail Sending Format -> Plain & HTML
+ are: "MIME format" MUST BE selected,
+ and "Allow 8-bit characters in headers" MUST NOT be enabled!
+"]]#
+|# 3: NUL/CR
+IMPROPER USE OF CONTROL CHARACTER IN A MESSAGE HEADER SECTION
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ It does not allow the use of control characters NUL and bare CR
+ to be used directly in a mail header section.
+|# 4: empty
+IMPROPERLY FOLDED HEADER FIELD LINE MADE UP ENTIRELY OF WHITESPACE
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ In section '3.2.2. Folding white space and comments' it explicitly
+ prohibits folding of header fields in such a way that any line of a
+ folded header field is made up entirely of white-space characters
+ (control characters SP and HTAB) and nothing else.
+|# 5: long
+HEADER LINE LONGER THAN RFC 5322 LIMIT OF 998 CHARACTERS
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ Section '2.1.1. Line Length Limits' prohibits each line of a header
+ section to be more than 998 characters in length (excluding the CRLF).
+|# 6: syntax
+|# 7: missing
+MISSING REQUIRED HEADER FIELD
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ Section '3.6. Field Definitions' specifies that certain header fields
+ are required (origination date field and the "From:" originator field).
+|# 8: multiple
+DUPLICATE HEADER FIELD
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ Section '3.6. Field Definitions' specifies that certain header fields
+ must not occur more than once in a message header section.
+|# other
+]]#
--- /dev/null
+#
+# =============================================================================
+# This is a template for the plain text part of a problem/feedback report,
+# with either the original message included in-line, or attached,
+# or the message is structured as a FEEDBACK REPORT NOTIFICATIONS format.
+# See RFC 5965 - "An Extensible Format for Email Feedback Reports".
+#
+From: %f
+Date: %d
+Subject: Fw: %j
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Message-ID: <ARF%i@%h>
+#Auto-Submitted: auto-generated
+
+This is an e-mail [:feedback_type] report for a message \
+[? %a |\nreceived on %d,|received from\nIP address [:client_addr_port] on %d,]
+
+[:wrap|78|| |Return-Path: %s]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|[:wrap|78|| |Sender: [:header_field|Sender]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? %j |#|[:wrap|78|| |Subject: [:header_field|Subject|100]]]
+[?[:dkim|author]|#|
+A first-party DKIM or DomainKeys signature is valid, d=[:dkim|author].]
+
+Reporting-MTA: %h
+Our internal reference code for the message is %n/%i
+
+[~[:report_format]|["^(arf|attach|dsn)$"]|["\
+A complete original message is attached.
+[~[:report_format]|["^arf$"]|\
+For more information on the ARF format please see RFC 5965.
+]"]|["\
+A complete original message in its pristine form follows:
+"]]#
--- /dev/null
+#
+# =============================================================================
+# This is a template for the plain text part of a RELEASE FROM A QUARANTINE,
+# applicable if a chosen release format is 'attach' (not 'resend').
+#
+From: %f
+Date: %d
+Subject: \[released message\] %j
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Message-ID: <QRA%i@%h>
+
+Please find attached a message which was held in a quarantine,
+and has now been released.
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+# [? %m |#|[:wrap|78|| |Message-ID: %m]]
+# [? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+# [? [:useragent] |#|[:wrap|78|| |[:useragent]]]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+
+Our internal reference code for the message is %n/%i
+#
+[~[:report_format]|["^attach$"]|["[? [:attachment_password] |#|
+
+Contents of the attached mail message may pose a threat to your computer or
+could be a social engineering deception, so it should be handled cautiously.
+To prevent undesired automatic opening, the attached original mail message
+has been wrapped in a password-protected ZIP archive.
+
+Here is the password that allows opening of the attached archive:
+
+ [:attachment_password]
+
+Note that the attachment is not strongly encrypted and the password
+is not a strong secret (being displayed in this non-encrypted text),
+so this attachment is not suitable for guarding a secret contents.
+The sole purpose of this password protection it to prevent undesired
+accidental or automatic opening of a message, either by some filtering
+software, a virus scanner, or by a mail reader.
+]"]|]#
--- /dev/null
+#
+# =============================================================================
+# This is a template for spam ADMINISTRATOR NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# Long header fields will be automatically wrapped by the program.
+#
+From: %f
+Date: %d
+Subject: Spam FROM [?%l||LOCAL ][?%a||[:client_addr_port] ]%s
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Message-ID: <SA%i@%h>
+
+Content type: [:ccat|name|main]#
+[? [:ccat|is_blocked_by_nonmain] ||, blocked for [:ccat|name]]
+Internal reference code for the message is %n/%i
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? [:useragent] |#|[:wrap|78|| |[:useragent]]]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+[? %q |Not quarantined.|The message has been quarantined as: %q]
+
+[? %#D |#|The message WILL BE relayed to:[\n%D]
+]
+[? %#N |#|The message WAS NOT relayed to:[\n%N]
+]
+Spam scanner report:
+[%A
+]\
--- /dev/null
+#
+# =============================================================================
+# This is a template for spam SENDER NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# The From, To and Date header fields will be provided automatically.
+# Long header fields will be automatically wrapped by the program.
+#
+Subject: Considered UNSOLICITED BULK EMAIL, apparently from you
+[? %m |#|In-Reply-To: %m]
+Message-ID: <SS%i@%h>
+
+A message from %s[
+to: %R]
+
+was considered unsolicited bulk e-mail (UBE).
+
+Our internal reference code for your message is %n/%i
+
+The message carried your return address, so it was either a genuine mail
+from you, or a sender address was faked and your e-mail address abused
+by third party, in which case we apologize for undesired notification.
+
+We do try to minimize backscatter for more prominent cases of UBE and
+for infected mail, but for less obvious cases some balance between
+losing genuine mail and sending undesired backscatter is sought,
+and there can be some collateral damage on either side.
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From|100][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender|100]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+# [? [:useragent] |#|[:wrap|78|| |[:useragent]]]
+[? %j |#|[:wrap|78|| |Subject: [:header_field|Subject|100]]]
+[? %#X |#|\n[[:wrap|78|| |%X]\n]]
+
+[? %#D |Delivery of the email was stopped!
+]#
+#
+# Spam scanner report:
+# [%A
+# ]\
--- /dev/null
+#
+# =============================================================================
+# This is a template for non-spam (e.g. VIRUS,...) ADMINISTRATOR NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# Long header fields will be automatically wrapped by the program.
+#
+From: %f
+Date: %d
+Subject: [? [:ccat|major] |Clean mail|Clean mail|MTA-blocked mail|\
+OVERSIZED mail|INVALID HEADER in mail|Spammy|Spam|UNCHECKED contents in mail|\
+BANNED contents (%F) in mail|VIRUS (%V) in mail]\
+ FROM [?%l||LOCAL ][?%a||[:client_addr_port] ]%s
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Message-ID: <VA%i@%h>
+
+[? %#V |No viruses were found.
+|A virus was found: %V
+|Two viruses were found:\n %V
+|%#V viruses were found:\n %V
+]
+[? %#F |#|[:wrap|78|| |Banned [?%#F|names|name|names]: %F]]
+[? %#X |#|Bad header:[\n[:wrap|78| | |%X]]]
+[? %#W |#\
+|Scanner detecting a virus: %W
+|Scanners detecting a virus: %W
+]
+Content type: [:ccat|name|main]#
+[? [:ccat|is_blocked_by_nonmain] ||, blocked for [:ccat|name]]
+Internal reference code for the message is %n/%i
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+[? %q |Not quarantined.|The message has been quarantined as: %q]
+
+[? %#S |Notification to sender will not be mailed.
+
+]#
+[? %#D |#|The message WILL BE relayed to:[\n%D]
+]
+[? %#N |#|The message WAS NOT relayed to:[\n%N]
+]
+[? %#V |#|[? %#v |#|Virus scanner output:[\n %v]
+]]
--- /dev/null
+#
+# =============================================================================
+# This is a template for VIRUS/BANNED/BAD-HEADER RECIPIENTS NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# Long header fields will be automatically wrapped by the program.
+#
+From: %f
+Date: %d
+Subject: [? [:ccat|major] |Clean mail|Clean mail|MTA-blocked mail|\
+OVERSIZED mail|INVALID HEADER in mail|Spammy|Spam|UNCHECKED contents in mail|\
+BANNED contents (%F) in mail|VIRUS (%V) in mail] TO YOU from %s
+[? [:header_field|To] |To: undisclosed-recipients:;|To: [:header_field|To]]
+[? [:header_field|Cc] |#|Cc: [:header_field|Cc]]
+Message-ID: <VR%i@%h>
+
+[? %#V |[? %#F ||BANNED CONTENTS ALERT]|VIRUS ALERT]
+
+Our content checker found
+[? %#V |#|[:wrap|78| | |[?%#V|viruses|virus|viruses]: %V]]
+[? %#F |#|[:wrap|78| | |banned [?%#F|names|name|names]: %F]]
+[? %#X |#|[[:wrap|78| | |%X]\n]]
+
+in an email to you [? %#V |from:|from probably faked sender:]
+ %o
+[? %#V |#|claiming to be: %s]
+
+Content type: [:ccat|name|main]#
+[? [:ccat|is_blocked_by_nonmain] ||, blocked for [:ccat|name]]
+Our internal reference code for your message is %n/%i
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? [:useragent] |#|[:wrap|78|| |[:useragent]]]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+[? %q |Not quarantined.|The message has been quarantined as: %q]
+
+Please contact your system administrator for details.
--- /dev/null
+#
+# =============================================================================
+# This is a template for VIRUS/BANNED SENDER NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# The From, To and Date header fields will be provided automatically.
+# Long header fields will be automatically wrapped by the program.
+#
+Subject: [? [:ccat|major]
+|Clean message from you\
+|Clean message from you\
+|Clean message from you (MTA blocked)\
+|OVERSIZED message from you\
+|BAD-HEADER in message from you\
+|Spam claiming to be from you\
+|Spam claiming to be from you\
+|A message with UNCHECKED contents from you\
+|BANNED contents from you (%F)\
+|VIRUS in message apparently from you (%V)\
+]
+[? %m |#|In-Reply-To: %m]
+Message-ID: <VS%i@%h>
+
+[? [:ccat|major] |Clean|Clean|MTA-BLOCKED|OVERSIZED|INVALID HEADER|\
+Spammy|Spam|UNCHECKED contents|BANNED CONTENTS ALERT|VIRUS ALERT]
+
+Our content checker found
+[? %#V |#|[:wrap|78| | |[? %#V |viruses|virus|viruses]: %V]]
+[? %#F |#|[:wrap|78| | |banned [? %#F |names|name|names]: %F]]
+[? %#X |#|[[:wrap|78| | |%X]\n]]
+
+in email presumably from you %s
+to the following [? %#R |recipients|recipient|recipients]:[
+-> %R]
+
+Our internal reference code for your message is %n/%i
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From|100][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender|100]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? %j |#|[:wrap|78|| |Subject: [:header_field|Subject|100]]]
+
+[? %#D |Delivery of the email was stopped!
+
+]#
+[? %#V ||Please check your system for viruses,
+or ask your system administrator to do so.
+
+]#
+[? %#V |[? %#F ||#
+The message [?%#D|has been blocked|triggered this warning] because it contains a component
+(as a MIME part or nested within) with declared name
+or MIME type or contents type violating our access policy.
+
+To transfer contents that may be considered risky or unwanted
+by site policies, or simply too large for mailing, please consider
+publishing your content on the web, and only sending an URL of the
+document to the recipient.
+
+Depending on the recipient and sender site policies, with a little
+effort it might still be possible to send any contents (including
+viruses) using one of the following methods:
+
+- encrypted using pgp, gpg or other encryption methods;
+
+- wrapped in a password-protected or scrambled container or archive
+ (e.g.: zip -e, arj -g, arc g, rar -p, or other methods)
+
+Note that if the contents is not intended to be secret, the
+encryption key or password may be included in the same message
+for recipient's convenience.
+
+We are sorry for inconvenience if the contents was not malicious.
+
+The purpose of these restrictions is to cut the most common propagation
+methods used by viruses and other malware. These often exploit automatic
+mechanisms and security holes in more popular mail readers (Microsoft
+mail readers and browsers are a common target). By requiring an explicit
+and decisive action from the recipient to decode mail, the danger of
+automatic malware propagation is largely reduced.
+#
+# Details of our mail restrictions policy are available at ...
+
+]]#
--- /dev/null
+#
+# SpamAssassin maintenance for amavisd-new
+#
+# m h dom mon dow user command
+18 */3 * * * amavis test -e /usr/sbin/amavisd-new-cronjob && /usr/sbin/amavisd-new-cronjob sa-sync
+24 1 * * * amavis test -e /usr/sbin/amavisd-new-cronjob && /usr/sbin/amavisd-new-cronjob sa-clean
--- /dev/null
+# To enable the amavis-mc service set ENABLED to yes Please remember: to get
+# those services working you have to enable zmq support in amavis.
+# ($enable_zmq = 1)
+# See README.Debian for details
+
+ENABLED="no"
+
--- /dev/null
+# To enable the amavis-snmp-subagent set ENABLED to yes
+
+ENABLED="no"
+
+# there are two implementations of the subagent daemon:
+# 1) the default bdb version
+# 2) a zero mq based version
+# if you want to use this agent you need at least
+# libnet-snmp-perl installed.
+# the zeromq version also needs libzeromq-perl.
+# You also have to enable zeromq
+# in amavis: $enable_zmq = 1;
+#
+# See RELEASE_NOTES for details.
+
+AGENT_BACKEND="bdb" # use zeromq for the zeromq version
dovecot:x:117:
dovenull:x:118:
opendkim:x:119:
+amavis:x:120:
vmail:x:1000:
dovecot:x:117:
dovenull:x:118:
+opendkim:x:119:
dovecot:!::
dovenull:!::
opendkim:!::
+amavis:!::
vmail:!::
dovecot:!::
dovenull:!::
+opendkim:!::
--- /dev/null
+#! /bin/sh
+#
+# amavisd /etc/init.d/ initscript for amavisd-new
+# $Id: amavisd-new.init 800 2006-01-31 00:07:45Z hmh $
+#
+# Copyright (c) 2003 by Brian May <bam@debian.org>
+# and Henrique M. Holschuh <hmh@debian.org>
+# Distributed under the GPL version 2
+#
+#
+# How this thing works:
+# ${START} must be only what is needed for start-stop-daemon, DO NOT
+# ADD ANY PARAMETERS HERE! we might use it for --test, for example.
+# ${STOP} works just like ${START}, --signal is used with it.
+#
+# ${PARAMS} are the parameters to give the daemon when really starting
+# it.
+### BEGIN INIT INFO
+# Provides: amavisd-new
+# Required-Start: $syslog $network $local_fs $remote_fs
+# Required-Stop: $syslog $network $local_fs $remote_fs
+# Should-Start:
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Starts amavisd-new mailfilter
+# Description: Launches the amavisd-new mailfilter
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/amavisd-new
+DAEMON2=/usr/bin/perl
+NAME=amavisd
+DAEMONNAME=amavisd-new
+DESC=amavisd
+PIDFILE=/var/run/amavis/${NAME}.pid
+
+. /lib/lsb/init-functions
+
+test -f ${DAEMON} || exit 0
+
+set -e
+
+START="--start --quiet --pidfile $PIDFILE --startas ${DAEMON}"
+STOP="--stop --quiet --pidfile $PIDFILE"
+PARAMS=
+
+check_noncompatible_upgrade() {
+ for i in /etc/amavisd.conf /etc/amavis/amavisd.conf ; do
+ if [ -e "${i}.disabled" ] ; then
+ echo "Found incompatible config file flag!" >&2
+ echo "Due to safety concerns, amavisd-new will not be started." >&2
+ echo "Refer to /usr/share/doc/amavisd-new/README.Debian for instructions." >&2
+ exit 1
+ fi
+ done
+}
+
+createdir() {
+# $1 = user
+# $2 = group
+# $3 = permissions (octal)
+# $4 = path to directory
+ [ -d "$4" ] || mkdir -p "$4"
+ chown -c -h "$1:$2" "$4"
+ chmod -c "$3" "$4"
+}
+
+fixdirs() {
+ dir=$(dpkg-statoverride --list /var/run/amavis) || {
+ echo "You are missing a dpkg-statoverride on /var/run/amavis. Fix it, otherwise you risk silent breakage on upgrades." >&2
+ exit 1
+ }
+ [ -z "$dir" ] || createdir $dir
+ :
+}
+
+cleanup() {
+ [ -d /var/lib/amavis ] &&
+ find /var/lib/amavis -maxdepth 1 -name 'amavis-*' -type d \
+ -exec rm -rf "{}" \; >/dev/null 2>&1 || true
+ [ -d /var/lib/amavis/tmp ] &&
+ find /var/lib/amavis/tmp -maxdepth 1 -name 'amavis-*' -type d \
+ -exec rm -rf "{}" \; >/dev/null 2>&1 || true
+ :
+}
+
+case "$1" in
+ start)
+ echo -n "Starting $DESC: "
+ fixdirs
+ check_noncompatible_upgrade
+ export LC_ALL; LC_ALL=C
+ if start-stop-daemon ${START} -- ${PARAMS} start >/dev/null ; then
+ echo "amavisd-new."
+ else
+ if start-stop-daemon --test ${START} >/dev/null 2>&1; then
+ echo "(failed)."
+ exit 1
+ else
+ echo "(already running)."
+ exit 0
+ fi
+ fi
+ ;;
+ stop)
+ echo -n "Stopping $DESC: "
+ if start-stop-daemon ${STOP} --retry 10 >/dev/null ; then
+ cleanup
+ echo "amavisd-new."
+ else
+ if start-stop-daemon --test ${START} >/dev/null 2>&1; then
+ echo "(not running)."
+ exit 0
+ else
+ echo "(failed)."
+ exit 1
+ fi
+ fi
+ ;;
+# reload)
+# echo "Reloading $DESC configuration files."
+# start-stop-daemon ${STOP} --signal 1
+# ;;
+ restart|force-reload)
+ $0 stop
+ exec $0 start
+ ;;
+ debug|debug-sa)
+ mode="$1"
+ echo "Trying to run amavisd-new in ${mode} mode..."
+ fixdirs
+ check_noncompatible_upgrade
+ exec ${DAEMON} ${PARAMS} "${mode}"
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+ *)
+ N=/etc/init.d/amavis
+ #echo "Usage: $N {start|stop|restart|reload|force-reload|debug}" >&2
+ echo "Usage: $N {start|stop|restart|force-reload|status|debug}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: amavis-mc
+# Required-Start: $remote_fs $syslog amavisd-new
+# Should-Start:
+# Should-Stop:
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Startup script for amavis master supervisor
+# Description: This script starts the amavis supervisor for amavis
+# service processes.
+### END INIT INFO
+
+# Do NOT "set -e"
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="amavis services supervisor"
+NAME=amavis-mc
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS="-P /var/run/amavis/$NAME.pid"
+PIDFILE=/var/run/amavis/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+
+if [ "${ENABLED}" != "yes" ]; then
+ log_warning_msg "Not starting ${NAME} - edit
+ /etc/default/${NAME} to enable it"
+ exit 0
+fi
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ if [ -e $PIDFILE ]
+ then
+ if [ -d /proc/`cat $PIDFILE`/ ]
+ then
+ echo "$NAME (${AGENT_BACKEND} version) already running."
+ exit 0;
+ else
+ rm -f $PIDFILE
+ fi
+ fi
+ export LC_ALL; LC_ALL=C
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --pidfile $PIDFILE
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ #reload|force-reload)
+ #
+ # If do_reload() is not implemented then leave this commented out
+ # and leave 'force-reload' as an alias for 'restart'.
+ #
+ #log_daemon_msg "Reloading $DESC" "$NAME"
+ #do_reload
+ #log_end_msg $?
+ #;;
+ restart|force-reload)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: amavis-snmp-subagent
+# Required-Start: $remote_fs $syslog amavisd-new
+# Should-Start: snmpd amavis-mc
+# Should-Stop: snmpd
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Startup script for amavis snmp subagent
+# Description: This script starts the daemon used to connect amavis with the
+# snmpd daemon
+### END INIT INFO
+
+# Do NOT "set -e"
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="amavis snmp subagent"
+NAME=amavisd-snmp-subagent
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS="-P /var/run/$NAME.pid"
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+AGENT_BACKEND="bdb"
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+case "$AGENT_BACKEND" in
+ bdb)
+ DAEMON=/usr/sbin/amavisd-snmp-subagent
+ ;;
+ zeromq)
+ DAEMON=/usr/sbin/amavisd-snmp-subagent-zmq
+ ;;
+esac
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+
+if [ "${ENABLED}" != "yes" ]; then
+ log_warning_msg "Not starting ${NAME} - edit
+ /etc/default/${NAME} to enable it"
+ exit 0
+fi
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ if [ -e $PIDFILE ]
+ then
+ if [ -d /proc/`cat $PIDFILE`/ ]
+ then
+ echo "$NAME (${AGENT_BACKEND} version) already running."
+ exit 0;
+ else
+ rm -f $PIDFILE
+ fi
+ fi
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --pidfile $PIDFILE
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ #reload|force-reload)
+ #
+ # If do_reload() is not implemented then leave this commented out
+ # and leave 'force-reload' as an alias for 'restart'.
+ #
+ #log_daemon_msg "Reloading $DESC" "$NAME"
+ #do_reload
+ #log_end_msg $?
+ #;;
+ restart|force-reload)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#--------------------------------------------------------------------------
+# LDAP Schema for amavisd-new Jacques Supcik, PhD
+#----------------------------- IP-Plus Internet Services
+# Release 1.2.2 Swisscom Enterprise Solutions Ltd
+# 30 May 2004 3050 Bern - Switzerland
+#--------------------------------------------------------------------------
+# Copyright (c) 2004 Jacques Supcik, Swisscom Enterprise Solutions Ltd.
+# Permission is granted to copy, distribute and/or modify this document
+# under the terms of the GNU Free Documentation License, Version 1.2
+# or any later version published by the Free Software Foundation;
+# with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
+# A copy of the license is included in the section entitled "GNU
+# Free Documentation License".
+#--------------------------------------------------------------------------
+# Changes made to LDAP Schema to make it import and play nicely with
+# Novell NDS - Michael Tracey, SONOPRESS USA, LLC April 07 2005
+# ( uncomment each dn:, changetype:, add:, add X-NDS-NAME attribute, replace
+# "attributetype" by "attributetypes:" and "objectclasse" by "objectclasses:"
+# (plural,colon), and unwrap each attributetypes: and objectclasses: )
+#--------------------------------------------------------------------------
+# 1.3.6.1.4.1.15312 Jozef Stefan Institute's OID
+# 1.3.6.1.4.1.15312.2 amavisd-new
+# 1.3.6.1.4.1.15312.2.2 amavisd-new LDAP Elements
+# 1.3.6.1.4.1.15312.2.2.1 AttributeTypes
+# 1.3.6.1.4.1.15312.2.2.2 ObjectClasses
+# 1.3.6.1.4.1.15312.2.2.3 Syntax Definitions
+#--------------------------------------------------------------------------
+
+# Attribute Types
+#-----------------
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.1
+ NAME 'amavisVirusLover'
+ DESC 'Virus Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.2
+ NAME 'amavisBannedFilesLover'
+ DESC 'Banned Files Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.3
+ NAME 'amavisBypassVirusChecks'
+ DESC 'Bypass Virus Check'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.4
+ NAME 'amavisBypassSpamChecks'
+ DESC 'Bypass Spam Check'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.5
+ NAME 'amavisSpamTagLevel'
+ DESC 'Spam Tag Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.6
+ NAME 'amavisSpamTag2Level'
+ DESC 'Spam Tag2 Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.7
+ NAME 'amavisSpamKillLevel'
+ DESC 'Spam Kill Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.8
+ NAME 'amavisSpamModifiesSubj'
+ DESC 'Modifies Subject on spam - no longer in use since 2.7.0'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.9
+ NAME 'amavisWhitelistSender'
+ DESC 'White List Sender'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.10
+ NAME 'amavisBlacklistSender'
+ DESC 'Black List Sender'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.11
+ NAME 'amavisSpamQuarantineTo'
+ DESC 'Spam Quarantine to'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.12
+ NAME 'amavisSpamLover'
+ DESC 'Spam Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.13
+ NAME 'amavisBadHeaderLover'
+ DESC 'Bad Header Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.14
+ NAME 'amavisBypassBannedChecks'
+ DESC 'Bypass Banned Files Check'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.15
+ NAME 'amavisBypassHeaderChecks'
+ DESC 'Bypass Header Check'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.16
+ NAME 'amavisVirusQuarantineTo'
+ DESC 'Virus quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.17
+ NAME 'amavisBannedQuarantineTo'
+ DESC 'Banned Files quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.18
+ NAME 'amavisBadHeaderQuarantineTo'
+ DESC 'Bad Header quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.19
+ NAME 'amavisLocal'
+ DESC 'Is user considered local'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.20
+ NAME 'amavisMessageSizeLimit'
+ DESC 'Message size limit'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.21
+ NAME 'amavisWarnVirusRecip'
+ DESC 'Notify virus recipients'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.22
+ NAME 'amavisWarnBannedRecip'
+ DESC 'Notify banned file recipients'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.23
+ NAME 'amavisWarnBadHeaderRecip'
+ DESC 'Notify bad header recipients'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.24
+ NAME 'amavisVirusAdmin'
+ DESC 'Virus admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.25
+ NAME 'amavisNewVirusAdmin'
+ DESC 'New virus admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.26
+ NAME 'amavisSpamAdmin'
+ DESC 'Spam admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.27
+ NAME 'amavisBannedAdmin'
+ DESC 'Banned file admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.28
+ NAME 'amavisBadHeaderAdmin'
+ DESC 'Bad header admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.29
+ NAME 'amavisBannedRuleNames'
+ DESC 'Banned rule names'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.30
+ NAME 'amavisSpamDsnCutoffLevel'
+ DESC 'Spam DSN Cutoff Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.31
+ NAME 'amavisSpamQuarantineCutoffLevel'
+ DESC 'Spam Quarantine Cutoff Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.32
+ NAME 'amavisSpamSubjectTag'
+ DESC 'Spam Subject Tag'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.33
+ NAME 'amavisSpamSubjectTag2'
+ DESC 'Spam Subject Tag2'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.34
+ NAME 'amavisArchiveQuarantineTo'
+ DESC 'Archive quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.35
+ NAME 'amavisAddrExtensionVirus'
+ DESC 'Address Extension for Virus'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.36
+ NAME 'amavisAddrExtensionSpam'
+ DESC 'Address Extension for Spam'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.37
+ NAME 'amavisAddrExtensionBanned'
+ DESC 'Address Extension for Banned'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.38
+ NAME 'amavisAddrExtensionBadHeader'
+ DESC 'Address Extension for Bad Header'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+# NEW since 2.7.0:
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.39
+ NAME 'amavisSpamTag3Level'
+ DESC 'Spam Tag3 Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.40
+ NAME 'amavisSpamSubjectTag3'
+ DESC 'Spam Subject Tag3'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.41
+ NAME 'amavisUncheckedQuarantineTo'
+ DESC 'Virus quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.42
+ NAME 'amavisCleanQuarantineTo'
+ DESC 'Clean quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.43
+ NAME 'amavisUncheckedLover'
+ DESC 'Unchecked Files Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.44
+ NAME 'amavisForwardMethod'
+ DESC 'Forward / next hop destination'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.45
+ NAME 'amavisSaUserConf'
+ DESC 'SpamAssassin user preferences configuration filename'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.46
+ NAME 'amavisSaUserName'
+ DESC 'SpamAssassin username (for Bayes and AWL lookups)'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.47
+ NAME 'amavisDisclaimerOptions'
+ DESC 'Altermime disclaimer map data'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+
+# Classes
+#---------
+
+# amavisAccount
+# This class is an auxiliary class, this mean that the class will be added
+# to a structural class. Usually, the structural class is the class that
+# represent the mail account itself (e.g. an inetOrgPerson)
+
+#dn: cn=schema
+#changetype: modify
+#add: objectclasses
+objectclass ( 1.3.6.1.4.1.15312.2.2.2.1
+ NAME 'amavisAccount' AUXILIARY
+ DESC 'Amavisd Account'
+ SUP top
+ MAY ( amavisVirusLover $ amavisBypassVirusChecks $
+ amavisSpamLover $ amavisBypassSpamChecks $
+ amavisBannedFilesLover $ amavisBypassBannedChecks $
+ amavisBadHeaderLover $ amavisBypassHeaderChecks $
+ amavisSpamTagLevel $ amavisSpamTag2Level $ amavisSpamKillLevel $
+ amavisWhitelistSender $ amavisBlacklistSender $
+ amavisSpamQuarantineTo $ amavisVirusQuarantineTo $
+ amavisBannedQuarantineTo $ amavisBadHeaderQuarantineTo $
+ amavisArchiveQuarantineTo $
+ amavisSpamModifiesSubj $ amavisLocal $ amavisMessageSizeLimit $
+ amavisWarnVirusRecip $ amavisWarnBannedRecip $
+ amavisWarnBadHeaderRecip $ amavisVirusAdmin $ amavisNewVirusAdmin $
+ amavisSpamAdmin $ amavisBannedAdmin $ amavisBadHeaderAdmin $
+ amavisBannedRuleNames $
+ amavisSpamDsnCutoffLevel $ amavisSpamQuarantineCutoffLevel $
+ amavisSpamSubjectTag $ amavisSpamSubjectTag2 $
+ amavisAddrExtensionVirus $ amavisAddrExtensionSpam $
+ amavisAddrExtensionBanned $ amavisAddrExtensionBadHeader $
+ amavisSpamTag3Level $ amavisSpamSubjectTag3 $
+ amavisUncheckedQuarantineTo $ amavisCleanQuarantineTo $
+ amavisUncheckedLover $ amavisForwardMethod $
+ amavisSaUserConf $ amavisSaUserName $ amavisDisclaimerOptions $
+ cn $ description ) )
+
+#--------------------------------------------------------------------------
+#
+# GNU Free Documentation License
+# Version 1.2, November 2002
+#
+#
+# Copyright (C) 2000,2001,2002 Free Software Foundation, Inc.
+# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+# Everyone is permitted to copy and distribute verbatim copies
+# of this license document, but changing it is not allowed.
+#
+#
+# 0. PREAMBLE
+#
+# The purpose of this License is to make a manual, textbook, or other
+# functional and useful document "free" in the sense of freedom: to
+# assure everyone the effective freedom to copy and redistribute it,
+# with or without modifying it, either commercially or noncommercially.
+# Secondarily, this License preserves for the author and publisher a way
+# to get credit for their work, while not being considered responsible
+# for modifications made by others.
+#
+# This License is a kind of "copyleft", which means that derivative
+# works of the document must themselves be free in the same sense. It
+# complements the GNU General Public License, which is a copyleft
+# license designed for free software.
+#
+# We have designed this License in order to use it for manuals for free
+# software, because free software needs free documentation: a free
+# program should come with manuals providing the same freedoms that the
+# software does. But this License is not limited to software manuals;
+# it can be used for any textual work, regardless of subject matter or
+# whether it is published as a printed book. We recommend this License
+# principally for works whose purpose is instruction or reference.
+#
+#
+# 1. APPLICABILITY AND DEFINITIONS
+#
+# This License applies to any manual or other work, in any medium, that
+# contains a notice placed by the copyright holder saying it can be
+# distributed under the terms of this License. Such a notice grants a
+# world-wide, royalty-free license, unlimited in duration, to use that
+# work under the conditions stated herein. The "Document", below,
+# refers to any such manual or work. Any member of the public is a
+# licensee, and is addressed as "you". You accept the license if you
+# copy, modify or distribute the work in a way requiring permission
+# under copyright law.
+#
+# A "Modified Version" of the Document means any work containing the
+# Document or a portion of it, either copied verbatim, or with
+# modifications and/or translated into another language.
+#
+# A "Secondary Section" is a named appendix or a front-matter section of
+# the Document that deals exclusively with the relationship of the
+# publishers or authors of the Document to the Document's overall subject
+# (or to related matters) and contains nothing that could fall directly
+# within that overall subject. (Thus, if the Document is in part a
+# textbook of mathematics, a Secondary Section may not explain any
+# mathematics.) The relationship could be a matter of historical
+# connection with the subject or with related matters, or of legal,
+# commercial, philosophical, ethical or political position regarding
+# them.
+#
+# The "Invariant Sections" are certain Secondary Sections whose titles
+# are designated, as being those of Invariant Sections, in the notice
+# that says that the Document is released under this License. If a
+# section does not fit the above definition of Secondary then it is not
+# allowed to be designated as Invariant. The Document may contain zero
+# Invariant Sections. If the Document does not identify any Invariant
+# Sections then there are none.
+#
+# The "Cover Texts" are certain short passages of text that are listed,
+# as Front-Cover Texts or Back-Cover Texts, in the notice that says that
+# the Document is released under this License. A Front-Cover Text may
+# be at most 5 words, and a Back-Cover Text may be at most 25 words.
+#
+# A "Transparent" copy of the Document means a machine-readable copy,
+# represented in a format whose specification is available to the
+# general public, that is suitable for revising the document
+# straightforwardly with generic text editors or (for images composed of
+# pixels) generic paint programs or (for drawings) some widely available
+# drawing editor, and that is suitable for input to text formatters or
+# for automatic translation to a variety of formats suitable for input
+# to text formatters. A copy made in an otherwise Transparent file
+# format whose markup, or absence of markup, has been arranged to thwart
+# or discourage subsequent modification by readers is not Transparent.
+# An image format is not Transparent if used for any substantial amount
+# of text. A copy that is not "Transparent" is called "Opaque".
+#
+# Examples of suitable formats for Transparent copies include plain
+# ASCII without markup, Texinfo input format, LaTeX input format, SGML
+# or XML using a publicly available DTD, and standard-conforming simple
+# HTML, PostScript or PDF designed for human modification. Examples of
+# transparent image formats include PNG, XCF and JPG. Opaque formats
+# include proprietary formats that can be read and edited only by
+# proprietary word processors, SGML or XML for which the DTD and/or
+# processing tools are not generally available, and the
+# machine-generated HTML, PostScript or PDF produced by some word
+# processors for output purposes only.
+#
+# The "Title Page" means, for a printed book, the title page itself,
+# plus such following pages as are needed to hold, legibly, the material
+# this License requires to appear in the title page. For works in
+# formats which do not have any title page as such, "Title Page" means
+# the text near the most prominent appearance of the work's title,
+# preceding the beginning of the body of the text.
+#
+# A section "Entitled XYZ" means a named subunit of the Document whose
+# title either is precisely XYZ or contains XYZ in parentheses following
+# text that translates XYZ in another language. (Here XYZ stands for a
+# specific section name mentioned below, such as "Acknowledgements",
+# "Dedications", "Endorsements", or "History".) To "Preserve the Title"
+# of such a section when you modify the Document means that it remains a
+# section "Entitled XYZ" according to this definition.
+#
+# The Document may include Warranty Disclaimers next to the notice which
+# states that this License applies to the Document. These Warranty
+# Disclaimers are considered to be included by reference in this
+# License, but only as regards disclaiming warranties: any other
+# implication that these Warranty Disclaimers may have is void and has
+# no effect on the meaning of this License.
+#
+#
+# 2. VERBATIM COPYING
+#
+# You may copy and distribute the Document in any medium, either
+# commercially or noncommercially, provided that this License, the
+# copyright notices, and the license notice saying this License applies
+# to the Document are reproduced in all copies, and that you add no other
+# conditions whatsoever to those of this License. You may not use
+# technical measures to obstruct or control the reading or further
+# copying of the copies you make or distribute. However, you may accept
+# compensation in exchange for copies. If you distribute a large enough
+# number of copies you must also follow the conditions in section 3.
+#
+# You may also lend copies, under the same conditions stated above, and
+# you may publicly display copies.
+#
+#
+# 3. COPYING IN QUANTITY
+#
+# If you publish printed copies (or copies in media that commonly have
+# printed covers) of the Document, numbering more than 100, and the
+# Document's license notice requires Cover Texts, you must enclose the
+# copies in covers that carry, clearly and legibly, all these Cover
+# Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on
+# the back cover. Both covers must also clearly and legibly identify
+# you as the publisher of these copies. The front cover must present
+# the full title with all words of the title equally prominent and
+# visible. You may add other material on the covers in addition.
+# Copying with changes limited to the covers, as long as they preserve
+# the title of the Document and satisfy these conditions, can be treated
+# as verbatim copying in other respects.
+#
+# If the required texts for either cover are too voluminous to fit
+# legibly, you should put the first ones listed (as many as fit
+# reasonably) on the actual cover, and continue the rest onto adjacent
+# pages.
+#
+# If you publish or distribute Opaque copies of the Document numbering
+# more than 100, you must either include a machine-readable Transparent
+# copy along with each Opaque copy, or state in or with each Opaque copy
+# a computer-network location from which the general network-using
+# public has access to download using public-standard network protocols
+# a complete Transparent copy of the Document, free of added material.
+# If you use the latter option, you must take reasonably prudent steps,
+# when you begin distribution of Opaque copies in quantity, to ensure
+# that this Transparent copy will remain thus accessible at the stated
+# location until at least one year after the last time you distribute an
+# Opaque copy (directly or through your agents or retailers) of that
+# edition to the public.
+#
+# It is requested, but not required, that you contact the authors of the
+# Document well before redistributing any large number of copies, to give
+# them a chance to provide you with an updated version of the Document.
+#
+#
+# 4. MODIFICATIONS
+#
+# You may copy and distribute a Modified Version of the Document under
+# the conditions of sections 2 and 3 above, provided that you release
+# the Modified Version under precisely this License, with the Modified
+# Version filling the role of the Document, thus licensing distribution
+# and modification of the Modified Version to whoever possesses a copy
+# of it. In addition, you must do these things in the Modified Version:
+#
+# A. Use in the Title Page (and on the covers, if any) a title distinct
+# from that of the Document, and from those of previous versions
+# (which should, if there were any, be listed in the History section
+# of the Document). You may use the same title as a previous version
+# if the original publisher of that version gives permission.
+# B. List on the Title Page, as authors, one or more persons or entities
+# responsible for authorship of the modifications in the Modified
+# Version, together with at least five of the principal authors of the
+# Document (all of its principal authors, if it has fewer than five),
+# unless they release you from this requirement.
+# C. State on the Title page the name of the publisher of the
+# Modified Version, as the publisher.
+# D. Preserve all the copyright notices of the Document.
+# E. Add an appropriate copyright notice for your modifications
+# adjacent to the other copyright notices.
+# F. Include, immediately after the copyright notices, a license notice
+# giving the public permission to use the Modified Version under the
+# terms of this License, in the form shown in the Addendum below.
+# G. Preserve in that license notice the full lists of Invariant Sections
+# and required Cover Texts given in the Document's license notice.
+# H. Include an unaltered copy of this License.
+# I. Preserve the section Entitled "History", Preserve its Title, and add
+# to it an item stating at least the title, year, new authors, and
+# publisher of the Modified Version as given on the Title Page. If
+# there is no section Entitled "History" in the Document, create one
+# stating the title, year, authors, and publisher of the Document as
+# given on its Title Page, then add an item describing the Modified
+# Version as stated in the previous sentence.
+# J. Preserve the network location, if any, given in the Document for
+# public access to a Transparent copy of the Document, and likewise
+# the network locations given in the Document for previous versions
+# it was based on. These may be placed in the "History" section.
+# You may omit a network location for a work that was published at
+# least four years before the Document itself, or if the original
+# publisher of the version it refers to gives permission.
+# K. For any section Entitled "Acknowledgements" or "Dedications",
+# Preserve the Title of the section, and preserve in the section all
+# the substance and tone of each of the contributor acknowledgements
+# and/or dedications given therein.
+# L. Preserve all the Invariant Sections of the Document,
+# unaltered in their text and in their titles. Section numbers
+# or the equivalent are not considered part of the section titles.
+# M. Delete any section Entitled "Endorsements". Such a section
+# may not be included in the Modified Version.
+# N. Do not retitle any existing section to be Entitled "Endorsements"
+# or to conflict in title with any Invariant Section.
+# O. Preserve any Warranty Disclaimers.
+#
+# If the Modified Version includes new front-matter sections or
+# appendices that qualify as Secondary Sections and contain no material
+# copied from the Document, you may at your option designate some or all
+# of these sections as invariant. To do this, add their titles to the
+# list of Invariant Sections in the Modified Version's license notice.
+# These titles must be distinct from any other section titles.
+#
+# You may add a section Entitled "Endorsements", provided it contains
+# nothing but endorsements of your Modified Version by various
+# parties--for example, statements of peer review or that the text has
+# been approved by an organization as the authoritative definition of a
+# standard.
+#
+# You may add a passage of up to five words as a Front-Cover Text, and a
+# passage of up to 25 words as a Back-Cover Text, to the end of the list
+# of Cover Texts in the Modified Version. Only one passage of
+# Front-Cover Text and one of Back-Cover Text may be added by (or
+# through arrangements made by) any one entity. If the Document already
+# includes a cover text for the same cover, previously added by you or
+# by arrangement made by the same entity you are acting on behalf of,
+# you may not add another; but you may replace the old one, on explicit
+# permission from the previous publisher that added the old one.
+#
+# The author(s) and publisher(s) of the Document do not by this License
+# give permission to use their names for publicity for or to assert or
+# imply endorsement of any Modified Version.
+#
+#
+# 5. COMBINING DOCUMENTS
+#
+# You may combine the Document with other documents released under this
+# License, under the terms defined in section 4 above for modified
+# versions, provided that you include in the combination all of the
+# Invariant Sections of all of the original documents, unmodified, and
+# list them all as Invariant Sections of your combined work in its
+# license notice, and that you preserve all their Warranty Disclaimers.
+#
+# The combined work need only contain one copy of this License, and
+# multiple identical Invariant Sections may be replaced with a single
+# copy. If there are multiple Invariant Sections with the same name but
+# different contents, make the title of each such section unique by
+# adding at the end of it, in parentheses, the name of the original
+# author or publisher of that section if known, or else a unique number.
+# Make the same adjustment to the section titles in the list of
+# Invariant Sections in the license notice of the combined work.
+#
+# In the combination, you must combine any sections Entitled "History"
+# in the various original documents, forming one section Entitled
+# "History"; likewise combine any sections Entitled "Acknowledgements",
+# and any sections Entitled "Dedications". You must delete all sections
+# Entitled "Endorsements".
+#
+#
+# 6. COLLECTIONS OF DOCUMENTS
+#
+# You may make a collection consisting of the Document and other documents
+# released under this License, and replace the individual copies of this
+# License in the various documents with a single copy that is included in
+# the collection, provided that you follow the rules of this License for
+# verbatim copying of each of the documents in all other respects.
+#
+# You may extract a single document from such a collection, and distribute
+# it individually under this License, provided you insert a copy of this
+# License into the extracted document, and follow this License in all
+# other respects regarding verbatim copying of that document.
+#
+#
+# 7. AGGREGATION WITH INDEPENDENT WORKS
+#
+# A compilation of the Document or its derivatives with other separate
+# and independent documents or works, in or on a volume of a storage or
+# distribution medium, is called an "aggregate" if the copyright
+# resulting from the compilation is not used to limit the legal rights
+# of the compilation's users beyond what the individual works permit.
+# When the Document is included in an aggregate, this License does not
+# apply to the other works in the aggregate which are not themselves
+# derivative works of the Document.
+#
+# If the Cover Text requirement of section 3 is applicable to these
+# copies of the Document, then if the Document is less than one half of
+# the entire aggregate, the Document's Cover Texts may be placed on
+# covers that bracket the Document within the aggregate, or the
+# electronic equivalent of covers if the Document is in electronic form.
+# Otherwise they must appear on printed covers that bracket the whole
+# aggregate.
+#
+#
+# 8. TRANSLATION
+#
+# Translation is considered a kind of modification, so you may
+# distribute translations of the Document under the terms of section 4.
+# Replacing Invariant Sections with translations requires special
+# permission from their copyright holders, but you may include
+# translations of some or all Invariant Sections in addition to the
+# original versions of these Invariant Sections. You may include a
+# translation of this License, and all the license notices in the
+# Document, and any Warranty Disclaimers, provided that you also include
+# the original English version of this License and the original versions
+# of those notices and disclaimers. In case of a disagreement between
+# the translation and the original version of this License or a notice
+# or disclaimer, the original version will prevail.
+#
+# If a section in the Document is Entitled "Acknowledgements",
+# "Dedications", or "History", the requirement (section 4) to Preserve
+# its Title (section 1) will typically require changing the actual
+# title.
+#
+#
+# 9. TERMINATION
+#
+# You may not copy, modify, sublicense, or distribute the Document except
+# as expressly provided for under this License. Any other attempt to
+# copy, modify, sublicense or distribute the Document is void, and will
+# automatically terminate your rights under this License. However,
+# parties who have received copies, or rights, from you under this
+# License will not have their licenses terminated so long as such
+# parties remain in full compliance.
+#
+#
+# 10. FUTURE REVISIONS OF THIS LICENSE
+#
+# The Free Software Foundation may publish new, revised versions
+# of the GNU Free Documentation License from time to time. Such new
+# versions will be similar in spirit to the present version, but may
+# differ in detail to address new problems or concerns. See
+# http://www.gnu.org/copyleft/.
+#
+# Each version of the License is given a distinguishing version number.
+# If the Document specifies that a particular numbered version of this
+# License "or any later version" applies to it, you have the option of
+# following the terms and conditions either of that specified version or
+# of any later version that has been published (not as a draft) by the
+# Free Software Foundation. If the Document does not specify a version
+# number of this License, you may choose any version ever published (not
+# as a draft) by the Free Software Foundation.
dovecot:x:111:117:Dovecot mail server,,,:/usr/lib/dovecot:/usr/sbin/nologin
dovenull:x:112:118:Dovecot login user,,,:/nonexistent:/usr/sbin/nologin
opendkim:x:113:119::/var/run/opendkim:/usr/sbin/nologin
+amavis:x:114:120:AMaViS system user,,,:/var/lib/amavis:/bin/sh
dovecot:x:111:117:Dovecot mail server,,,:/usr/lib/dovecot:/usr/sbin/nologin
dovenull:x:112:118:Dovecot login user,,,:/nonexistent:/usr/sbin/nologin
opendkim:x:113:119::/var/run/opendkim:/usr/sbin/nologin
+amavis:x:114:120::/var/lib/amavis:/bin/sh
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
dovecot:*:17840:0:99999:7:::
dovenull:*:17840:0:99999:7:::
opendkim:*:17840:0:99999:7:::
+amavis:*:17840:0:99999:7:::
dovecot:*:17840:0:99999:7:::
dovenull:*:17840:0:99999:7:::
opendkim:*:17840:0:99999:7:::
+amavis:*:17840:0:99999:7:::
--- /dev/null
+#!/bin/sh
+
+#This scripts restarts amavisd-new after spamassassin
+#rules got updated
+
+NAME=amavisd-new
+AMAVISPID=/var/run/amavis/amavisd.pid
+INIT=/etc/init.d/amavis
+
+# stolen from dhcpd3 initscript
+# single arg is -v for messages, -q for none
+check_status()
+{
+ if [ ! -r "$AMAVISPID" ]; then
+ test "$1" != -v || echo "$NAME is not running."
+ return 3
+ fi
+ if read pid < "$AMAVISPID" && ps -p "$pid" > /dev/null 2>&1; then
+ test "$1" != -v || echo "$NAME is running."
+ return 0
+ else
+ test "$1" != -v || echo "$NAME is not running but $AMAVISPID exists."
+ return 1
+ fi
+}
+
+#exit if amavis is not running
+check_status || exit
+
+$INIT restart > /dev/null
+
projects / vserver / commitdiff