UNIX03/Amavisd-New

Amavisd-New is decended from [AMaViS - A Mail Virus Scanner], which was intended as a snap-in integrator for a number of UNIX anti-virus scanners with an MTA. AMaViS also aimed to have their own in-house anti-virus scanner, but certain technical problems early on in the project required much of the code to be rewritten shortly after their initial stable release.

Amavisd-New is now more of a mail preprocessor, ala Procmail, but with a more limitted focus than other preprocessors. It is meant to easily allow ant-virus and anti-spam scanners to be integrated into an existing mail system, and that is all it is meant for. Whereas using Procmail to simply scan for viruses and spam might be like using a Bazooka to swat a fly, Amavisd-New would be more like simply using a fly-swatter.

That being said, you may still wish to supply Procmail to your users in addition to Amavisd-New. As was said before, Procmail can do things such as preprocess mail into a specific folder tree, or even into alternative accounts, so your users may still have a need for it. However, if they do not need it, and all you wish is for a virus/spam scanner, then Amavisd-New will be sufficient.

Amavisd-New should be run as a non-priviledged user, preferably as a user "amavisd", and should have its own unique group (again, "amavisd" will suffice).

/etc/amavisd.conf

 use strict;

 $MYHOME = '/var/amavisd';
 $mydomain = 'domain.com';
 $daemon_user = 'amavisd';
 $daemon_group = 'amavisd';
 $daemon_chroot_dir = $MYHOME;

 $QUARANTINEDIR = "$MYHOME/quarantine";
 $TEMPBASE = "$MYHOME/tmp";
 $ENV{TMPDIR} = $TEMPBASE;
 $helpers_home = $MYHOME;

 $forward_method = 'smtp:127.0.0.1:10025';
 $notify_method = $forward_method;
 $inet_socket_port = 10024;
 $inet_socket_bind = '127.0.0.1';
 @inet_acl = qw( 127.0.0.1 );

 @bypass_virus_checks_acl = qw( . );
 @local_domains_acl = ( ".$mydomain" );

 $DO_SYSLOG = 1; # (1 = syslog, 0 = logfile)
 $LOGFILE = "$MYHOME/amavis.log";
 $log_level = 5; # (0-5)

 $hdrfrom_notify_sender =
         'SpamAssassin <helpdesk@domain.com>';
 $notify_spam_sender_templ =
         read_text("$MYHOME/notify_spam_sender.txt");

 # Set to D_BOUNCE to block/notify, D_PASS to pass through
 $final_spam_destiny = D_PASS;

 read_hash(\%whitelist_sender, '/var/amavisd/whitelist');
 read_hash(\%blacklist_sender, '/var/amavisd/blacklist');
 read_hash(\%spam_lovers, '/var/amavisd/spam_lovers');

 #defending against mail bombs
 # Maximum recursion level for extraction/decoding
 $MAXLEVELS = 14;
 # Maximum number of extracted files
 $MAXFILES = 1500; 
 # bytes (default undef, not enforced)
 $MIN_EXPANSION_QUOTA = 100*1024;
 # bytes (default undef, not enforced)
 $MAX_EXPANSION_QUOTA = 300*1024*1024;
 # times original mail size (must be specified)
 $MIN_EXPANSION_FACTOR = 5;
 # times original mail size (must be specified)
 $MAX_EXPANSION_FACTOR = 500;

 $path =
    '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';

 #$banned_filename_re = new_RE();

 $file = 'file';
 $arc = ['nomarch', 'arc'];
 $gzip = 'gzip';
 $bzip2 = 'bzip2';
 $uncompress = ['uncompress', 'gzip -d', 'zcat'];
 $lha = 'lha';
 $unarj = 'unarj';
 $unrar = 'unrar';
 $zoo = 'zoo';

 # SpamAssassin settings
 $sa_local_tests_only = 0;
 # comment this line out to turn off auto whitelist
 $sa_auto_whitelist = 1;
 $sa_mail_body_size_limit = 64*1024; # 64KB

 # controls adding the X-Spam-Status and X-Spam-Level headers,
 $sa_tag_level_deflt = 3.0;
 # controls adding 'X-Spam-Flag: YES', and  editing Subject,
 $sa_tag2_level_deflt = 6.3;
 # triggers spam evasive actions:
 $sa_kill_level_deflt = $sa_tag2_level_deflt;

 $sa_spam_subject_tag = '***SPAM*** ';
 $sa_debug = 1; # comment this line out to turn off debugging

 1; # insure a defined return

(C) Copyright 2003 Samuel Hart

This work is licensed under a Creative Commons License.