1

Topic: SPAM --> Quarantine

==== Required information ====
- iRedMail version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Related log if you're reporting an issue:
==== ==== Required information ====
- iRedMail version: 0.8.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Debian
- Related log if you're reporting an issue:
====

Hello,
by default quarantine  is disabled
why in mail.log file the amavis session writes "quarantine: filename" as below?

Passed SPAM, LOCAL [x.x.x.x] [y.y.y.y] <sender> -> <recipient>, quarantine: "some letter (A,B...)"/spam-fYopdmsbn.gz


Thanks

2

Re: SPAM --> Quarantine

- Does file spam-fYopdmsbn.gz exist?
- It says "Passed", that means it's not quarantined anywhere.

3

Re: SPAM --> Quarantine

Yes, file exists in /var/lib/amavis/virusmails


Thanks

4

Re: SPAM --> Quarantine

Could you please show me output of below commands to help troubleshoot:

# cd /etc/amavis/conf.d/
# grep 'final_spam_destiny' *

5

Re: SPAM --> Quarantine

20-debian_defaults:$final_spam_destiny       = D_BOUNCE;
50-user:$final_spam_destiny       = D_PASS;



Thanks

6

Re: SPAM --> Quarantine

FYI:

D_PASS:    Mail will pass to recipients, regardless of bad contents. If a quarantine is configured, a copy of the mail will go there, if not, at least the recipient received the mail. Note that including a recipient in a @*_lovers_maps is functionally equivalent to setting $final_*_destiny = D_PASS; for that recipient.

So, do you have any quarantine settings in Amavisd config file? Show us output of below command please:

# cd /etc/amavis/conf.d/
# grep 'quarantine' *

7

Re: SPAM --> Quarantine

Amavisd configuration file was not modified and it's a default install config.
Output of grep command:

15-av_scanners:    # the quarantine directory, and the quarantine option can not be disabled.
20-debian_defaults:$quarantine_subdir_levels = 1; # enable quarantine dir hashing
20-debian_defaults:$final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
50-user:# listen on multiple TCP ports. 9998 is used for releasing quarantined mails.
50-user:$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
50-user:# Port used to release quarantined mails.
50-user:# Don't quarantine mails with bad header.
50-user:$bad_header_quarantine_method = undef;
50-user:#$spam_quarantine_to = 'spam-quarantine';
50-user:#$spam_quarantine_method = 'sql:';
50-user:#$virus_quarantine_to     = 'virus-quarantine';
50-user:#$virus_quarantine_method = 'sql:';
50-user:#$banned_files_quarantine_method = 'sql:';
50-user:#$banned_quarantine_to = 'banned-quarantine';

Thanks

8

Re: SPAM --> Quarantine

No idea at all, sorry.

- Does it work if you set "$spam_quarantine_method = undef;" in /etc/amavis/conf.d/50-user? (Restarting Amavisd service is required after you added this parameter.)
- Since the SPAM is bypassed and delivered to user mailbox, it's SAFE to delete quarantined one under /var/lib/amavis/virusmails/. File name of quarantined spam starts with 'spam-'.

9

Re: SPAM --> Quarantine

I notice that also a banned mails are quarantine.
session log:
Passed BANNED, LOCAL [x.x.x.x] [y.y.y.y] <sender> -> <recipient>, quarantine: "some letter (A,B...)"/banned-AIMkZd8I0E2H

file exists in /var/lib/amavis/virusmails

can I just delete files, or it's necessary to update some index?


Thanks

10

Re: SPAM --> Quarantine

I confirm this "bug". Same here, quarantine is disabled but I still get files on quarantine folder.

11

Re: SPAM --> Quarantine

Please set "$spam_quarantine_method = undef;" in Amavisd config file.