IRedMail/FAQ/Quarantining.Messages
From iRedMail
(Difference between revisions)
(→Steps) |
(→Steps) |
||
| Line 6: | Line 6: | ||
When amavisd detects a spam email, it logs a message to its log file by default. It can also quarantine the email and/or notify an administrator. It can then generate a bounce message to the sender. Finally, it can either accept and deliver the message, or discard the message. Many different configuration variables are involved in these decisions. | When amavisd detects a spam email, it logs a message to its log file by default. It can also quarantine the email and/or notify an administrator. It can then generate a bounce message to the sender. Finally, it can either accept and deliver the message, or discard the message. Many different configuration variables are involved in these decisions. | ||
| - | = | + | = Configure Amavisd = |
Enable a spam quarantine by setting the following variables: | Enable a spam quarantine by setting the following variables: | ||
{{cfg|/etc/amavisd.conf|<pre> | {{cfg|/etc/amavisd.conf|<pre> | ||
| Line 29: | Line 29: | ||
# %i => iso8601 timestamp of a message reception time by amavisd | # %i => iso8601 timestamp of a message reception time by amavisd | ||
# %% => % | # %% => % | ||
| - | $spam_quarantine_method = 'local:spam-%i | + | $spam_quarantine_method = 'local:spam-%i-%m'; |
# What to do with SPAM emails. | # What to do with SPAM emails. | ||
| Line 46: | Line 46: | ||
* '''D_BOUNCE''': Mail will not be delivered to its recipients, a non-delivery notification (bounce) will be sent to the sender by amavisd-new; Exception: bounce (DSN) will not be sent if a virus name matches $viruses_that_fake_sender_re, or to messages from mailing lists, or for spam level that exceeds the $sa_dsn_cutoff_level. | * '''D_BOUNCE''': Mail will not be delivered to its recipients, a non-delivery notification (bounce) will be sent to the sender by amavisd-new; Exception: bounce (DSN) will not be sent if a virus name matches $viruses_that_fake_sender_re, or to messages from mailing lists, or for spam level that exceeds the $sa_dsn_cutoff_level. | ||
* '''D_REJECT''': mail will not be delivered to its recipients, sender should preferably get a reject, e.g. SMTP permanent reject response. | * '''D_REJECT''': mail will not be delivered to its recipients, sender should preferably get a reject, e.g. SMTP permanent reject response. | ||
| + | |||
| + | = Testing = | ||
| + | SpamAssassin ships a sample SPAM mail, you can use Outlook/Thunderbird/Mail.app to open it and send it to your local user, it should be blocked. and you will find similar message in log file (/var/log/maillog or /var/log/mail.log): | ||
| + | |||
| + | Aug 25 23:49:07 r6 amavis[3834]: (03834-01) Blocked SPAM, MYNETS LOCAL [192.168.187.1] | ||
| + | [192.168.187.1] <www@a.cn> -> <www@a.cn>, quarantine: S/spam-20100825T234859-SX9PrjWLAKOv, | ||
| + | Message-ID: <4C753B6A.4020304@a.cn>, mail_id: SX9PrjWLAKOv, Hits: 996.105, size: 995, 7922 ms | ||
= References = | = References = | ||
Revision as of 15:51, 25 August 2010
Contents |
WARNING: This is NOT finished yet, do NOT apply it on your product server.
Summary
When amavisd detects a spam email, it logs a message to its log file by default. It can also quarantine the email and/or notify an administrator. It can then generate a bounce message to the sender. Finally, it can either accept and deliver the message, or discard the message. Many different configuration variables are involved in these decisions.
Configure Amavisd
Enable a spam quarantine by setting the following variables:
| File: /etc/amavisd.conf |
# Set quarantine directory. Default is /var/virusmails. $QUARANTINEDIR = '/var/virusmails'; # Add level of subdirs to disperse quarantine. Default is 1. $quarantine_subdir_levels = 1; # What to do with amavisd-release. $release_format = 'resend'; # 'attach', 'plain', 'resend' # Set default action when found SPAM. $final_spam_destiny = D_DISCARD; # Filename of SPAM email in $QUARANTINEDIR. # Below is a complete list of place-holders currently recognized in filename templates: # %P => $msginfo->partition_tag # %b => $msginfo->body_digest # %m => $msginfo->mail_id # %n => $msginfo->log_id # %i => iso8601 timestamp of a message reception time by amavisd # %% => % $spam_quarantine_method = 'local:spam-%i-%m'; # What to do with SPAM emails. # - spam-quaranteine: Put SPAM in quarantine directory. # - postmaster@domain.ltd: Send SPAM to "postmaster@domain.ltd". # - undef: Do nothing with SPAM. $spam_quarantine_to = 'spam-quarantine'; # Send notification to admin. #$spam_admin = "martin.zahn\@$mydomain"; |
The following symbolic constants can be used in $final_spam_destiny:
- D_DISCARD: Mail will not be delivered to its recipients, sender will NOT be notified. Effectively we lose mail (but will be quarantined unless disabled). Losing mail is not decent for a mailer, but might be desired.
- D_BOUNCE: Mail will not be delivered to its recipients, a non-delivery notification (bounce) will be sent to the sender by amavisd-new; Exception: bounce (DSN) will not be sent if a virus name matches $viruses_that_fake_sender_re, or to messages from mailing lists, or for spam level that exceeds the $sa_dsn_cutoff_level.
- D_REJECT: mail will not be delivered to its recipients, sender should preferably get a reject, e.g. SMTP permanent reject response.
Testing
SpamAssassin ships a sample SPAM mail, you can use Outlook/Thunderbird/Mail.app to open it and send it to your local user, it should be blocked. and you will find similar message in log file (/var/log/maillog or /var/log/mail.log):
Aug 25 23:49:07 r6 amavis[3834]: (03834-01) Blocked SPAM, MYNETS LOCAL [192.168.187.1]
[192.168.187.1] <www@a.cn> -> <www@a.cn>, quarantine: S/spam-20100825T234859-SX9PrjWLAKOv,
Message-ID: <4C753B6A.4020304@a.cn>, mail_id: SX9PrjWLAKOv, Hits: 996.105, size: 995, 7922 ms
