# amavisd-new, clamav (clamd) anddazuko

## der-pima

Hi!

Ich some problems /questions, maybe you can help me

1)Using ClamAV (clamd) means that i have to install clamuko (dazuko),

but i couldnt find it in the portage tree.

So ihave to install it manually? 

2) Please have a look at this after typing "amavisd debug":

amavisd debug 

Jan 24 00:41:17 web amavisd[19549]: starting. amavisd at web amavisd-new-20030616-p7, Unicode aware 

Jan 24 00:41:17 web amavisd[19549]: Perl version 5.008 

Jan 24 00:41:17 web amavisd[19549]: Module Amavis::Conf 1.15 

Jan 24 00:41:17 web amavisd[19549]: Module Archive::Tar 1.03 

Jan 24 00:41:17 web amavisd[19549]: Module Archive::Zip 1.06 

Jan 24 00:41:17 web amavisd[19549]: Module Compress::Zlib 1.22 

Jan 24 00:41:17 web amavisd[19549]: Module Convert::TNEF 0.17 

Jan 24 00:41:17 web amavisd[19549]: Module Convert::UUlib 0.31 

Jan 24 00:41:17 web amavisd[19549]: Module MIME::Entity 5.404 

Jan 24 00:41:17 web amavisd[19549]: Module MIME::Parser 5.406 

Jan 24 00:41:17 web amavisd[19549]: Module MIME::Tools 5.411 

Jan 24 00:41:17 web amavisd[19549]: Module Mail::Header 1.58 

Jan 24 00:41:17 web amavisd[19549]: Module Mail::Internet 1.58 

Jan 24 00:41:17 web amavisd[19549]: Module Mail::SpamAssassin 2.60 

Jan 24 00:41:17 web amavisd[19549]: Module Net::Cmd 2.24 

Jan 24 00:41:17 web amavisd[19549]: Module Net::DNS 0.38 

Jan 24 00:41:17 web amavisd[19549]: Module Net::SMTP 2.26 

Jan 24 00:41:17 web amavisd[19549]: Module Net::Server 0.85 

Jan 24 00:41:17 web amavisd[19549]: Module Time::HiRes 1.47 

Jan 24 00:41:17 web amavisd[19549]: Module Unix::Syslog 0.100 

Jan 24 00:41:17 web amavisd[19549]: Found myself: /usr/sbin/amavisd -c /etc/amavisd.conf 

Jan 24 00:41:17 web amavisd[19549]: Lookup::SQL code loaded 

Jan 24 00:41:17 web amavisd[19549]: Lookup::LDAP code NOT loaded 

Jan 24 00:41:17 web amavisd[19549]: AMCL-in protocol code NOT loaded 

Jan 24 00:41:17 web amavisd[19549]: SMTP-in protocol code loaded 

Jan 24 00:41:17 web amavisd[19549]: ANTI-VIRUS code NOT loaded 

Jan 24 00:41:17 web amavisd[19549]: ANTI-SPAM code loaded 

Pid_file "/var/run/amavis/amavisd.pid" already exists. Overwriting! 

Jan 24 00:41:17 web amavisd[19549]: Net::Server: 2004/01/24-00:41:17 Amavis (type Net::Server::PreForkSimple) starting! pid(19549) 

Jan 24 00:41:17 web amavisd[19549]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1 

Jan 24 00:41:17 web amavisd[19549]: Net::Server: Chrooting to /var/run/amavis 

Jan 24 00:41:17 web amavisd[19549]: Net::Server: Setting gid to "408 408" 

Jan 24 00:41:17 web amavisd[19549]: Net::Server: Setting uid to "1004" 

Jan 24 00:41:17 web amavisd[19549]: Net::Server: Couldn't POSIX::setuid to "1004" [Illegal seek] 

Jan 24 00:41:17 web amavisd[19549]: Net::Server: Setting up serialization via flock 

Jan 24 00:41:17 web amavisd[19549]: No $file, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $arc, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $gzip, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $bzip2, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $lzop, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $lha, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $unarj, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $uncompress, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $unfreeze, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $unrar, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $zoo, not using it 

Jan 24 00:41:17 web amavisd[19549]: No $cpio, not using it 

No TEMPBASE directory: /var/run/amavis /var/run/amavis/tmp at /usr/sbin/amavisd line 4870. 

___________ 

my amavisd.conf 

use strict; 

$MYHOME = '/var/run/amavis'; 

$mydomain = 'lalelu.com'; 

$daemon_user = 'amavis'; 

$daemon_group = 'amavis'; 

$daemon_chroot_dir = $MYHOME; 

$QUARANTINEDIR = "$MYHOME/quarantine"; 

$TEMPBASE = "$MYHOME/tmp"; 

$ENV{TMPDIR} = $TEMPBASE; 

$helpers_home = $MYHOME; 

$forward_method = 'smtp:127.0.0.1:10025'; 

$notify_method = $forward_method; 

$inet_socket_port = 10024; 

$inet_socket_bind = '127.0.0.1'; 

@inet_acl = qw( 127.0.0.1 ); 

$final_virus_destiny = D_DISCARD; # (defaults to D_BOUNCE) 

$final_banned_destiny = D_DISCARD; # (defaults to D_BOUNCE) 

$final_spam_destiny = D_DISCARD; # (defaults to D_REJECT) 

$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested 

@av_scanners = ( 

['Clam Antivirus-clamd', 

\&ask_daemon, ["CONTSCAN {}\n", '/var/run/clamd.ctl'], 

qr/\bOK$/, qr/\bFOUND$/, 

qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], 

); 

@av_scanners_backup = ( 

### http://clamav.elektrapro.com/

['Clam Antivirus - clamscan', 'clamscan', 

'--stdout --disable-summary -r {}', [0], [1], 

qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], 

); 

$virus_admin = 'virus@lalelu.com; 

$X_HEADER_TAG = 'Virus- and Spamscanned'; 

@bypass_virus_checks_acl = qw( . ); 

@local_domains_acl = ( ".$mydomain" ); 

$DO_SYSLOG = 1; # (1 = syslog, 0 = logfile) 

$LOGFILE = "$MYHOME/amavis.log"; 

$log_level = 5; # (0-5) 

$hdrfrom_notify_sender = 'SpamAssassin <info@lalelu.com>'; 

#$notify_spam_sender_templ = read_text("$MYHOME/notify_spam_sender.txt"); 

$final_spam_destiny = D_PASS; # Set to D_BOUNCE to block/notify, D_PASS to pass through 

read_hash(\%whitelist_sender, '/var/run/amavis/whitelist'); 

read_hash(\%blacklist_sender, '/var/run/amavis/blacklist'); 

read_hash(\%spam_lovers, '/var/run/amavis/spam_lovers'); 

#defending against mail bombs 

$MAXLEVELS = 14; # Maximum recursion level for extraction/decoding 

$MAXFILES = 1500; # Maximum number of extracted files 

$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) 

$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) 

$MIN_EXPANSION_FACTOR = 5; # times original mail size (must be specified) 

$MAX_EXPANSION_FACTOR = 500; # times original mail size (must be specified) 

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; 

$banned_filename_re = new_RE( 

qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js| 

jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb| 

vbe|vbs|wsc|wsf|wsh)$'ix, 

); 

$file = 'file'; 

$arc = ['nomarch', 'arc']; 

$gzip = 'gzip'; 

$bzip2 = 'bzip2'; 

$uncompress = ['uncompress', 'gzip -d', 'zcat']; 

$lha = 'lha'; 

$unarj = 'unarj'; 

$unrar = 'unrar'; 

$zoo = 'zoo'; 

# SpamAssassin settings 

$sa_local_tests_only = 1; 

$sa_auto_whitelist = 1; # comment this line out to turn off auto whitelist 

$sa_mail_body_size_limit = 64*1024; # 64KB 

$sa_tag_level_deflt = 3.0; # controls adding the X-Spam-Status and X-Spam-Level headers, 

$sa_tag2_level_deflt = 6.3; # controls adding 'X-Spam-Flag: YES', and editing Subject, 

$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions: 

$sa_spam_subject_tag = '***SPAM*** '; 

$sa_debug = 1; # comment this line out to turn off debugging 

@lookup_sql_dsn = ( ['DBI:mysql:webspace:localhost', 'root', 'PASSWORT'] ); 

$sql_select_policy = 

'SELECT CONCAT_WS(\'@\',users.username,users.domainname) AS email,policy.*'. 

' FROM users, policy'. 

' WHERE (users.policy_id=policy.id)'. 

' AND (CONCAT_WS(\'@\',users.username,users.domainname)'. 

' IN (%k)) ORDER BY users.priority DESC'; 

$sql_select_white_black_list = 1; 

1; # insure a defined return 

_______________ 

my clamav.conf 

## 

## Example config file for the Clam AV daemon 

## Please read the clamav.conf(5) manual before editing this file. 

## 

# Comment or remove the line below. 

#Example 

# Uncomment this option to enable logging. 

# LogFile must be writable for the user running the daemon. 

# Full path is required. 

LogFile /var/log/clamd.log 

# By default the log file is locked for writing - the lock protects against 

# running clamd multiple times (if want to run another clamd, please 

# copy the configuration file, change the LogFile variable, and run 

# the daemon with --config-file option). That's why you shouldn't uncomment 

# this option. 

#LogFileUnlock 

# Maximal size of the log file. Default is 1 Mb. 

# Value of 0 disables the limit. 

# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) 

# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size 

# in bytes just don't use modifiers. 

#LogFileMaxSize 2M 

# Log time with an each message. 

LogTime 

# Use system logger (can work together with LogFile). 

#LogSyslog 

# Enable verbose logging. 

LogVerbose 

# This option allows you to save the process identifier of the listening 

# daemon (main thread). 

PidFile /var/run/clamd.pid 

# Path to a directory containing .db files. 

# Default is the hardcoded directory (mostly /usr/local/share/clamav, 

# it depends on installation options). 

#DataDirectory /var/lib/clamav 

# The daemon works in local or network mode. Currently the local mode is 

# recommended for security reasons. 

# Path to the local socket. The daemon doesn't change the mode of the 

# created file (portability reasons). You may want to create it in a directory 

# which is only accessible for a user running daemon. 

LocalSocket /tmp/clamd 

# TCP port address. 

#TCPSocket 3310 

#TCPSocket 784 

# Maximum length the queue of pending connections may grow to. 

# Default is 15. 

#MaxConnectionQueueLength 30 

# When activated, input stream (see STREAM command) will be saved to disk before 

# scanning - this allows scanning within archives. 

StreamSaveToDisk 

# Close the connection if this limit is exceeded. 

#StreamMaxLength 10M 

# Maximal number of a threads running at the same time. 

# Default is 5, and it should be sufficient for a typical workstation. 

# You may need to increase threads number for a server machine. 

#MaxThreads 10 

# Thread (scanner - single task) will be stopped after this time (seconds). 

# Default is 180. Value of 0 disables the timeout. SECURITY HINT: Increase the 

# timeout instead of disabling it. 

#ThreadTimeout 500 

# Maximal depth the directories are scanned at. 

MaxDirectoryRecursion 15 

# Follow a directory symlinks. 

# SECURITY HINT: You should have enabled directory recursion limit to 

# avoid potential problems. 

#FollowDirectorySymlinks 

# Follow regular file symlinks. 

#FollowFileSymlinks 

# Do internal checks (eg. check the integrity of the database structures) 

# By default clamd checks itself every 3600 seconds (1 hour). 

#SelfCheck 600 

# Run as selected user (clamd must be started by root). 

# By default it doesn't drop privileges. 

User clamav 

#war # 

# Initialize the supplementary group access (for all groups in /etc/group 

# user is added in. clamd must be started by root). 

#AllowSupplementaryGroups 

# Don't fork into background. Useful in debugging. 

#Foreground 

## 

## Mail support 

## 

# Uncomment this option if you are planning to scan mail files. 

ScanMail 

## 

## Archive support 

## 

# Comment this line to disable scanning of the archives. 

ScanArchive 

# Options below protect your system against Denial of Service attacks 

# with archive bombs. 

# Files in archives larger than this limit won't be scanned. 

# Value of 0 disables the limit. 

# WARNING: Due to the unrarlib implementation, whole files (one by one) in RAR 

# archives are decompressed to the memory. That's why never disable 

# this limit (but you may increase it of course!) 

ArchiveMaxFileSize 10M 

# Archives are scanned recursively - e.g. if Zip archive contains RAR file, 

# the RAR file will be decompressed, too (but only if recursion limit is set 

# at least to 1). With this option you may set the recursion level. 

# Value of 0 disables the limit. 

ArchiveMaxRecursion 5 

# Number of files to be scanned within archive. 

# Value of 0 disables the limit. 

ArchiveMaxFiles 1000 

# Use slower decompression algorithm which uses less memory. This option 

# affects bzip2 decompressor only. 

#ArchiveLimitMemoryUsage 

## 

## Clamuko settings 

## WARNING: This is experimental software. It is very likely it will hang 

## up your system !!! 

## 

# Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running. 

ClamukoScanOnLine 

# Set access mask for Clamuko. 

ClamukoScanOnOpen 

ClamukoScanOnClose 

ClamukoScanOnExec 

# Set the include paths (all files in them will be scanned). You can have 

# multiple ClamukoIncludePath options, but each directory must be added 

# in a seperate option. All subdirectories are scanned, too. 

ClamukoIncludePath /home 

# Set the exclude paths. All subdirectories are also excluded. 

ClamukoExcludePath /home/var/spool/mail/ 

# Limit the file size to be scanned (probably you don't want to scan your movie 

# files ) 

# Value of 0 disables the limit. 1 Mb should be fine. 

ClamukoMaxFileSize 1M 

# Enable archive support. It uses the limits from clamd section. 

# (This option doesn't depend on ScanArchive, you can have archive support 

# in clamd disabled). 

ClamukoScanArchive 

Thank you  :Smile: 

Bye Jan

----------

## panserg

Why do you want to install clamuko (dazuko)?

I have several installations of Postfix + amavisd-new + Mail-Spamassassin + clamav + f-prot

All is in the portage. And all works without problems.

Postfix and amavisd are the only daemons in memory. Clamav, as well as f-prot and spamassassin are called by amavisd just as scripts to filter messages when needed. No need to keep them in memomry in a daemon mode. Of course my amavisd config has all lines calling other filer daemons commented out.

----------

## panserg

```

use strict;

$MYHOME = '/var/run/amavis';   # (default is '/var/amavis')

$mydomain = 'xxx.com';      # (no useful default)

$daemon_user = 'amavis';        # (no default;  customary: vscan or amavis)

$daemon_group = 'amavis';       # (no default;  customary: vscan or amavis)

$TEMPBASE = $MYHOME;            # (must be set if other config vars use is)

$ENV{TMPDIR} = $TEMPBASE;       # wise, but usually not necessary

$max_servers  =  2;   # number of pre-forked children          (default 2)

$max_requests = 10;   # retire a child after that many accepts (default 10)

$child_timeout=5*60;  # abort child if it does not complete each task in n sec

@local_domains_acl = ( ".$mydomain" );  # $mydomain and its subdomains

$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket

$inet_socket_port = 10024;        # accept SMTP on this local TCP port

@inet_acl = qw( 127.0.0.1 );      # allow SMTP access only from localhost IP

$DO_SYSLOG = 1;                   # (defaults to false)

$LOGFILE = "$MYHOME/amavis.log";  # (defaults to empty, no log)

$log_level = 1;           # (defaults to 0)

$log_templ = '[? %#V |[? %#F |[?%#D|Not-Delivered|Passed]|BANNED name/type (%F)]|INFECTED (%V)], #

<%o> -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c';

$final_virus_destiny      = D_DISCARD;  # (defaults to D_BOUNCE)

$final_banned_destiny     = D_BOUNCE;  # (defaults to D_BOUNCE)

$final_spam_destiny       = D_DISCARD;  # (defaults to D_REJECT)

$final_bad_header_destiny = D_BOUNCE;  # (defaults to D_PASS), D_BOUNCE suggested

$warnvirussender = 1;   # (defaults to false (undef))

$warnbannedsender = 1;  # (defaults to false (undef))

$warnvirusrecip = 1;    # (defaults to false (undef))

$warnbannedrecip = 1;   # (defaults to false (undef))

$viruses_that_fake_sender_re = new_RE(

  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,

  qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|gibe|swen'i,

  [qr'^(EICAR\.COM|Joke\.|Junk\.)'i           => 0],

  [qr'^(WM97|OF97|W95/CIH-|JS/Fortnight)'i    => 0],

);

$virus_admin = 'postmaster@xxx.com';

$mailfrom_notify_admin     = "virusalert\@$mydomain";

$mailfrom_notify_recip     = "virusalert\@$mydomain";

$mailfrom_notify_spamadmin = "spam.police\@$mydomain";

$mailfrom_to_quarantine = undef; # original sender if undef, or set explicitly

$QUARANTINEDIR = '/var/amavis/quarantine';

$virus_quarantine_method = "local:virus-%i-%n";

$virus_quarantine_to  = 'virus-quarantine';    # traditional local quarantine

$spam_quarantine_to = 'spam-quarantine';

$spam_quarantine_bysender_to = 'spam-quarantine'; 

$X_HEADER_TAG = 'X-Virus-Scanned';      # (default: undef)

$X_HEADER_LINE = "by amavisd-new at $mydomain";

$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone

$remove_existing_spam_headers  = 1;     # remove existing spam headers if

$keep_decoded_original_re = new_RE(

  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,

);

$banned_filename_re = new_RE(

  qr'^application/x-msdownload$'i,                  # banned MIME types

  qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046

);

$sql_select_white_black_list = undef;  # undef disables SQL white/blacklisting

$recipient_delimiter = '+';             # (default is '+')

$localpart_is_case_sensitive = 0;       # (default is false)

$blacklist_sender_re = new_RE(

    qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,

    qr'^(investments|lose_weight_today|market.alert|money2you|MyGreenCard)@'i,

    qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,

    qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,

    qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,

    qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,

);

map { $whitelist_sender{lc($_)}=1 } (qw(

  cert-advisory-owner@cert.org

  owner-alert@iss.net

  slashdot@slashdot.org

  bugtraq@securityfocus.com

  NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

  security-alerts@linuxsecurity.com

  amavis-user-admin@lists.sourceforge.net

  notification-return@lists.sophos.com

  mailman-announce-admin@python.org

  owner-postfix-users@postfix.org

  owner-postfix-announce@postfix.org

  owner-sendmail-announce@Lists.Sendmail.ORG

  owner-technews@postel.ACM.ORG

  lvs-users-admin@LinuxVirtualServer.org

  ietf-123-owner@loki.ietf.org

  cvs-commits-list-admin@gnome.org

  rt-users-admin@lists.fsck.com

  clp-request@comp.nus.edu.sg

  surveys-errors@lists.nua.ie

  emailNews@genomeweb.com

  owner-textbreakingnews@CNNIMAIL12.CNN.COM

  spamassassin-talk-admin@lists.sourceforge.net

  yahoo-dev-null@yahoo-inc.com

  returns.groups.yahoo.com

));

$MAXLEVELS = 14;                # (default is undef, no limit)

$MAXFILES = 1500;               # (default is undef, no limit)

$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)

$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)

$MIN_EXPANSION_FACTOR =   5;  # times original mail size  (must be specified)

$MAX_EXPANSION_FACTOR = 500;  # times original mail size  (must be specified)

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';

$file   = 'file';   # file(1) utility; use 3.41 or later to avoid vulnerability

$gzip   = 'gzip';

$bzip2  = 'bzip2';

$lzop   = 'lzop';

$uncompress = ['uncompress', 'gzip -d', 'zcat'];

$unfreeze   = ['unfreeze', 'freeze -d', 'melt', 'fcat'];

$arc        = ['nomarch', 'arc'];

$unarj      = ['arj', 'unarj'];  # both can extract, same options

$unrar      = ['rar', 'unrar'];  # both can extract, same options

$zoo    = 'zoo';

$lha    = 'lha';

$cpio   = 'cpio';   # comment out if cpio does not support GNU options

$sa_local_tests_only = 0;   # (default: false)

$sa_auto_whitelist = 1;    # turn on AWL (default: false)

$sa_mail_body_size_limit = 150*1024; # don't waste time on SA if mail is larger

$sa_tag_level_deflt  = 3.0; # add spam info headers if at, or above that level

$sa_tag2_level_deflt = 6.3; # add 'spam detected' headers at that level

$sa_kill_level_deflt = 10.0;

$sa_spam_subject_tag = '***SPAM*** ';   # (defaults to undef, disables)

$sa_spam_modifies_subj = 1; # may be a ref to a lookup table, default is true

@av_scanners = (

  ['Clam Antivirus - clamscan', 'clamscan',

    '--stdout --disable-summary -r {}', [0], [1],

    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

);

@av_scanners_backup = (

  ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],

    '-dumb -archive -packed {}', [0,8], [3,6],

    qr/Infection: (.+)/ ],

);

1;  # insure a defined return
```

----------

## der-pima

hi.

i've made some changes.

im a bit confus because amavisd-new found the spamassassin even when its not loaded (spamd).

I start the clamd as user amavis and it is in the same folder than amavis.

here my new config:

use strict;

$MYHOME = '/var/run/amavis';

$mydomain = 'xxx.com';

$daemon_user = 'amavis';

$daemon_group = 'amavis';

$daemon_chroot_dir = $MYHOME; 

$QUARANTINEDIR = "$MYHOME/quarantine";

$TEMPBASE = "$MYHOME/tmp";

$ENV{TMPDIR} = $TEMPBASE;

$helpers_home = $MYHOME;

$max_servers  =  2;    

$max_requests = 10;   

$child_timeout=5*60;

$forward_method = 'smtp:127.0.0.1:10025'; 

$notify_method = $forward_method; 

$inet_socket_port = 10024;

$inet_socket_bind = '127.0.0.1';

@inet_acl = qw( 127.0.0.1 ); 

$final_virus_destiny      = D_DISCARD;  # (defaults to D_BOUNCE)

$final_banned_destiny     = D_DISCARD;  # (defaults to D_BOUNCE)

$final_spam_destiny       = D_DISCARD;  # (defaults to D_REJECT)

$final_bad_header_destiny = D_PASS;  # (defaults to D_PASS), D_BOUNCE suggested

$warnvirussender = 1;   # (defaults to false (undef)) 

$warnbannedsender = 1;  # (defaults to false (undef)) 

$warnvirusrecip = 1;    # (defaults to false (undef)) 

$warnbannedrecip = 1;   # (defaults to false (undef))

$viruses_that_fake_sender_re = new_RE( 

  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i, 

  qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|gibe|swen'i, 

  [qr'^(EICAR\.COM|Joke\.|Junk\.)'i           => 0], 

  [qr'^(WM97|OF97|W95/CIH-|JS/Fortnight)'i    => 0], 

); 

@av_scanners = (

['Clam Antivirus-clamd',

    \&ask_daemon, ["CONTSCAN {}\n", '/var/run/amavis/clamd'],

    qr/\bOK$/, qr/\bFOUND$/,

    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

);

@av_scanners_backup = (

  ### http://clamav.elektrapro.com/

  ['Clam Antivirus - clamscan', 'clamscan',

    '--stdout --disable-summary -r {}', [0], [1],

    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

);

$virus_admin = 'virus@xxx.com';

$X_HEADER_TAG = 'Virus- and Spamscanned';

$mailfrom_notify_admin     = "virusalert\@$mydomain"; 

$mailfrom_notify_recip     = "virusalert\@$mydomain"; 

$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; 

$mailfrom_to_quarantine = undef; # original sender if undef, or set explicitly 

$QUARANTINEDIR = '/var/amavis/quarantine'; 

$virus_quarantine_method = "local:virus-%i-%n"; 

$virus_quarantine_to  = 'virus-quarantine';    # traditional local quarantine 

$spam_quarantine_to = 'spam-quarantine'; 

$spam_quarantine_bysender_to = 'spam-quarantine';

$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone 

$remove_existing_spam_headers  = 1;     # remove existing spam headers if 

$keep_decoded_original_re = new_RE( 

  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, 

); 

@bypass_virus_checks_acl = qw( . );

@local_domains_acl = ( ".$mydomain" );

$DO_SYSLOG = 1; # (1 = syslog, 0 = logfile)

$LOGFILE = "$MYHOME/amavis.log";

$log_level = 5; # (0-5)

$hdrfrom_notify_sender = 'SpamAssassin <info@xxx.com>';

#$notify_spam_sender_templ = read_text("$MYHOME/notify_spam_sender.txt");

$final_spam_destiny = D_PASS; # Set to D_BOUNCE to block/notify, D_PASS to pass through

read_hash(\%whitelist_sender, '/var/run/amavis/whitelist');

read_hash(\%blacklist_sender, '/var/run/amavis/blacklist');

read_hash(\%spam_lovers, '/var/run/amavis/spam_lovers');

#defending against mail bombs

$MAXLEVELS = 14; # Maximum recursion level for extraction/decoding

$MAXFILES = 1500; # Maximum number of extracted files

$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)

$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)

$MIN_EXPANSION_FACTOR = 5; # times original mail size (must be specified)

$MAX_EXPANSION_FACTOR = 500; # times original mail size (must be specified)

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';

$banned_filename_re = new_RE(

qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js|

         jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb|

         vbe|vbs|wsc|wsf|wsh)$'ix,

);

$file = 'file';

$arc = ['nomarch', 'arc'];

$gzip = 'gzip';

$bzip2 = 'bzip2';

$uncompress = ['uncompress', 'gzip -d', 'zcat'];

$lha = 'lha';

$unarj = 'unarj';

$unrar = 'unrar';

$zoo = 'zoo';

# SpamAssassin settings

$sa_local_tests_only = 1; 

$sa_auto_whitelist = 1; # comment this line out to turn off auto whitelist

$sa_mail_body_size_limit = 64*1024; # 64KB

$sa_tag_level_deflt = 3.0; # controls adding the X-Spam-Status and X-Spam-Level headers,

$sa_tag2_level_deflt = 6.3; # controls adding 'X-Spam-Flag: YES', and editing Subject,

$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions:

$sa_spam_subject_tag = '***SPAM*** ';

$sa_debug = 1; # comment this line out to turn off debugging

@lookup_sql_dsn = ( ['DBI:mysql:webspace:localhost', 'root', 'xxx'] );

$sql_select_policy =

    'SELECT CONCAT_WS(\'@\',users.username,users.domainname) AS email,policy.*'.

    ' FROM users, policy'.

    ' WHERE (users.policy_id=policy.id)'.

    ' AND (CONCAT_WS(\'@\',users.username,users.domainname)'.

    ' IN (%k)) ORDER BY users.priority DESC';

$sql_select_white_black_list = 1;

1;  # insure a defined return 

but i got the same error...

Jan 25 22:09:22 web amavisd[12787]: starting.  amavisd at web amavisd-new-20030616-p7, Unicode aware

Jan 25 22:09:22 web amavisd[12787]: Perl version               5.008

Jan 25 22:09:22 web amavisd[12787]: Module Amavis::Conf        1.15

Jan 25 22:09:22 web amavisd[12787]: Module Archive::Tar        1.03

Jan 25 22:09:22 web amavisd[12787]: Module Archive::Zip        1.06

Jan 25 22:09:22 web amavisd[12787]: Module Compress::Zlib      1.22

Jan 25 22:09:22 web amavisd[12787]: Module Convert::TNEF       0.17

Jan 25 22:09:22 web amavisd[12787]: Module Convert::UUlib      0.31

Jan 25 22:09:22 web amavisd[12787]: Module MIME::Entity        5.404

Jan 25 22:09:22 web amavisd[12787]: Module MIME::Parser        5.406

Jan 25 22:09:22 web amavisd[12787]: Module MIME::Tools         5.411

Jan 25 22:09:22 web amavisd[12787]: Module Mail::Header        1.58

Jan 25 22:09:22 web amavisd[12787]: Module Mail::Internet      1.58

Jan 25 22:09:22 web amavisd[12787]: Module Mail::SpamAssassin  2.60

Jan 25 22:09:22 web amavisd[12787]: Module Net::Cmd            2.24

Jan 25 22:09:22 web amavisd[12787]: Module Net::DNS            0.38

Jan 25 22:09:22 web amavisd[12787]: Module Net::SMTP           2.26

Jan 25 22:09:22 web amavisd[12787]: Module Net::Server         0.85

Jan 25 22:09:22 web amavisd[12787]: Module Time::HiRes         1.47

Jan 25 22:09:22 web amavisd[12787]: Module Unix::Syslog        0.100

Jan 25 22:09:22 web amavisd[12787]: Found myself: /usr/sbin/amavisd -c /etc/amavisd.conf

Jan 25 22:09:22 web amavisd[12787]: Lookup::SQL code       loaded

Jan 25 22:09:22 web amavisd[12787]: Lookup::LDAP code      NOT loaded

Jan 25 22:09:22 web amavisd[12787]: AMCL-in protocol code  NOT loaded

Jan 25 22:09:22 web amavisd[12787]: SMTP-in protocol code  loaded

Jan 25 22:09:22 web amavisd[12787]: ANTI-VIRUS code        NOT loaded

Jan 25 22:09:22 web amavisd[12787]: ANTI-SPAM  code        loaded

Pid_file "/var/run/amavis/amavisd.pid" already exists.  Overwriting!

Jan 25 22:09:22 web amavisd[12787]: Net::Server: 2004/01/25-22:09:22 Amavis (type Net::Server::PreForkSimple) starting! pid(12787)

Jan 25 22:09:22 web amavisd[12787]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1

Jan 25 22:09:22 web amavisd[12787]: Net::Server: Chrooting to /var/run/amavis

Jan 25 22:09:22 web amavisd[12787]: Net::Server: Setting gid to "408 408"

Jan 25 22:09:22 web amavisd[12787]: Net::Server: Setting uid to "1004"

Jan 25 22:09:22 web amavisd[12787]: Net::Server: Couldn't POSIX::setuid to "1004" [Illegal seek]

Jan 25 22:09:22 web amavisd[12787]: Net::Server: Setting up serialization via flock

Jan 25 22:09:22 web amavisd[12787]: No $file,         not using it

Jan 25 22:09:22 web amavisd[12787]: No $arc,          not using it

Jan 25 22:09:22 web amavisd[12787]: No $gzip,         not using it

Jan 25 22:09:22 web amavisd[12787]: No $bzip2,        not using it

Jan 25 22:09:22 web amavisd[12787]: No $lzop,         not using it

Jan 25 22:09:22 web amavisd[12787]: No $lha,          not using it

Jan 25 22:09:22 web amavisd[12787]: No $unarj,        not using it

Jan 25 22:09:22 web amavisd[12787]: No $uncompress,   not using it

Jan 25 22:09:22 web amavisd[12787]: No $unfreeze,     not using it

Jan 25 22:09:22 web amavisd[12787]: No $unrar,        not using it

Jan 25 22:09:22 web amavisd[12787]: No $zoo,          not using it

Jan 25 22:09:22 web amavisd[12787]: No $cpio,         not using it

No TEMPBASE directory: /var/run/amavis /var/run/amavis/tmp at /usr/sbin/amavisd line 4870.

maybe you can help me finding the bug or the problem for this error?  :Smile: 

-pima

----------

## UberLord

 *der-pima wrote:*   

> hi.
> 
> im a bit confus because amavisd-new found the spamassassin even when its not loaded (spamd).

 

SpamAssassin can be loaded via the commandline by amavis, so the spamd process isn't needed.

----------

## der-pima

problem solved

----------

## MasquedAvenger

Anybody know how to keep amavisd-new from loading SpamAssassin?  It's causing me a whole bunch of headaches and I'd much rather turn it off and just use it for ClamAV.

James

----------

