AMAVISD-NEW-2.4.5 scannt nicht nach Viren

Hallo Leute, ich bin am verzweifeln.


Mein AMAVISD-NEW scannt einfach nicht nach Viren.
Leider gibt es kein einziges Log welches einen Fehler zeigt, noch brachte

1. amavisd debug

einen Hinweis.

Er tuts einfach nur nicht. Hier meine amavisd.conf

PS: Es ist unumgänglich, da ich hier mehrere Domänen verwalten möchte, die POLICY_BANKS zu verwenden.

Wie gesagt: Der Scanner wird nicht gestartet - kein Eintrag im Header - mit und ohne Virus.



use strict;

## GENERAL

$mydomain = 'mydomain.nonlocal';
$myhostname = 'amavis.mydomain.nonlocal';
$daemon_user = 'amavis';
$daemon_group = 'amavis';
#$MYHOME = '/home/amavis';
$MYHOME = '/var/amavis';
#$TEMPBASE = "/var/tempfs";
$TEMPBASE = "/var/tmp";
$helpers_home = "$MYHOME/var";
$db_home = "$MYHOME/db";
$pid_file = "$MYHOME/var/amavisd.pid";
$lock_file = "$MYHOME/var/amavisd.lock";
$daemon_chroot_dir = undef;
$max_servers = 5;
$max_requests = 20;
$child_timeout = 8*60;
$localpart_is_case_sensitive = 0;
$enable_db = 1;
$enable_global_cache = 1;
@local_domains_maps = ([".mydomain.local", ".domain1.at", ".domain2.at", ".0"]);
dns.org", ".0" and its subdomains
@mynetworks = qw(127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10);


@mynetworks_maps = (\@mynetworks);

## LOGGING AND DEBUGGING

$log_level = 1;
$LOGFILE = "$MYHOME/amavis.log"; # Only used if Syslog not used
$DO_SYSLOG = 0;
$SYSLOG_LEVEL = 'mail.debug';

1. $log_templ = ... built-in default at the end of file amavisd
2. $log_recip_templ = ... built-in default at the end of file amavisd
3. @debug_sender_maps = (\@debug_sender_acl); @debug_sender_acl = ();
$sa_debug = 1;


#MTA INTERFACE - INPUT

$inet_socket_port = [10024, 20000, 20001, 20002, 20003]; # listen on this local TCP port(s) (see )

1. $unix_socketname = undef; # Unix socket to accept amavis helper protocol
$inet_socket_bind = '127.0.0.1';
@inet_acl = qw(127.0.0.1 ::1);

1. $protocol = ... defaults to SMTP or LMTP (autodetect) on inet socket
$smtpd_recipient_limit = 1100;

1. $smtpd_message_size_limit = undef; # site-wide limit
2. @message_size_limit_maps = (); # per-recipient limits
$smtpd_greeting_banner = '${helo-name} ${protocol} ${product} service ready';
$smtpd_quit_banner = '${helo-name} ${product} closing transmission channel';

1. $auth_required_inp = undef;
2. @auth_mech_avail=(); # empty list disables incoming AUTH; or: qw(PLAIN LOGIN)

## MTA INTERFACE - OUTPUT

## see also $notify_method, $forward_method and $*_quarantine_method
$localhost_name = 'localhost'; # my EHLO name
$local_client_bind_address = '127.0.0.1'; # undef

1. $auth_required_out = undef;
2. $amavis_auth_user = undef; # for submitting notifications and quarantine
3. $amavis_auth_pass = undef;
4. $auth_reauthenticate_forwarded = undef; # our credentials for forwarding too

## MAIL FORWARDING

$forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail
$final_virus_destiny = D_PASS; # (defaults to D_DISCARD)
$final_banned_destiny = D_PASS; # (defaults to D_BOUNCE)
$final_spam_destiny = D_PASS; # (defaults to D_BOUNCE)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested


## QUARANTINE

$QUARANTINEDIR = '/var/virusmails';
$virus_quarantine_method = 'local:virus-%i-%n';
$spam_quarantine_method = 'local:spam-%b-%i-%n';
$banned_files_quarantine_method = 'local:banned-%i-%n';
$bad_header_quarantine_method = 'local:badh-%i-%n';

#$virus_quarantine_to = 'virus-quarantine';
#$banned_quarantine_to = 'banned-quarantine';
#$bad_header_quarantine_to= 'bad-header-quarantine';
#$spam_quarantine_to = 'spam-quarantine';
#$spam_quarantine_bysender_to = undef;

$virus_quarantine_to = undef;
$banned_quarantine_to = undef;
$bad_header_quarantine_to = undef;
$spam_quarantine_to = undef;
$spam_quarantine_bysender_to = undef;



1. @virus_quarantine_to_maps = (\$virus_quarantine_to);
2. @banned_quarantine_to_maps = (\$banned_quarantine_to);
3. @bad_header_quarantine_to_maps = (\$bad_header_quarantine_to);
4. @spam_quarantine_to_maps = (\$spam_quarantine_to);
5. @spam_quarantine_bysender_to_maps = (\$spam_quarantine_bysender_to);
6. %local_delivery_aliases ... predefined, used by method 'local:'
$mailfrom_to_quarantine = undef; # undef keeps original sender

## NOTIFICATIONS

$notify_method = $forward_method; # where to submit notifications
#$virus_admin = "icm\@$mydomain";
#$spam_admin = "icm\@$mydomain";


1. @virus_admin_maps = (\%virus_admin, \$virus_admin);
2. @spam_admin_maps = (\%spam_admin, \$spam_admin);
3. $hdr_encoding = 'iso-8859-1'; # header field bodies charset
4. $bdy_encoding = 'iso-8859-1'; # notification body text charset
5. $hdr_encoding_qb = 'Q'; # quoted-printable (Q or B)
6. $notify_sender_templ = ... built-in default at the end of file amavisd
7. $notify_virus_sender_templ = ... built-in default at the end of file amavisd
8. $notify_spam_sender_templ = ... built-in default at the end of file amavisd
9. $notify_virus_admin_templ = ... built-in default at the end of file amavisd
10. $notify_spam_admin_templ = ... built-in default at the end of file amavisd
11. $notify_virus_recips_templ = ... built-in default at the end of file amavisd
12. $notify_spam_recips_templ = ... built-in default at the end of file amavisd
$mailfrom_notify_admin = undef;
$mailfrom_notify_recip = undef;
$mailfrom_notify_spamadmin = undef;
## these are after-defaults:

1. $hdrfrom_notify_sender = "\"Content-filter at $myhostname\" <postmaster\@$myhostname>";
2. $hdrfrom_notify_recip = ... derived from $mailfrom_notify_recip
3. $hdrfrom_notify_admin = ... derived from $mailfrom_notify_admin
4. $hdrfrom_notify_spamadmin = ... derived from $mailfrom_notify_spamadmin
$warnvirussender = undef;
$warnspamsender = undef;
$warnbannedsender = undef;
$warnbadhsender = undef;
$warn_offsite = undef;
$warnvirusrecip = undef;
$warnbannedrecip = undef;
$warnbadhrecip = undef;

1. @warnvirusrecip_maps = (\$warnvirusrecip);
2. @warnbannedrecip_maps = (\$warnbannedrecip);
3. @warnbadhrecip_maps = (\$warnbadhrecip);


## MODIFICATIONS TO PASSED MAIL

$insert_received_line = 1; # behave like MTA: insert 'Received:' header
$remove_existing_x_scanned_headers = 0;
$remove_existing_spam_headers = 0;
$X_HEADER_TAG = 'X-TEST-Virus-Scanned'; # after-default
$X_HEADER_LINE = "$myproduct_name at $mydomain"; # after-default

$defang_virus = undef;
$defang_banned = undef;
$defang_bad_header = undef;
$defang_undecipherable = undef;
$defang_spam = undef;

1. $defang_all = undef; # mostly for testing
$undecipherable_subject_tag = '* UNCHECKED * ';
$sa_spam_subject_tag = '* SPAM * ';
$sa_spam_modifies_subj = 1;
$sa_spam_level_char = '*';
$sa_spam_report_header = 1;

1. @spam_modifies_subj_maps= (\$sa_spam_modifies_subj);
2. @spam_subject_tag_maps = (\$sa_spam_subject_tag1); # N.B.: inconsistent name
3. @spam_subject_tag2_maps = (\$sa_spam_subject_tag); # N.B.: inconsistent name

## ADDING ADDRESS EXTENSIONS TO RECIPIENTS - 'plus addressing'


1. $recipient_delimiter = undef;
2. $replace_existing_extension = 1;
3. $addr_extension_virus = undef;
4. $addr_extension_spam = undef;
5. $addr_extension_banned = undef;
6. $addr_extension_bad_header = undef;
7. @addr_extension_virus_maps = (\$addr_extension_virus);
8. @addr_extension_spam_maps = (\$addr_extension_spam);
9. @addr_extension_banned_maps = (\$addr_extension_banned);
10. @addr_extension_bad_header_maps = (\$addr_extension_bad_header);
## MAIL DECODING


1. $bypass_decode_parts = undef;
2. $keep_decoded_original_re = undef;
3. @keep_decoded_original_maps = (\$keep_decoded_original_re);
4. $map_full_type_to_short_type_re = ... predefined regexp lookup table
5. @map_full_type_to_short_type_maps = (\$map_full_type_to_short_type_re);
6. $path = undef;
7. $file = $gzip = $bzip2 = $lzop = $rpm2cpio = undef;
8. $uncompress = $unfreeze = $arc = $unarj = $unrar = undef;
9. $zoo = $lha = $cpio = $cabextract = undef;
10. $MAXLEVELS = undef;
11. $MAXFILES = undef;
12. $MIN_EXPANSION_QUOTA = undef;
13. $MAX_EXPANSION_QUOTA = undef;
14. $MIN_EXPANSION_FACTOR = 5; # times original mail size
15. $MAX_EXPANSION_FACTOR = 500; # times original mail size


## ANTI-VIRUS AND INVALID/FORBIDDEN CONTENTS CONTROLS (Disabled)


1. @av_scanners = ();
2. @av_scanners_backup = ();
3. $first_infected_stops_scan = undef;
4. $viruses_that_fake_sender_re = undef;
5. @viruses_that_fake_sender_maps = (\$viruses_that_fake_sender_re, 1);
6. $banned_namepath_re = undef; # new-style
7. $banned_filename_re = undef; # traditional
8. @banned_filename_maps = (\$banned_filename_re); # traditional
9. $virus_check_negative_ttl= 3*60; # time to cache contents as not infected
10. $virus_check_positive_ttl= 30*60; # time to cache contents as infected
11. @bypass_virus_checks_maps = (\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
@bypass_virus_checks_maps = (1); # * uncomment to DISABLE anti-virus code **

1. @bypass_banned_checks_maps = (\%bypass_banned_checks, \@bypass_banned_checks_acl, \$bypass_banned_checks_re);
2. @bypass_header_checks_maps = (\%bypass_header_checks, \@bypass_header_checks_acl, \$bypass_header_checks_re);
3. @virus_lovers_maps = (\%virus_lovers, \@virus_lovers_acl, \$virus_lovers_re);
4. @banned_files_lovers_maps = (\%banned_files_lovers, \@banned_files_lovers_acl, \$banned_files_lovers_re);
5. @bad_header_lovers_maps = (\%bad_header_lovers, \@bad_header_lovers_acl, \$bad_header_lovers_re);


## ANTI-SPAM CONTROLS (SpamAssassin)

$sa_mail_body_size_limit = 200*1024;
$sa_local_tests_only = 0;

1. $sa_auto_whitelist = 0; # (not used any longer since SA 3.0.0)
2. $dspam = undef;
$sa_timeout = 30;
$spam_check_negative_ttl = 30*60; # time to cache contents as not spam
$spam_check_positive_ttl = 30*60; # time to cache contents as spam

1. @bypass_spam_checks_maps = (\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
2. @spam_lovers_maps = (\%spam_lovers, \@spam_lovers_acl, \$spam_lovers_re);
$sa_tag_level_deflt = 2.0;
$sa_tag2_level_deflt = 3.0;
$sa_kill_level_deflt = $sa_tag2_level_deflt;
$sa_dsn_cutoff_level = undef;

1. @spam_tag_level_maps = (\$sa_tag_level_deflt);
2. @spam_tag2_level_maps = (\$sa_tag2_level_deflt);
3. @spam_kill_level_maps = (\$sa_kill_level_deflt);
4. @spam_dsn_cutoff_level_maps = (\$sa_dsn_cutoff_level);


1. Block these Senders (Default), per-recipient done with MySql
@score_sender_maps = ({
'.' => [ # the '.' matches any recipient
new_RE (
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0]
)
]
});


1. @blacklist_sender_maps = (\%blacklist_sender, \@blacklist_sender_acl, \$blacklist_sender_re);
2. @whitelist_sender_maps = (\%whitelist_sender, \@whitelist_sender_acl, \$whitelist_sender_re);
3. $per_recip_blacklist_sender_lookup_tables = undef;
4. $per_recip_whitelist_sender_lookup_tables = undef; # deprecated



## SQL & LDAP


1. @lookup_sql_dsn = (
2. ['DBI:mysql:database=maia;host=opal.akadia.com;port=3306','amavis','some_pass']
3. );

#@lookup_sql_dsn = (

1. ['DBI:mysql:database=maia;host=opal.akadia.com;port=3306','amavis','some_pass'],
2. ['DBI:mysql:database=maia;host=rabbit.akadia.com;port=3306','amavis','some_pass']
#);


## External programs

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file = 'file';


1. optional:
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj']; # both can extract, arj is recommended
$unrar = ['rar', 'unrar']; # both can extract, same options
$zoo = 'zoo';
$lha = 'lha';
$cpio = ['gcpio','cpio'];
$ar = 'ar';
$dspam = 'dspam';


## Banned and Allowd Filename Extensions

$banned_filename_re = new_RE(
qr'.\.()$'ix
);


#------------- Domain: mydomain.local ---------------------------------------------------

$interface_policy{'20000'} = 'mydomain.local';
$policy_bank{'mydomain.local'} = {

1. Loglevel für Statistiken >=2
log_level => 2,


1. Bypass Checks
bypass_spam_checks_maps => [1], # don't spam-check this mail
bypass_banned_checks_maps => [1], # don't banned-check this mail
bypass_header_checks_maps => [1], # don't header-check this mail
bypass_virus_checks_maps => [1], # don't check email against viruses


mailfrom_notify_sender => undef,
mailfrom_notify_recip => undef,
mailfrom_notify_admin => undef,
mailfrom_notify_spamadmin => undef,
spam_tag_level_maps => [2.0],
spam_tag2_level_maps => [5.0],
spam_subject_tag_maps => ['### possible spam ###'],
spam_subject_tag2_maps => ['### spam ###'],


1. Wegschmeissen oder durchlassen?
final_bad_header_destiny => D_PASS,
final_banned_destiny => D_PASS,
final_virus_destiny => D_PASS,
final_spam_destiny => D_PASS,


1. Warn
warnvirussender => 0,
warnspamsender => 0,
warnbannedsender => 0,
warnbadhsender => 0,
warnoffsite => 0,


1. AV Scanner
first_infected_stops_scan => 1,
av_scanners => [

### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
['ClamAV-clamscan', 'clamscan',
"--stdout --no-summary -r --tempdir= {}",
[0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
],

av_scanners_backup => ,
};


#------------- Domain: necos.at ---------------------------------------------------

$interface_policy{'20001'} = 'domain1.at';
$policy_bank{'domain1.at'} = {

1. Loglevel für Statistiken >=2
log_level => 3,


1. Bypass Checks
bypass_spam_checks_maps => , # don't spam-check this mail
bypass_banned_checks_maps => , # don't banned-check this mail
bypass_header_checks_maps => , # don't header-check this mail
bypass_virus_checks_maps => , # don't check email against viruses


mailfrom_notify_sender => undef,
mailfrom_notify_recip => undef,
mailfrom_notify_admin => undef,
mailfrom_notify_spamadmin => undef,

spam_tag_level_maps => [2.0],
spam_tag2_level_maps => [5.0],
spam_subject_tag_maps => ['### possible spam ### '],
spam_subject_tag2_maps => ['### spam ### '],


1. Wegschmeissen oder durchlassen?
final_bad_header_destiny => D_PASS,
final_banned_destiny => D_PASS,
final_virus_destiny => D_PASS,
final_spam_destiny => D_PASS,


1. Warn
warnvirussender => 0,
warnspamsender => 0,
warnbannedsender => 0,
warnbadhsender => 0,

1. warnoffsite => 0,


1. AV Scanner
first_infected_stops_scan => 1,
av_scanners => ,
av_scanners_backup => ,
};


#------------- Domain: gbl.dyndns.org ---------------------------------------------------

$interface_policy{'20002'} = 'domain2.at';
$policy_bank{'domain2.at'} = {

1. Loglevel für Statistiken >=2
log_level => 9,


1. Bypass Checks
bypass_spam_checks_maps => , # don't spam-check this mail
bypass_banned_checks_maps => , # don't banned-check this mail
bypass_header_checks_maps => , # don't header-check this mail
bypass_virus_checks_maps => , # don't check email against viruses


mailfrom_notify_sender => undef,
mailfrom_notify_recip => undef,
mailfrom_notify_admin => undef,
mailfrom_notify_spamadmin => undef,

spam_tag_level_maps => [-999],
spam_tag2_level_maps => [2.0],
spam_tag3_level_maps => [5.0],
spam_subject_tag_maps => [''],
spam_subject_tag2_maps => ['### possible spam ###' ],
spam_subject_tag3_maps => ['### spam ### '],


1. Wegschmeissen oder durchlassen?
final_bad_header_destiny => D_PASS,
final_banned_destiny => D_PASS,
final_virus_destiny => D_PASS,
final_spam_destiny => D_PASS,


1. Warn
warnvirussender => 0,
warnspamsender => 0,
warnbannedsender => 0,
warnbadhsender => 0,

1. warnoffsite => 0,


1. AV Scanner
first_infected_stops_scan => 1,
av_scanners => [

['Clam Antivirus-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "127.0.0.1:3310"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/
],
],

av_scanners_backup => [
['ClamAV-clamscan', 'clamscan',
"--stdout --no-summary -r --tempdir= {}",[0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/
],
],
};


#------------- Domain: 0 ---------------------------------------------------

$interface_policy{'20003'} = '0';
$policy_bank{'0'} = {

1. Loglevel für Statistiken >=2
log_level => 2,


1. Bypass Checks
bypass_spam_checks_maps => [1], # don't spam-check this mail
bypass_banned_checks_maps => [1], # don't banned-check this mail
bypass_header_checks_maps => [1], # don't header-check this mail
bypass_virus_checks_maps => [1], # don't check email against viruses


mailfrom_notify_sender => undef,
mailfrom_notify_recip => undef,
mailfrom_notify_admin => undef,
mailfrom_notify_spamadmin => undef,

spam_tag_level_maps => [2.0],
spam_tag2_level_maps => [5.0],
spam_subject_tag_maps => ['### possible spam ###'],
spam_subject_tag2_maps => ['### spam ###'],


1. Wegschmeissen oder durchlassen?
final_bad_header_destiny => D_PASS,
final_banned_destiny => D_PASS,
final_virus_destiny => D_PASS,
final_spam_destiny => D_PASS,


1. Warn
warnvirussender => 0,
warnspamsender => 0,
warnbannedsender => 0,
warnbadhsender => 0,
warnoffsite => 0,


1. AV Scanner
first_infected_stops_scan => 1,
av_scanners => ,
av_scanners_backup => ,
};
``


mersi vielmals

Günter