Amavis müllt den Speicher zu

use strict;

$MYHOME = '/var/lib/amavis';   
$mydomain = 'meineseite.de';      
$daemon_user  = 'amavis';	
$daemon_group = 'amavis';	
$TEMPBASE = $MYHOME;           
$pid_file  = "/var/run/amavis/amavisd.pid";  
$lock_file = "/var/run/amavis/amavisd.lock"; 
$ENV{TMPDIR} = $TEMPBASE;       
$forward_method = 'smtp:127.0.0.1:10025';  
$notify_method = $forward_method;          
$max_servers  =  2;   
$max_requests = 10;   

$child_timeout=6x30;  
@local_domains_acl = qw(.); 

$relayhost_is_client = 0;         

$insert_received_line = 1;        

$unix_socketname = undef;         
$inet_socket_port = 10024;        
                                  
$inet_socket_bind = '127.0.0.1';  
                                  
@inet_acl = qw( 127.0.0.1 );      
$LOGFILE = "/var/log/amavis/amavis.log";  
$log_level = 2;		
$log_templ = '[? %
[?%o|(?)|<%o>] -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c';
read_l10n_templates('en_US', '/etc/amavis');
$final_virus_destiny      = D_DISCARD; 
$final_banned_destiny     = D_BOUNCE;  
$final_spam_destiny       = D_DISCARD;  
$final_bad_header_destiny = D_PASS;  
$viruses_that_fake_sender_re = new_RE(
  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
  qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i,
  qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i,
  qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i,
  qr'@mm|@MM',    
  qr'Worm'i,      
  [qr'^(EICAR|Joke\.|Junk\.)'i         => 0],
  [qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i  => 0],
  [qr/.*/ => 1],  
);

$virus_admin = undef;   
$spam_admin = undef;    
$mailfrom_to_quarantine = '';   
$QUARANTINEDIR = '/var/lib/amavis/virusmails';
$virus_quarantine_method = "bsmtp:$QUARANTINEDIR/virus-%i-%n.bsmtp";
$spam_quarantine_method  = "bsmtp:$QUARANTINEDIR/spam-%b-%i-%n.bsmtp";

$virus_quarantine_to  = 'virus-quarantine';    
$spam_quarantine_to = 'spam-quarantine';
$X_HEADER_TAG = 'X-Virus-Scanned';	

$X_HEADER_LINE = "by $myversion (Debian) at $mydomain";



$undecipherable_subject_tag = '***UNCHECKED*** ';  

$remove_existing_x_scanned_headers = 0; 

					

$remove_existing_spam_headers  = 1;     
					
$keep_decoded_original_re = new_RE(

  qr'^MAIL-UNDECIPHERABLE$',  
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,

);



$banned_filename_re = new_RE(

   qr'\.[^.]*\.(exe|vbs|pif|scr|bat|cmd|com|dll)$'i, 
   qr'[{}]',     

   qr'^message/partial$'i,  

);




@lookup_sql_dsn =
  ( ['DBI:mysql:database=amavis;host=localhost;port=3306', 'amavis-user', 'amavispasswort']);





$sql_select_white_black_list = 'SELECT wb FROM wblist'.
  ' WHERE (rid=?) AND (wblist.email IN (%k))'.
    ' ORDER BY wblist.priority DESC';
    



$recipient_delimiter = '+';		


$replace_existing_extension = 1;	



$localpart_is_case_sensitive = 0;	


$blacklist_sender_re = new_RE(
    qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
    qr'^(investments|lose_weight_today|market\.alert|money2you|MyGreenCard)@'i,
    qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonl|smoking2002k)@'i,
    qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
    qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
    qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,
);




map { $whitelist_sender{lc($_)}=1 } (qw(
  nobody@cert.org
  owner-alert@iss.net
  slashdot@slashdot.org
  bugtraq@securityfocus.com
  NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
  security-alerts@linuxsecurity.com
  amavis-user-admin@lists.sourceforge.net
  razor-users-admin@lists.sourceforge.net
  notification-return@lists.sophos.com
  mailman-announce-admin@python.org
  zope-announce-admin@zope.org
  owner-postfix-users@postfix.org
  owner-postfix-announce@postfix.org
  owner-sendmail-announce@lists.sendmail.org
  sendmail-announce-request@lists.sendmail.org
  ca+envelope@sendmail.org
  owner-technews@postel.ACM.ORG
  lvs-users-admin@LinuxVirtualServer.org
  ietf-123-owner@loki.ietf.org
  cvs-commits-list-admin@gnome.org
  rt-users-admin@lists.fsck.com
  owner-announce@mnogosearch.org
  owner-hackers@ntp.org
  owner-bugs@ntp.org
  clp-request@comp.nus.edu.sg
  surveys-errors@lists.nua.ie
  emailNews@genomeweb.com
  owner-textbreakingnews@CNNIMAIL12.CNN.COM
  yahoo-dev-null@yahoo-inc.com
));




$MAXLEVELS = 14;		


$MAXFILES = 1500;		


$MIN_EXPANSION_QUOTA =      100*1024;  
$MAX_EXPANSION_QUOTA = 300*1024*1024;  
$MIN_EXPANSION_FACTOR =   5;  
$MAX_EXPANSION_FACTOR = 500;  



$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';


$file   = 'file';   

$gzip   = 'gzip';
$bzip2  = 'bzip2';
$lzop   = 'lzop';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze   = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc        = ['nomarch', 'arc'];
$unarj      = ['arj', 'unarj'];  
$unrar      = ['rar', 'unrar'];  
$zoo    = 'zoo';
$lha    = 'lha';
$cpio   = 'cpio';   

$sa_local_tests_only = 0;   




$sa_timeout = 30;           

$sa_tag_level_deflt  = -999; 
$sa_tag2_level_deflt = 6; 
$sa_kill_level_deflt = 12; 

                           
                           

$sa_dsn_cutoff_level = 10;  

$sa_spam_subject_tag = '***SPAM*** ';	


$first_infected_stops_scan = 1;  



@av_scanners = (

['Clam Antivirus-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
  qr/\bOK$/, qr/\bFOUND$/,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],



  ['KasperskyLab AVP - aveclient',
    ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
     '/opt/kav/bin/aveclient','aveclient'],
    '-p /var/run/aveserver -s {}/*', [0,3,6,8], qr/\b(INFECTED|SUSPICION)\b/,
    qr/(?:INFECTED|SUSPICION) (.+)/,
  ],

  ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
    '-* -P -B -Y -O- {}', [0,8,16,24], [2,3,4,5,6, 18,19,20,21,22],
    qr/infected: (.+)/,
    sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
    sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
  ],

  
  
  ['KasperskyLab AVPDaemonClient',
    [ '/opt/AVP/kavdaemon',       'kavdaemon',
      '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
      '/opt/AVP/AvpTeamDream',    'AvpTeamDream',
      '/opt/AVP/avpdc', 'avpdc' ],
    "-f=$TEMPBASE {}", [0,8,16,24], [2,3,4,5,6, 18,19,20,21,22],
    qr/infected: ([^\r\n]+)/ ],
    

  
  ['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
    ['antivir','vexira'],
    '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
    qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
         (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
  
  ['Command AntiVirus for Linux', 'csav',
    '-all -archive -packed {}', [50], [51,52,53],
    qr/Infection: (.+)/ ],

  
  ['Symantec CarrierScan via Symantec CommandLineScanner',
    'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
    qr/^Files Infected:\s+0$/, qr/^Infected\b/,
    qr/^(?:Info|Virus Name):\s+(.+)/ ],

  
  ['Symantec AntiVirus Scan Engine',
    'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
    [0], qr/^Infected\b/,
    qr/^(?:Info|Virus Name):\s+(.+)/ ],
  
  ['drweb - DrWeb Antivirus',
    ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'],
    '-path={} -al -go -ot -cn -upn -ok-',
    [0,32], [1,33], qr' infected (?:with|by)(?: virus)? (.*)$'],

  ['F-Secure Antivirus', 'fsav',
   '--dumb --mime --archive {}', [0], [3,8],
   qr/(?:infection|Infected|Suspected): (.+)/ ],

  ['CAI InoculateIT', 'inocucmd',
    '-sec -nex {}', [0], [100],
    qr/was infected by virus (.+)/ ],

  ['MkS_Vir for Linux (beta)', ['mks32','mks'],
    '-s {}/*', [0], [1,2],    
    qr/--[ \t]*(.+)/ ], 

  
  ['ESET Software NOD32', 'nod32',
    '-all -subdir+ {}', [0], [1,2],
    qr/^.+? - (.+?)\s*(?:backdoor|joke|trojan|virus|worm)/ ],

  
  ['ESET Software NOD32 - Client/Server Version', 'nod32cli',
    '-a -r -d recurse --heur standard {}', [0], [10,11],
    qr/^\S+\s+infected:\s+(.+)/ ],

  
  ['Norman Virus Control v5 / Linux', 'nvcc',
    '-c -l:0 -s -u {}', [0], [1],
    qr/(?i).* virus in .* -> \'(.+)\'/ ],

  
  ['Panda Antivirus for Linux', ['pavcl'],
    '-aut -aex -heu -cmp -nbr -nor -nso -eng {}',
    qr/Number of files infected[ .]*: 0(?!\d)/,
    qr/Number of files infected[ .]*: 0*[1-9]/,
    qr/Found virus :\s*(\S+)/ ],
  
  ['NAI McAfee AntiVirus (uvscan)', 'uvscan',
    '--secure -rv --mime --summary --noboot - {}', [0], [13],
    qr/(?x) Found (?:
        \ the\ (.+)\ (?:virus|trojan)  |
        \ (?:virus|trojan)\ or\ variant\ ([^ ]+)  |
        :\ (.+)\ NOT\ a\ virus)/,
  
  
  ],
  
  ['VirusBuster', ['vbuster', 'vbengcl'], 
    "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
    qr/: '(.*)' - Virus/ ],

  
  ['CyberSoft VFind', 'vfind',
    '--vexit {}/*', [0], [23], qr/
  
  ],

  
  ['Ikarus AntiVirus for Linux', 'ikarus',
    '{}', [0], [40], qr/Signature (.+) found/ ],

  
  ['BitDefender', 'bdc',
    '--all --arc --mail {}', qr/^Infected files *:0(?!\d)/,
    qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
    qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
);




@av_scanners_backup = (
 
  ['Clam Antivirus - clamscan', 'clamscan',
    "--stdout --no-summary -r --tempdir=$TEMPBASE {}", [0], [1],
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

  
  ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
    '-dumb -archive -packed {}', [0,8], [3,6],
    qr/Infection: (.+)/ ],

  
  ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'],
    '-za -a {}', [0], qr/Found virus/, qr/Found virus (.+) in/ ],

  ['KasperskyLab kavscanner', ['/opt/kav/bin/kavscanner','kavscanner'],
    '-i1 -xp {}', [0,10,15], [5,20,21,25],
    qr/(?:CURED|INFECTED|CUREFAILED|WARNING|SUSPICION) (.*)/ ,
    sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"},
    sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
  ],
);

$sa_debug = 1;            


1;

smtpd_banner = $myhostname ESMTP mailserver
myhostname = meineseite.de

mailbox_size_limit = 52428800
message_size_limit = 52428800
alias_maps = hash:/etc/aliases

mydestination = localhost, meineseite.de, mysql:/etc/postfix/mysql-mydestination.cf
mailbox_transport = cyrus

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf

smtpd_sasl_auth_enable = yes

smtpd_sender_restrictions =
	permit_mynetworks,
	reject_non_fqdn_sender,
	reject_unknown_sender_domain

smtpd_recipient_restrictions = 
	permit_mynetworks, 
	permit_sasl_authenticated, 
	reject_unauth_destination,
	reject_invalid_hostname,
	reject_non_fqdn_sender,
	reject_unknown_sender_domain,
	reject_non_fqdn_recipient,
	reject_unknown_recipient_domain,
	reject_unverified_sender,
	permit

smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = 
broken_sasl_auth_clients = yes




smtpd_use_tls = yes


smtpd_tls_cert_file = /etc/postfix/mailserver.cert
smtpd_tls_key_file = /etc/postfix/mailserver.key
smtpd_tls_CAfile = /etc/postfix/mailserver.cert

content_filter = smtp-amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings


strict_7bit_headers = yes

strict_rfc821_envelopes = yes

smtpd_helo_required = yes

smtp      inet  n       -       -       -       -       smtpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       -       300     1       qmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil

smtp-amavis unix  -       -       -       -       2       smtp 
	-o smtp_data_done_timeout=1200 
	-o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n  -       -       -       -       smtpd
	-o content_filter=
	-o local_recipient_maps=
	-o relay_recipient_maps=
	-o smtpd_restriction_classes=
	-o smtpd_client_restrictions=
	-o smtpd_helo_restrictions=
	-o smtpd_sender_restrictions=
	-o smtpd_recipient_restrictions=permit_mynetworks,reject
	-o mynetworks=127.0.0.0/8
	-o strict_rfc821_envelopes=yes
	-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks



maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
cyrus     unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/sbin/cyrdeliver -r ${sender} -m ${extension} ${user}

content_filter = smtp-amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

$sa_mail_body_size_limit = 64*1024;