--- amavisd-new-2.1.2/amavisd.conf	2004-09-06 22:30:50 +0400

+++ amavisd-new-2.1.2-my/amavisd.conf	2004-09-07 17:07:22 +0400

@@ -12,21 +12,21 @@

 # @bypass_spam_checks_maps  = (1);  # uncomment to DISABLE anti-spam code

 $max_servers = 2;            # number of pre-forked children (2..15 is common)

-$daemon_user  = 'vscan';     # (no default;  customary: vscan or amavis)

-$daemon_group = 'vscan';     # (no default;  customary: vscan or amavis)

+$daemon_user  = 'mail';     # (no default;  customary: vscan or amavis)

+$daemon_group = 'mail';     # (no default;  customary: vscan or amavis)

-$mydomain = 'example.com';   # a convenient default for other settings

+$mydomain = 'localhost';   # a convenient default for other settings

-$MYHOME   = '/var/amavis';   # a convenient default for other settings

+$MYHOME   = '/var/spool/amavis';   # a convenient default for other settings

 $TEMPBASE = "$MYHOME/tmp";   # working directory, needs to be created manually

 $ENV{TMPDIR} = $TEMPBASE;    # environment variable TMPDIR

-$QUARANTINEDIR = '/var/virusmails';

+$QUARANTINEDIR = '$MYHOME/quarantine';

 # $daemon_chroot_dir = $MYHOME;   # chroot directory or undef

-# $db_home   = "$MYHOME/db";

+$db_home   = "$MYHOME/db";

 # $helpers_home = "$MYHOME/var";  # prefer $MYHOME clean and owned by root?

-# $pid_file  = "$MYHOME/var/amavisd.pid";

+$pid_file  = "/var/run/amavis/amavisd.pid";

 # $lock_file = "$MYHOME/var/amavisd.lock";

 #NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually

@@ -58,10 +58,10 @@

 #   ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'],

 #     ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'] );

-$virus_admin               = "virusalert\@$mydomain";  # notifications recip.

+$virus_admin               = "postmaster\@$mydomain";  # notifications recip.

-$mailfrom_notify_admin     = "virusalert\@$mydomain";  # notifications sender

-$mailfrom_notify_recip     = "virusalert\@$mydomain";  # notifications sender

+$mailfrom_notify_admin     = "postmaster\@$mydomain";  # notifications sender

+$mailfrom_notify_recip     = "postmaster\@$mydomain";  # notifications sender

 $mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender

 $mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

@@ -93,6 +93,7 @@

 $MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)

 $sa_spam_subject_tag = '***SPAM*** ';

+$sa_spam_modifies_subj = 0; # in @sa_spam_modifies_subj_maps, default is true

 $defang_virus  = 1;  # MIME-wrap passed infected mail

 $defang_banned = 1;  # MIME-wrap passed mail containing banned name

@@ -101,13 +102,13 @@

 # $myhostname = 'host.example.com';  # must be a fully-qualified domain name!

-# $notify_method  = 'smtp:[127.0.0.1]:10025';

-# $forward_method = 'smtp:[127.0.0.1]:10025';  # set to undef with milter!

+$notify_method  = 'smtp:[127.0.0.1]:10025';

+$forward_method = 'smtp:[127.0.0.1]:10025';  # set to undef with milter!

-# $final_virus_destiny      = D_DISCARD;

-# $final_banned_destiny     = D_BOUNCE;

-# $final_spam_destiny       = D_BOUNCE;

-# $final_bad_header_destiny = D_PASS;

+$final_virus_destiny      = D_DISCARD;

+$final_banned_destiny     = D_BOUNCE;

+$final_spam_destiny       = D_BOUNCE;

+$final_bad_header_destiny = D_PASS;

 # SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for all)

@@ -129,12 +130,31 @@

 # $defang_bad_header, $defang_undecipherable, $defang_spam

+# $hdr_encoding = 'koi8-r';  # header field bodies charset

+# $bdy_encoding = 'koi8-r';  # notification body text charset

+# $hdr_encoding_qb = 'Q';        # quoted-printable (Q or B)

+

+# $notify_sender_templ      = read_text('/etc/amavis/notify_sender.txt');

+# $notify_virus_sender_templ= read_text('/etc/amavis/notify_virus_sender.txt');

+# $notify_virus_admin_templ = read_text('/etc/amavis/notify_virus_admin.txt');

+# $notify_virus_recips_templ= read_text('/etc/amavis/notify_virus_recips.txt');

+# $notify_spam_sender_templ = read_text('/etc/amavis/notify_spam_sender.txt');

+# $notify_spam_admin_templ  = read_text('/etc/amavis/notify_spam_admin.txt');

+# $notify_spam_recips_templ= read_text('/etc/amavis/notify_spam_recips.txt');

+

+

 # REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS

 @viruses_that_fake_sender_maps = (new_RE(

-  [qr'\bEICAR\b'i => 0],            # av test pattern name

-  [qr'^(WM97|OF97|Joke\.)'i => 0],  # adjust names to match your AV scanner

-  [qr/.*/ => 1],  # true for everything else

+  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,

+  qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i,

+  qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i,

+  qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i,

+  qr'@mm|@MM',    # mass mailing viruses as labeled by f-prot and uvscan

+  qr'Worm'i,      # worms as labeled by ClamAV, Kaspersky, etc

+  [qr'^(EICAR|Joke\.|Junk\.)'i         => 0],

+  [qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i  => 0],

+  [qr/.*/ => 1],  # true by default  (remove or comment-out if undesired)

 ));

 @keep_decoded_original_maps = (new_RE(

@@ -233,6 +253,22 @@

      'clusternews@linuxnetworx.com'           => -3.0,

      lc('lvs-users-admin@LinuxVirtualServer.org')    => -3.0,

      lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,

+     'community@altlinux.ru'                  => -3.0,

+     'community-en@altlinux.org'              => -3.0,

+     'sisyphus@altlinux.ru'                   => -3.0,

+     'security-announce@altlinux.ru'          => -3.0,

+     'castle@altlinux.ru'                     => -3.0,

+     'talk-room@altlinux.ru'                  => -3.0,

+     'fonts-devel@altlinux.ru'                => -3.0,

+     'freepublish@altlinux.ru'                => -3.0,

+     'freeschool@linux.ru.net'                => -3.0,

+     'legal@altlinux.ru'                      => -3.0,

+     'music@altlinux.ru'                      => -3.0,

+     'samba@altlinux.ru'                      => -3.0,

+     'seminar@altlinux.ru'                    => -3.0,

+     'devel@altlinux.ru'                      => -3.0,

+     'hardware@altlinux.ru'                   => -3.0,

+

      # soft-blacklisting (positive score)

      'sender@example.net'                     =>  3.0,

@@ -255,10 +291,10 @@

 # ['Sophos SAVI', \&sophos_savi ],

 # ### http://www.clamav.net/

-# ['ClamAV-clamd',

-#   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],

-#   qr/\bOK$/, qr/\bFOUND$/,

-#   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

+ ['ClamAV-clamd',

+   \&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd.socket"],

+   qr/\bOK$/, qr/\bFOUND$/,

+   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

 # # NOTE: run clamd under the same user as amavisd;  match the socket

 # # name (LocalSocket) in clamav.conf to the socket name in this entry

 # # When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"],