anomy-list

how many ways to integrate Postfix+spamassassin+sanitizer+Clamav?

From: Lonely Wolf (143531@xyz.molar.is)
Date: Mon 12 Dec 2005 - 08:47:58 GMT

  • Next message: Noel Clarkson: "HTML filtering and STYLES"

    Hi,

    i had a look in the ml about integration with clamav but i'm a bit
    confuse yet.
    Till now, my "architecture" is the following:

    Postfix -> master.cf -> filter unix - n n - 10 pipe
        flags=Rq user=filth argv=/usr/local/anomy/filter.sh -f ${sender} --
    ${recipient}

    We added a postfix transport (this should be the right word to describe
    it) which call
    anomy's filter.sh which run anomy and spamassassin:

    filter.sh -> spamassassin + sanitizer.

    I am reading clamdoc.pdf and some documentation around the web about
    this interactions,
    many friends of mine for example instead use amavis to link AV or
    spamassassin.
    But in our configuration, i suppose we don't need to add another
    transport in master.cf isn't it?
    Should i configure clamav with --enable-milter ?
    Clamav in our filtering/scanning "chain" should be the first, isn't it?
    Well i should use clamd by config. clamd.conf, but i can't "see" how to
    tell to my filter.sh
    to scan every email/attachment with clamav, something (and only) like this?

    file_list_1_scanner = 0:0:1:/usr/bin/clamdscan %FILENAME
    file_list_1_policy = unknown:mangle:drop:save
    file_list_1 = (?i)\.*

    (excuse me, 0:0:1 refers to policy ok, but accept = 0 mangle =
    1....could you give me or point me to the right correlation
    number-policy? thanks)

    in this example (taken from anomy ML) the authors use file_list_ONE_
    because in our "chain" should be the first one?
    In this moment my file_list_ONE it's a list of known extension to be
    blocked, this means that i have to replace enterely that list with the
    one above with clamdscan?

    I wanna understand better and then, when everything works fine (i hope
    :P) i'll write an italian How-To about all this (searching around the
    web with google seems that exist only "standard" configuration..).
    Speaking with my friends and other system engineers, seems that they use
    only premanufactured configurations and solutions and almost ignore the
    rest..and IMHO this is not always a good idea.

    Greetings

    -- 
    Lonely Wolf
    

    Key Fingerprint 1317 C2F4 2B93 FA8E DB91 C1CB 89A7 AFF0 EAB1 B4A3

    "Nullum Magnum Ingenium Sine Mixtura Dementiae Fuit" - Seneca

    -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.1 (MingW32)

    mQGiBEJBmBARBACohmV+OVYzzPza0nhS8FLuvWxM1FyVM0PB8fuwHB5Z14bFS856 jZnMsMN0WYkCNASbZkPo8lpPmzpqFtioIkCq5aAwrj/0Sov8EqTbR/zH9UFKyASN I8MNKZhKXgujdbkqhlRsfWLFwuaZ432vcQcnvx0qHWKmxKxtdya6AMHhgwCg3Un8 lmfTYg/NUFDMTLofI6LkxLkD/RYS+HGWADPRM2g+CUo9fIbDX5oPqLKbNgcIjSYS 32jr9NW9poaCJuq5KsLUMva++auoL7nphpXQVeevG4Z3wzrQd6zkckl0K6VNfebr v3pAQA0r6/qV5WZmQIRly4zfjjX+In8Z7UeAQN7nhG7N9t2nbulq+eOkA2xeibjW PJXhA/9z3I+jF3a9WTEa6WC1depgZnEZzsjG8EfWl89WRjFXvEo6c7a4OAevjLCb o0Bi+OB8o/kYLHNukC8cuqOHHAEepRwGbcvNQuS3NtGKdof7kvqCPRQoOZ3XJerT NrU1IuVEHcqt3lh7EoEKMaCmODdj0pxKDMnNseQxXRolN2racLRkTG9uZWx5IFdv bGYgKE51bGx1bSBNYWdudW0gSW5nZW5pdW0gU2luZSBNaXh0dXJhIERlbWVudGlh ZSBGdWl0IC0gU2VuZWNhKSA8bG9uZWx5d29sZkBvbG9ncmFmaXgub3JnPohkBBMR AgAkBQJCQZgQAhsDBQkDwmcABgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEFf8Ynnf UgekwCcAoJVCLNEw9j1tOMc9TeEjVf6CMWxbAJ9X+Ki1n2fYGh9qwgFDKvEbLqU3 gLkCDQRCQZgWEAgAwpAmC/3sDJZO1rZfx4PvArUzgnoF7U5vLZg49gg+QMlyprtT h3KsVyRWsXBqU9v4M9eRKpnlzFlnu8R7crJ6gmzwP+rrdH/bM7GsDxIPSoif83Ma Aj8uzJtiPJzWIctS63LW3ZEtobHkM90HgvixbroPop6tIUwGjsjUrnyMmQgJWWND QkO1pNA80YeXs8qOs19rcfCpYaQlyQwlvTnS93AImlFZMQHY168QJk5dg0HEPScL t8U3bXrdXtCR2vYf7kTvMzoOqQfKj6uDeArpLt/dLY19EvXyqHF7+Kyl5l5Z3um3 fx4x6c9VtHmjMdaWh6mvh6IgP2eilhzmShBiqwADBQgAomBB0xF1zmop4jBNJP7l /oWFbM7yEOfD9HDSsViJ/yRy7nfYIS5jzg07w3RY7dnxeDFiyOsL7JAq40KzVd1s 3kyHA+8Y+wcrm8HfOt+6/7nfgk99NizvFVcClrA3HHLVzjl7qhgmwAoRxRPt944E VUvPigtOjLWpEVSbzEj9cB36kkouX6vvvuJVZtrzTrCpeMyyrMAVWgKyFIzR4IRb IvLR2KqqLZP/KKZJ5osfz6rPM+YuxqYckDRvdmS4/pX+kALlJVEiBfYnrsD0IlLK nQt1ItZWNejEIHtqvrNJbVEq+yareJBVpzClaok1LiIcdg/b5BM37RajXjLfr6Sw w4hPBBgRAgAPBQJCQZgWAhsMBQkDwmcAAAoJEFf8YnnfUgekjC0AoJGn/oDxFpr7 BY6RR4Tz/q6j4jmbAJ9FN+sIdmJvRaubZxp6CX/kQ6+95A== =Wn/r -----END PGP PUBLIC KEY BLOCK-----



    hosted by molar.is