Hello
after being a litte overcautious for installing clamav and spamassassin and
pushing every mail through this systems, I finally did it and it worked
rather good. At least configuration was very easy [using mostly default
configurations]. What I have that far is:
av_scanner = clamd:/var/run/clamd.ctl
spamd_address = 127.0.0.1 783
warn message = X-Scan-Mime-Error: $demime_reason
demime = *
condition = ${if >{$demime_errorlevel}{0}{1}{0}}
warn message = X-Scan-Virus-Found: $malware_name
malware = *
warn message = X-Spam-Score: $spam_score ($spam_bar)
spam = nobody:true
warn message = X-Spam-Report: $spam_report
spam = nobody:true
[Current configuraiton is for scanning and tagging only. Dropping of mail
will be part of the second test phase.]
Now, at first there are two problem:
1. The Spam-Report looks quite large:
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam detection software, running on the system
"server01.sh-solutions.de", has
identified this incoming email as possible spam. The original
message
has been attached to this so you can view it (if it isn't spam) or
block
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: On Tue, 2004-02-24 at 12:14 +0000, Philip Hazel
wrote:
> On Tue, 24 Feb 2004, David Woodhouse wrote: > > > Out of interest,
do
you happen to recall if did they explicitly _want_ > > the old data
repeated, or would 'return_path_on_delivery' have sufficed > > to
satisfy them too? > > Can't remember. [...]
Content analysis details: (0.0 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
I would prefer something a litte shorter, i.e. only the points-table from
the end. everything above that pts... line is not required.
How can I change this?
2. X-Scan-Virus-Found-Headers are omitted if no virus is found. I would like
to add them with values "No virus found" or "Virus Scanner offline".
Can this even be archieved? [Same for Mime-Error-Headers]
Secondly, there are two things I'd like to change:
1. spamd is accessed through TCP/IP. I would like to change this to unix
sockets as with clamd. Is this possible?
2. I would like to do those scanning processes as part of the delivery
process, since i anyway will NOT reject mail, but drop them. For me it would
be easier to do this afterwards because I could do that depending on the
receipient [let users have filter/not filter settings] and it would not
delay message reception.
Thanks,
Steffen
