Untitled

use strict;
$MYHOME = '/var/amavis';   # (default is '/var/amavis'), -H
############ change the next two lines to be ones fitting for your environment
$mydomain = 'whitehathouston.com';      # (no useful default)
$myhostname = 'gentoob0x.whitehathouston.com';  # fqdn of this host, default by uname(3)
$daemon_user  = 'amavis';   # (no default;  customary: vscan or amavis), -u
$daemon_group = 'amavis';   # (no default;  customary: vscan or amavis), -g
$TEMPBASE = "$MYHOME/tmp";     # prefer to keep home dir /var/amavis clean?
$ENV{TMPDIR} = $TEMPBASE; # used for SA temporary files, by some decoders, etc.
$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1
$enable_dkim_verification = 0;  # enable DKIM signatures verification
$enable_dkim_signing = 0;    # load DKIM signing code, needs keys in dkim_key()
$forward_method = 'smtp:[127.0.0.1]:10025';  # where to forward checked mail
$notify_method = $forward_method;            # where to submit notifications
$max_servers = 15;     # num of pre-forked children (2..30 is common), -m
$max_requests = 20;   # retire a child after that many accepts (default 20)
$child_timeout=5*60;  # abort child if it does not complete its processing in
                      # approximately n seconds (default: 8*60 seconds)
$smtpd_timeout = 120; # disconnect session if client is idle for too long
                      # (default: 8*60 seconds); should be higher than a
                      # Postfix setting max_idle (default 100s)
@local_domains_maps = ( [".$mydomain"] );  # $mydomain and its subdomains
$insert_received_line = 0;        # behave like MTA: insert 'Received:' header
                                  # (does not apply to sendmail/milter)
                                  # (default is true)
$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
$inet_socket_port = 10024;        # accept SMTP on this local TCP port
                                  # (default is undef, i.e. disabled)
$inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface
                                  # (default is '127.0.0.1')
@inet_acl = qw(127.0.0.1 [::1]);  # allow SMTP access only from localhost IP
                                  # (default is qw(127.0.0.1 [::1]) )
@mynetworks = qw( 127.0.0.0/8 192.168.0.0/16 );  # default
$DO_SYSLOG = 1;                   # (defaults to 0)
$syslog_ident = 'amavis';     # Syslog ident string (defaults to 'amavis')
$syslog_facility = 'mail';    # Syslog facility as a string
$syslog_priority = 'debug';   # Syslog base (minimal) priority as a string,
$LOGFILE = "$MYHOME/amavis.log";  # (defaults to empty, no log)
$log_level = 2;            # (defaults to 0), -d
$log_recip_templ = undef;  # undef disables by-recipient level-0 log entries
$hdr_encoding = 'iso-8859-1';  # MIME charset (default: 'iso-8859-1')
$hdr_encoding_qb = 'Q';        # MIME encoding: quoted-printable (default)
$hdr_encoding_qb = 'B';        # MIME encoding: base64
$bdy_encoding = 'iso-8859-1';  # (default: 'iso-8859-1')
%final_destiny_by_ccat = (
  CC_VIRUS,      D_DISCARD,
  CC_BANNED,     D_DISCARD,
  CC_UNCHECKED,  D_PASS,
  CC_SPAM,       D_DISCARD,
  CC_BADH,       D_PASS,
  CC_OVERSIZED,  D_PASS,
  CC_CLEAN,      D_PASS,
  CC_CATCHALL,   D_PASS,
);
@viruses_that_fake_sender_maps = (new_RE(
  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
  qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i,
  qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i,
  qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i,
  qr'@mm|@MM',    # mass mailing viruses as labeled by f-prot and uvscan
  qr'Worm'i,      # worms as labeled by ClamAV, Kaspersky, etc
  [qr/^/ => 1],   # true by default  (remove or comment-out if undesired)
));
###### change $virus_admin to whateverusershouldreceivevirusnotifications\@$mydomain
$virus_admin = "meat\@$mydomain";
$spam_admin = undef;    # do not send spam admin notifications (default)
$mailfrom_notify_admin     = "amavis\@$mydomain";
$mailfrom_notify_recip     = "amavis\@$mydomain";
$mailfrom_notify_spamadmin = "spam\@$mydomain";
$mailfrom_to_quarantine = ' ';   # override sender address with null return path
$QUARANTINEDIR = "$MYHOME/quarantine";
$quarantine_subdir_levels = 1;  # add level of subdirs to disperse quarantine
$sa_quarantine_cutoff_level = 50;  # dflt: undef, which disables this feature
$X_HEADER_TAG = 'X-ClamAV-Scanned';     # (default: 'X-Virus-Scanned')
$undecipherable_subject_tag = '***ENCRYPTED*** ';  # undef disables it
$defang_virus  = 1;  # default is false: don't modify mail body
$defang_banned = 1;  # default is false: don't modify mail body
$remove_existing_x_scanned_headers= 1; # remove existing X-Virus-Scanned
$remove_existing_spam_headers  = 1;     # remove existing spam headers if
$allow_fixing_improper_header_folding = 1;  # (default is true)
@keep_decoded_original_maps = (new_RE(
  qr'^MAIL-UNDECIPHERABLE$',  # retain full mail if it contains undecipherables
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
qr'^\.(exe|lha|cab|dll)$',         # banned file(1) types
[ qr'^\.(gz|bz2)$'             => 0 ],  # allow any in gzip or bzip2
  qr'.\.(pif|scr)$'i,                     # banned extensions - rudimentary
[ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ],  # allow any within these archives
  qr'^application/x-msdownload$'i,        # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,
  qr'\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i,
  qr'\{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}\}?'i, # Class ID extension CLSID, loose
  qr'.\.(exe|vbs|pif|scr|cpl|bat|cmd|com)$'i, # banned extension - basic+cmd
  qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
        inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|
        ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
        wmf|wsc|wsf|wsh)$'ix,  # banned ext - long
);
  $banned_namepath_re = undef;  # to disable new-style
%banned_rules = (
  'MYNETS-DEFAULT' => new_RE(   # permissive set of rules for internal hosts
    [ qr'^\.(rpm|cpio|tar)$' => 0 ],  # allow any name/type in Unix archives
    qr'.\.(vbs|pif|scr)$'i,     # banned extension - rudimentary
  ),
  'DEFAULT' => $banned_filename_re,
);
$localpart_is_case_sensitive = 0;       # (default is false)
$MAXLEVELS = 20;                # (default is undef, no limit)
$MAXFILES = 1500;               # (default is undef, no limit)
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)
$MIN_EXPANSION_FACTOR =   5;  # times original mail size  (default is 5)
$MAX_EXPANSION_FACTOR = 500;  # times original mail size  (default is 500)
$virus_check_negative_ttl=  3*60; # time to remember that mail was not infected
$virus_check_positive_ttl= 30*60; # time to remember that mail was infected
$spam_check_negative_ttl = 10*60; # time to remember that mail was not spam
$spam_check_positive_ttl = 30*60; # time to remember that mail was spam
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin:/opt/bin';
$file   = 'file';   # file(1) utility; use 3.41 or later to avoid vulnerability

######## to get amavisd-new "unpacking" archives for analysis, you may have to emerge
######## one or more packages in order to get all of these present on your system. Whenever you
######## start up amavisd, it should tell you in the logs which of these are missing. Emerge accordingly

@decoders = (
  ['mail', \&do_mime_decode],
  ['asc',  \&do_ascii],
  ['uue',  \&do_ascii],
  ['hqx',  \&do_ascii],
  ['ync',  \&do_ascii],
  ['F',    \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ],
  ['Z',    \&do_uncompress, ['uncompress','gzip -d','zcat'] ],
  ['gz',   \&do_uncompress,  'gzip -d'],
  ['gz',   \&do_gunzip],
  ['bz2',  \&do_uncompress,  'bzip2 -d'],
  ['lzo',  \&do_uncompress,  'lzop -d'],
  ['rpm',  \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ],
  ['cpio', \&do_pax_cpio,   ['pax','gcpio','cpio'] ],
  ['tar',  \&do_pax_cpio,   ['pax','gcpio','cpio'] ],
  ['deb',  \&do_ar,          'ar'],
  ['zip',  \&do_unzip],
  ['7z',   \&do_7zip,       ['7zr','7za','7z'] ],
  ['rar',  \&do_unrar,      ['rar','unrar'] ],
  ['arj',  \&do_unarj,      ['arj','unarj'] ],
  ['arc',  \&do_arc,        ['nomarch','arc'] ],
  ['zoo',  \&do_zoo,        ['zoo','unzoo'] ],
  ['lha',  \&do_lha,         'lha'],
  ['cab',  \&do_cabextract,  'cabextract'],
  ['tnef', \&do_tnef_ext,    'tnef'],
  ['tnef', \&do_tnef],
  ['exe',  \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ],
);
$sa_local_tests_only = 0;   # only tests which do not require internet access?
$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger
                            # (less than 1% of spam is > 64k)
                            # default: undef, no limitations
$sa_tag_level_deflt  = 1.0; # add spam info headers if at, or above that level;
                            # undef is interpreted as lower than any spam level

########change this as needed
########since I simply let users handle their own spam, instead of quarantining the message, I can
########afford to do an aggressively low score here. Normal should be 5.0 - 6.0
$sa_tag2_level_deflt = 4.0 ;# add 'spam detected' headers at that level to
                            # passed mail, adding address extensions;
                            # at or above that level: bounce/reject/drop,
                            # quarantine

#############change this next line as needed. This is the score above which the message is quarantined in the DB, rather than
#############tagged as [SPAM] and put into the user's inbox
$sa_kill_level_deflt = 8.0;
$sa_dsn_cutoff_level = 9;   # spam level beyond which a DSN is not sent,
                            # effectively turning D_BOUNCE into D_DISCARD;
                            # undef disables this feature and is a default;
$penpals_bonus_score = 5;
 $penpals_halflife = 10*24*60*60;
 $penpals_threshold_low = 1.0; # no need for pen pals lookup on low spam score
 $penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam
$sa_spam_subject_tag = '[SPAM] ';       # (defaults to undef, disabled)
@spam_subject_tag_maps  = ('[SUSPECT SPAM] _SCORE_ ');
@spam_subject_tag2_maps = ('[SPAM] _SCORE_ (_REQD_) ');
@spam_subject_tag3_maps = ('[EXPLICIT SPAM] _SCORE_ (_REQD_) ');
$sa_spam_modifies_subj = 1; # in @spam_modifies_subj_maps, default is true
$first_infected_stops_scan = 1;  # default is false, all scanners in a section
@av_scanners = (
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/amavis/clamd.sock"],
  qr/\bOK$/, qr/\bFOUND$/,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
############ change @storage_sql_dsn next line as needed
############ you will need to create the 'amavis' database first, and create its tables, using mysqladmin and mysql (respectively)
############ the code/syntax for this database is on the 'gentoo mailfilter' page, under "Code Listing 9.2: MySQL table layout"
############ once it's made, you should fire up 'mysql', login, then
############ "grant all privileges on amavis.* to 'amavis'@'localhost' identified by 'somepassword'"
############ and then do a "flush privileges"
@storage_sql_dsn = ( ['DBI:mysql:amavis:localhost', 'amavis', 'somepassword']  );
$quarantine_subdir_levels = 1;  # add level of subdirs to disperse quarantine

############## change the next 4 lines as needed. As set now, only viruses, banned files, malformed emails,
############## and spam scoring higher than 9.0, gets sent to the database. Otherwise, I just tag it and send it to the user
$virus_quarantine_method          = 'sql:';
$spam_quarantine_method           = 'sql:';
$banned_files_quarantine_method   = 'sql:';
$bad_header_quarantine_method     = 'sql:';
1;  # insure a defined return