Untitled

use strict;

#
# Place your configuration directives here.  They will override those in
# earlier files.
#
# See /usr/share/doc/amavisd-new/ for documentation and examples of
# the directives you can use in this file
#

$notify_method      = 'smtp:[127.0.0.1]:10025';
$forward_method     = 'smtp:[127.0.0.1]:10025';

$max_servers        = 10;
@local_domains_maps = ( [".$mydomain"] );

$QUARANTINEDIR = undef;

$final_virus_destiny            = D_DISCARD;  # (data not lost, see virus quarantine)
$final_banned_destiny           = D_DISCARD;  # D_REJECT when front-end MTA
$final_spam_destiny             = D_DISCARD;
$final_bad_header_destiny       = D_PASS;     # False-positive prone (for spam)

# $virus_quarantine_method = "smtp:10.9.8.19:25";
# $bad_header_quarantine_method = "smtp:10.9.8.19:25";
$banned_files_quarantine_method = "smtp:10.9.8.19:25";
$spam_quarantine_method = "smtp:10.9.8.19:25";

# $virus_quarantine_to = "spam\@a1.ind.br";
# $bad_header_quarantine_to = "spam\@a1.ind.br";
$banned_files_quarantine_to = "spam\@a1.ind.br";
$spam_quarantine_to = "spam\@a1.ind.br";

$defang_spam = 0;

$enable_dkim_verification = 1; #disabled to prevent warning

$sa_spam_subject_tag            = '';
$sa_tag_level_deflt             = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt            = 5; # add 'spam detected' headers at that level
$sa_kill_level_deflt            = 5; # triggers spam evasive actions
$sa_dsn_cutoff_level            = 7.50; # spam level beyond which a DSN is not sent

# @bypass_virus_checks_maps => ();
@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);

# @bypass_spam_checks_maps = ();
@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);


@av_scanners = (

### http://www.clamav.net/
 ['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
   qr/\bOK$/m, qr/\bFOUND$/m,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
# NOTE: run clamd under the same user as amavisd, or run it under its own
#   uid such as clamav, add user clamav to the amavis group, and then add
#   AllowSupplementaryGroups to clamd.conf;
# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
#   this entry; when running chrooted one may prefer socket "$MYHOME/clamd".

);

$banned_filename_re = new_RE(

  # block certain double extensions anywhere in the base name
  qr'\.[^./]*\.(exe|vbs|vbe|pif|scr|bat|cmd|com|cpl|dll|jar)\.?$'i,
  qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?$'i, # Windows Class ID CLSID, strict
  # qr'^application/x-msdownload$'i,                  # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,
  qr'.\.(exe|vbs|vbe|vb|pif|scr|msi|bat|cmd|com|cpl|hta|z|jar|wsf|js|mp4|img)$'i, # banned extension - basic
#  qr'.\.(exe|vbs|vbe|vb|pif|scr|bat|cmd|com|cpl|html?|hta|z|jar|wsf|js|mp4)$'i, # banned extension - basic
# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
#        inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|
#        ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
#        wmf|wsc|wsf|wsh)$'ix,  # banned ext - long
  qr'^\.(exe-ms)$',                       # banned file(1) types
  qr'^\.(exe|lha|cab|dll|vbs|vbe|hta|js)$',         # banned file(1) types
);
# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
# and http://www.cknow.com/vtutor/vtextensions.htm

map { $whitelist_sender{lc($_)}=1 } (qw(
    cert-advisory-owner@cert.org
    owner-alert@iss.net
    slashdot@slashdot.org
    bugtraq@securityfocus.com
    mail@tstparana.ning.com
));

#------------ Do not modify anything below this line -------------
1;  # ensure a defined return