PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : amavisd schreibt X-Original-To:-Header um



wuf
21.07.06, 14:55
Hallo,

ich setzte als MTA Postfix ein und lasse die Mails via amavisd filtern (Viren und spam) auf einer SUSE 10.0 x64 Maschine.

Füge ich nun

content_filter = smtp-amavis:[127.0.0.1]:10024

in meine
/etc/postfix/main.cf

ein so werden sie zwar gefiltert allerding wird auch der "X-Original-To:"-Header umgeschrieben. Da ich auf dem Server ein Catch-All Postfach eingerichtet habe, sie abholen lasse und dann local verteile ist das fatal.

Beispiel ohne amavisd:
Mail wird an v.name@domain.de geschickt und wird an: info@domain.de zugestellt, aber im Header steht der Eintrag X-Original-To:v.name@domain.de
Soweit so gut, lokal kann ich das dann wieder sortieren.

Wenn jetzt aber amavisd eingeschaltet wird, wird dieser X-Orginal-To-Header auf info@domain.de umgeschrieben und somit kann ich sie nicht mehr auseinanderhalten....

Hier meine /etc/amavisd.conf

use strict;
$max_servers = 2; # number of pre-forked children (2..15 is common)
$daemon_user = 'vscan';
$daemon_group = 'vscan';
$mydomain = 'domain.de'; # a convenient default for other settings
$MYHOME = '/var/spool/amavis';
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = '/var/spool/amavis/virusmails';
@local_domains_maps = ( [".$mydomain"] );
@local_domains_acl = ("."); # alles local annehmen
$log_level = 0; # verbosity 0..5
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # listen on this local TCP port(s) (see $protocol)
$unix_socketname = "$MYHOME/amavisd.sock"; # when using sendmail milter
$sa_tag_level_deflt = -999.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
$sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant
# for SA 3.0, cf option is 'use_auto_whitelist')
$virus_admin = "virusalert\@$mydomain"; # notifications recip.
$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
@addr_extension_virus_maps = ('virus');
@addr_extension_spam_maps = ('spam');
@addr_extension_banned_maps = ('banned');
@addr_extension_bad_header_maps = ('badh');
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$sa_spam_subject_tag = '***SPAM*** ';
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
$myhostname = 'host.domain.de';
$final_spam_destiny = D_PASS;
@viruses_that_fake_sender_maps = (new_RE(
[qr/^/ => 1], # true for everything else
));
@keep_decoded_original_maps = (new_RE(
qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
# block certain double extensions anywhere in the base name
qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
qr'^\.(exe-ms)$', # banned file(1) types
);
@score_sender_maps = ({ # a by-recipient hash lookup table,
# results from all matching recipient tables are summed
## site-wide opinions about senders (the '.' matches any recipient)
'.' => [ # the _first_ matching sender determines the score boost
new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryo u)@'i => 5.0],
[qr'^(greatcasino|investments|lose_weight_today|mar ket\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specia loffers)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|ye sitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
),
{ # a hash-type lookup table (associative array)
'nobody@cert.org' => -3.0,
'cert-advisory@us-cert.gov' => -3.0,
'owner-alert@iss.net' => -3.0,
'slashdot@slashdot.org' => -3.0,
'bugtraq@securityfocus.com' => -3.0,
'ntbugtraq@listserv.ntbugtraq.com' => -3.0,
'security-alerts@linuxsecurity.com' => -3.0,
'mailman-announce-admin@python.org' => -3.0,
'amavis-user-admin@lists.sourceforge.net'=> -3.0,
'notification-return@lists.sophos.com' => -3.0,
'owner-postfix-users@postfix.org' => -3.0,
'owner-postfix-announce@postfix.org' => -3.0,
'owner-sendmail-announce@lists.sendmail.org' => -3.0,
'sendmail-announce-request@lists.sendmail.org' => -3.0,
'donotreply@sendmail.org' => -3.0,
'ca+envelope@sendmail.org' => -3.0,
'noreply@freshmeat.net' => -3.0,
'owner-technews@postel.acm.org' => -3.0,
'ietf-123-owner@loki.ietf.org' => -3.0,
'cvs-commits-list-admin@gnome.org' => -3.0,
'rt-users-admin@lists.fsck.com' => -3.0,
'clp-request@comp.nus.edu.sg' => -3.0,
'surveys-errors@lists.nua.ie' => -3.0,
'emailnews@genomeweb.com' => -5.0,
'yahoo-dev-null@yahoo-inc.com' => -3.0,
'returns.groups.yahoo.com' => -3.0,
'clusternews@linuxnetworx.com' => -3.0,
lc('lvs-users-admin@LinuxVirtualServer.org') => -3.0,
lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
# soft-blacklisting (positive score)
'sender@example.net' => 3.0,
'.example.net' => 1.0,
},
], # end of site-wide tables
});
@decoders = (
['mail', \&do_mime_decode],
['asc', \&do_ascii],
['uue', \&do_ascii],
['hqx', \&do_ascii],
['ync', \&do_ascii],
['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ],
['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ],
['gz', \&do_gunzip],
['gz', \&do_uncompress, 'gzip -d'],
['bz2', \&do_uncompress, 'bzip2 -d'],
['lzo', \&do_uncompress, 'lzop -d'],
['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ],
['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
['tar', \&do_tar],
['deb', \&do_ar, 'ar'],
['zip', \&do_unzip],
['rar', \&do_unrar, ['rar','unrar'] ],
['arj', \&do_unarj, ['arj','unarj'] ],
['arc', \&do_arc, ['nomarch','arc'] ],
['zoo', \&do_zoo, 'zoo'],
['lha', \&do_lha, 'lha'],
['cab', \&do_cabextract, 'cabextract'],
['tnef', \&do_tnef_ext, 'tnef'],
['tnef', \&do_tnef],
['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ],
);
@av_scanners = (
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "127.0.0.1:3310"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# NOTE: the easiest is to run clamd under the same user as amavisd; match the
# socket name (LocalSocket) in clamav.conf to the socket name in this entry
# When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"],
### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred)
['Mail::ClamAV', \&ask_clamav, "*", [0], [1], qr/^INFECTED: (.+)/],
);
@av_scanners_backup = (
### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
['ClamAV-clamscan', 'clamscan',
"--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
1; # insure a defined return
$forward_method = 'smtp:127.0.0.1:10025';
$notify_method = $forward_method;
use DBI;
my $db = "vhcs2";
my $user="root";
my $host="localhost";
my $password="9s4nK8Zt";
my $dbh = DBI->connect("DBI:mysql:database=$db;host=$host", $user, $password, {RaiseError => 1});
my $arr = $dbh->selectcol_arrayref('SELECT domain_name, 1 FROM domain', {Columns=>[1,2]});
my $arre = $dbh->selectcol_arrayref('SELECT alias_name, 1 FROM domain_aliasses', {Columns=>[1,2]});
my $lis = ($arre,$arr);
%local_domains = (@$arr,@$arre);

Ich hab gegoogelt aber nix zum Thema gefunden, hoffe ihr könnt mir da weiterhelfen... Hat sonst noch wer das Problem?

Grüße

Wuf

wuf
23.07.06, 22:01
Hallo? Hat irgendwer den die Konstelation erfolgreich am laufen?

Grüße

Wuf