Sooo, jetzt mal ein paar Infos....
..habe nun eine Mail geschickt mit einer exe im Anhang UND einer PDF. Die /var/log/mail.info sagt das hier:
Code:
...Mar 22 09:33:40 mail amavis[9066]: (09066-01) check_for_banned - mime-type: application/pdf
Mar 22 09:33:40 mail amavis[9066]: (09066-01) check_for_banned - declared names: Mailserver-postfix-amavisd-new.pdf
Mar 22 09:33:40 mail amavis[9066]: (09066-01) lookup_RE: key="application/pdf", no match
Mar 22 09:33:40 mail amavis[9066]: (09066-01) lookup_RE: key="Mailserver-postfix-amavisd-new.pdf", no match
Mar 22 09:33:40 mail amavis[9066]: (09066-01) check_for_banned - mime-type: application/x-msdos-program
Mar 22 09:33:40 mail amavis[9066]: (09066-01) check_for_banned - declared names: SMAC12_Eval.exe
Mar 22 09:33:40 mail amavis[9066]: (09066-01) lookup_RE: key="application/x-msdos-program", no match
Mar 22 09:33:40 mail amavis[9066]: (09066-01) lookup_RE: key="SMAC12_Eval.exe" matches "(?i-xsm:.\\.(exe|vbs|pif|scr|bat|cmd|com)$)", result=1
Mar 22 09:33:40 mail amavis[9066]: (09066-01) Banned declared file name: SMAC12_Eval.exe (patt: (?i-xsm:.\\.(exe|vbs|pif|scr|bat|cmd|com)$))...
und
Code:
...Mar 22 09:33:43 mail amavis[9066]: (09066-01) header: X-Amavis-Alert: BANNED FILENAME, message contains part named: SMAC12_Eval.exe\n
Mar 22 09:33:43 mail amavis[9066]: (09066-01) lookup: (scalar) matches, result="virus-quarantine"...
und
Code:
...ar 22 09:33:43 mail amavis[9066]: (09066-01) DO_QUARANTINE done
Mar 22 09:33:43 mail amavis[9066]: (09066-01) DO_VIRUS - NOTIFICATIONS, sender: balduin223@gmx.net
Mar 22 09:33:43 mail amavis[9066]: (09066-01) lookup: (scalar) matches, result="virusalert@disynet.local"
Mar 22 09:33:43 mail amavis[9066]: (09066-01) lookup_acl: key="balduin223@gmx.net", no match
Mar 22 09:33:43 mail amavis[9066]: (09066-01) first_received_from: p5083784F.dip.t-dialin.net (EHLO [192.168.1.28]) [80.131.120.79]
Mar 22 09:33:43 mail amavis[9066]: (09066-01) first_received_from: p5083784F.dip.t-dialin.net (EHLO [192.168.1.28]) [80.131.120.79]
Mar 22 09:33:44 mail amavis[9066]: (09066-01) string_to_mime_entity Date: Wed, 22 Mar 2006 09:33:43 +0100 (CET)
Mar 22 09:33:44 mail amavis[9066]: (09066-01) string_to_mime_entity From: virusalert@disynet.de
Mar 22 09:33:44 mail amavis[9066]: (09066-01) string_to_mime_entity Subject: VERBOTENER DATEINAME (SMAC12_Eval.exe) VON <balduin223@gmx.net>
Mar 22 09:33:44 mail amavis[9066]: (09066-01) string_to_mime_entity To: <virusalert@disynet.local>
Mar 22 09:33:44 mail amavis[9066]: (09066-01) string_to_mime_entity Message-ID: <VA09066-01@deb-mailserver>
Mar 22 09:33:44 mail amavis[9066]: (09066-01) SEND via SMTP: [127.0.0.1]:10025 <virusalert@disynet.de> -> <virusalert@disynet.local>...
so, das schaut so aus, als ob amavis die Mail sofort "wegschmeißt", sobalt auch nur ein Kriterium zutrifft. Das muss doch irgendwie änderbar sein. Ich hoffe du kannst damit was anfangen.
Viele Grüße
balduin222
Lesezeichen