Cześć.
Nie znam się na serwerach pocztowych, jeden odziedziczyłem i nim zarządzam. Otóż mam następujący problem. Jedno konto wysyła i odbiera maile tylko gdy klient pocztowy znajduje się w sieci, w której jest serwer. Gdy np. pracownik próbuje wysłać maila z domu to mój serwer zwraca mu maila jako spam, i to z różnych adresów ip. Gdzie może być opcja żeby to zmienić?
postfix wysy
Więc tak - czytając Twój post aż kusi mnie żeby na niego odpowiedzieć w taki sam sposób w jakim został napisany, czyli odpowiedź brzmiałaby:
Nie obraź się i nie złość (przepraszam, że padło na Ciebie) jednak ostatnio coraz więcej jest takich postów. Nie wiem czy zapoznałeś się z działem dla początkujących - jeżeli nie chcesz być potraktowany olewczo to proszę zapoznaj się z nim raz jeszcze. Postaraj się włożyć trochę wysiłku ze swojej strony.
Wiem, że napisałeś, że nie znasz się (jednak to nie jest usprawiedliwienie) - puść w ruch wyszukiwarki. Jakieś manuale itp. Uwierz mi, że dzięki temu możesz się o wiele więcej nauczyć.
Wracając do Twojego pytania poszukaj w pliku main.cf. Jednak wcześniej przestudiuj zwrotkę jaką dostają użytkownicy - powinna Ci pomóc i naprowadzić Cię gdzie i w czym jest problem.
Kod: Zaznacz cały
Opcja ta może być (właściwie jest) w pliku konfiguracyjnym postfixaWiem, że napisałeś, że nie znasz się (jednak to nie jest usprawiedliwienie) - puść w ruch wyszukiwarki. Jakieś manuale itp. Uwierz mi, że dzięki temu możesz się o wiele więcej nauczyć.
Wracając do Twojego pytania poszukaj w pliku main.cf. Jednak wcześniej przestudiuj zwrotkę jaką dostają użytkownicy - powinna Ci pomóc i naprowadzić Cię gdzie i w czym jest problem.
Jeżeli wcześniej nikt nie próbował się łączyć z serwerem z poza sieci lokalnej to na 99% chodzi o opcje mynetworks i mydestination lub też tożsame im opcje dot. domen. Poczytaj tu: http://www.postfix.org/basic.html
Użytkownik dostaje coś takiego, ma w domu noestradę ale już kilka razy zmienił mu się ip, a błąd cały czas ten sam. Dodałem jego ip i nazwę do listy dostępnych i nadal to samo nie wiem co jeszcze można zrobić.
Kod: Zaznacz cały
A message from <wdarek@xxx> to:
-> arch_out@xxx
-> wdarek@xxx
was considered unsolicited bulk e-mail (UBE).
Our internal reference code for your message is 06194-07/MKiqBIhyL28Y
The message carried your return address, so it was either a genuine mail
from you, or a sender address was faked and your e-mail address abused
by third party, in which case we apologize for undesired notification.
We do try to minimize backscatter for more prominent cases of UBE and
for infected mail, but for less obvious cases of UBE some balance
between losing genuine mail and sending undesired backscatter is sought,
and there can be some collateral damage on both sides.
First upstream SMTP client IP address: [83.23.89.125]
ddl125.neoplus.adsl.tpnet.pl
According to a 'Received:' trace, the message originated at: [83.23.89.125],
Inbox (ddl125.neoplus.adsl.tpnet.pl [83.23.89.125])\t (using SSLv3 with
cipher RC4-MD5 (128/128 bits)
Return-Path: <wdarek@xxx.pl>
Message-ID: <20100118194950.0F9C03A9FE4@poczta.xxx.pl>
Subject: Proba z wdarek Problem fajny.
Jednak bez pełnych plików konfiguracyjnych oraz pełnych informacji od Ciebie nie będziemy w stanie się tym zająć. Dodatkowo logi. Zwrotkę już mamy, tak na pierwszy rzut oka mogę powiedzieć, że dynamiczne adresy IP są blokowane. Jednak tu był podobny problem:
http://debian.linux.pl/viewtopic.php?t=4038
Mógłbyś nam powiedzieć czy jakieś uwierzytelnienia, zabezpieczenia są uruchamiane z postfixem?
Jednak bez pełnych plików konfiguracyjnych oraz pełnych informacji od Ciebie nie będziemy w stanie się tym zająć. Dodatkowo logi. Zwrotkę już mamy, tak na pierwszy rzut oka mogę powiedzieć, że dynamiczne adresy IP są blokowane. Jednak tu był podobny problem:
http://debian.linux.pl/viewtopic.php?t=4038
Mógłbyś nam powiedzieć czy jakieś uwierzytelnienia, zabezpieczenia są uruchamiane z postfixem?
Zawartość pliku main.cf:
Postaram się jeszcze o jakieś logi z prób wysłania.
Kod: Zaznacz cały
virtual_mailbox_base = /var/mail/vmail
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql/forwardings
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql/domena
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql/skrzynki
virtual_gid_maps = static:1002
virtual_mailbox_limit = 51200000
virtual_minimum_uid = 1002
virtual_uid_maps = static:1002
#virtual_transport = virtual
recipient_bcc_maps = mysql:/usr/local/etc/postfix/mysql/bcc_in
sender_bcc_maps = mysql:/usr/local/etc/postfix/mysql/bcc_out
queue_directory = /var/spool/postfix
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
alias_maps = hash:/usr/local/etc/postfix/aliases
alias_database = hash:/usr/local/etc/postfix/aliases
body_checks = pcre:/usr/local/etc/postfix/body_checks
mail_spool_directory = /var/mail/vmail
sample_directory = /usr/local/etc/postfix
manpage_directory = /usr/local/man
mailq_path = /usr/local/bin/mailq
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
mail_owner = postfix
myhostname = poczta.serwer.pl
mydomain = serwer.pl
myorigin = $mydomain
mydestination = 127.0.0.1/8
inet_interfaces = all
debug_peer_level = 3
local_recipient_maps = $alias_maps unix :p asswd.byname
mynetworks = 127.0.0.0/8
83.18.43.150
79.188.201.170
83.238.211.169
80.53.96.106
smtpd_banner = $myhostname ESMTP nazwa-firma
smtpd_recipient_limit = 80
readme_directory = no
html_directory = no
setgid_group = maildrop
#smtpd_helo_restriction = reject_unauth_pipeling,
# reject_invalid_hostname,
# permit
smtpd_helo_required = yes
##########################
content_filter=amavis:[127.0.0.1]:10024
relay_domains = 127.0.0.0/8
#sample_directory = /usr/local/etc/postfix
#setgid_group = maildrop
#smtpd_error_sleep_time = 3
#smtpd_hard_error_limit = 5
#mtpd_soft_error_limit = 3
unknown_local_recipient_reject_code = 450
##########################
#TLS
##########################
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_auth_only = yes
smtp_tls_note_starttls_offer = yes
#smtpd_tls_key_file = /usr/local/etc/postfix/ssl/cert.pem
smtpd_tls_key_file = /usr/local/etc/postfix/ssl2/poczta.serwer.pl.key
#smtpd_tls_cert_file = /usr/local/etc/postfix/ssl/cert.pem
smtpd_tls_cert_file = /usr/local/etc/postfix/ssl2/poczta.serwer.pl.crt
#smtpd_tls_CAfile = /usr/local/etc/postfix/ssl/cert.pem
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/random
##########################
#SASL2
##########################
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtp_sasl_local_domain =
smtpd_helo_restrictions =
reject_unauth_pipelining
reject_invalid_hostname
permit
#Restrykcje - Sprawdzanie poczty na podstawie adresu nadawcy listu (RCPT TO):
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
check_recipient_access cidr:/usr/local/etc/postfix/sinokoreacidr
reject_unknown_hostname
reject_non_fqdn_hostname
reject_unknown_recipient_domain
check_sender_access hash:/usr/local/etc/postfix/nasze_domeny
# reject_non_fqdn_recipient
# reject_unknown_sender_domain
# warn_if_reject reject_unknown_recipient_domain
# reject_rbl_client list.dsbl.org
# reject_rbl_client sbl-xbl.spamhaus.org
# reject_rbl_client relay.ordb.org
# reject_rbl_client dnsbl.njabl.org
permit
# Restrykcje - Sprawdzenie IP komputera, z którego wysyłana jest wiadomość
smtpd_client_restrictions =
permit_sasl_authenticated
permit_mynetworks
# reject_unknown_client
# reject_rbl_client relays.ordb.org
# reject_rbl_client dnsbl.njabl.org
# reject_rbl_client sbl-xbl.spamhaus.org
check_client_access hash:/usr/local/etc/postfix/access
# reject_rbl_client dul.dnsbl.sorbs.net
# Restrykcje - Sprawdzanie poczty na podstawie adresu odbiorcy listu (MAIL FROM):
smtpd_sender_restrictions =
permit_sasl_authenticated
# reject_unknown_sender_domain
reject_non_fqdn_sender
# reject_unknown_adress
check_sender_access mysql:/usr/local/etc/postfix/mysql/sender_access
reject_sender_login_mismatch
reject_unauth_pipelining
permit
##########################
#dodatkowe parametry #
##########################
bounce_queue_lifetime = 3h
maximal_queue_lifetime = 4h
berkeley_db_create_buffer_size = 16777216
berkeley_db_read_buffer_size = 131072
body_checks_size_limit = 51200
bounce_size_limit = 50000
header_size_limit = 102400
mailbox_size_limit = 1000000000
message_size_limit = 40960000
delay_warning_time = 2h
transport_retry_time = 10m
minimal_backoff_time = 600sPiszę post pod postem żeby ktoś go zauważył
w poscie http://debian.linux.pl/showthread.php?t=3761 jest jakiś problem z dodaniem domeny, ja natomiast nic nie dodawałem do konfiugracji postfixa, poza kontami. Niewiem dlaczego ale problem nie dotyczy juz jednego konta a kliku. W jednej lokalizacji (na jednym ip) ludziom działa poczta i inni nie mogą wysyłać bo są UBE, szukałem w googlach i znalazłem coś o amavisie. nieżej jest mój plik amavisd.conf
Zawartość pliku main.cf:
amavisd.conf
jakieś pomysły ?
w poscie http://debian.linux.pl/showthread.php?t=3761 jest jakiś problem z dodaniem domeny, ja natomiast nic nie dodawałem do konfiugracji postfixa, poza kontami. Niewiem dlaczego ale problem nie dotyczy juz jednego konta a kliku. W jednej lokalizacji (na jednym ip) ludziom działa poczta i inni nie mogą wysyłać bo są UBE, szukałem w googlach i znalazłem coś o amavisie. nieżej jest mój plik amavisd.conf
Zawartość pliku main.cf:
Kod: Zaznacz cały
virtual_mailbox_base = /var/mail/vmail
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql/forwardings
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql/domena
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql/skrzynki
virtual_gid_maps = static:1002
virtual_mailbox_limit = 51200000
virtual_minimum_uid = 1002
virtual_uid_maps = static:1002
#virtual_transport = virtual
recipient_bcc_maps = mysql:/usr/local/etc/postfix/mysql/bcc_in
sender_bcc_maps = mysql:/usr/local/etc/postfix/mysql/bcc_out
queue_directory = /var/spool/postfix
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
alias_maps = hash:/usr/local/etc/postfix/aliases
alias_database = hash:/usr/local/etc/postfix/aliases
body_checks = pcre:/usr/local/etc/postfix/body_checks
mail_spool_directory = /var/mail/vmail
sample_directory = /usr/local/etc/postfix
manpage_directory = /usr/local/man
mailq_path = /usr/local/bin/mailq
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
mail_owner = postfix
myhostname = poczta.serwer.pl
mydomain = serwer.pl
myorigin = $mydomain
mydestination = 127.0.0.1/8
inet_interfaces = all
debug_peer_level = 3
local_recipient_maps = $alias_maps unix :p asswd.byname
mynetworks = 127.0.0.0/8
83.18.43.150
79.188.201.170
83.238.211.169
80.53.96.106
smtpd_banner = $myhostname ESMTP nazwa-firma
smtpd_recipient_limit = 80
readme_directory = no
html_directory = no
setgid_group = maildrop
#smtpd_helo_restriction = reject_unauth_pipeling,
# reject_invalid_hostname,
# permit
smtpd_helo_required = yes
##########################
content_filter=amavis:[127.0.0.1]:10024
relay_domains = 127.0.0.0/8
#sample_directory = /usr/local/etc/postfix
#setgid_group = maildrop
#smtpd_error_sleep_time = 3
#smtpd_hard_error_limit = 5
#mtpd_soft_error_limit = 3
unknown_local_recipient_reject_code = 450
##########################
#TLS
##########################
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_auth_only = yes
smtp_tls_note_starttls_offer = yes
#smtpd_tls_key_file = /usr/local/etc/postfix/ssl/cert.pem
smtpd_tls_key_file = /usr/local/etc/postfix/ssl2/poczta.serwer.pl.key
#smtpd_tls_cert_file = /usr/local/etc/postfix/ssl/cert.pem
smtpd_tls_cert_file = /usr/local/etc/postfix/ssl2/poczta.serwer.pl.crt
#smtpd_tls_CAfile = /usr/local/etc/postfix/ssl/cert.pem
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/random
##########################
#SASL2
##########################
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtp_sasl_local_domain =
smtpd_helo_restrictions =
reject_unauth_pipelining
reject_invalid_hostname
permit
#Restrykcje - Sprawdzanie poczty na podstawie adresu nadawcy listu (RCPT TO):
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
check_recipient_access cidr:/usr/local/etc/postfix/sinokoreacidr
reject_unknown_hostname
reject_non_fqdn_hostname
reject_unknown_recipient_domain
check_sender_access hash:/usr/local/etc/postfix/nasze_domeny
# reject_non_fqdn_recipient
# reject_unknown_sender_domain
# warn_if_reject reject_unknown_recipient_domain
# reject_rbl_client list.dsbl.org
# reject_rbl_client sbl-xbl.spamhaus.org
# reject_rbl_client relay.ordb.org
# reject_rbl_client dnsbl.njabl.org
permit
# Restrykcje - Sprawdzenie IP komputera, z którego wysyłana jest wiadomość
smtpd_client_restrictions =
permit_sasl_authenticated
permit_mynetworks
# reject_unknown_client
# reject_rbl_client relays.ordb.org
# reject_rbl_client dnsbl.njabl.org
# reject_rbl_client sbl-xbl.spamhaus.org
check_client_access hash:/usr/local/etc/postfix/access
# reject_rbl_client dul.dnsbl.sorbs.net
# Restrykcje - Sprawdzanie poczty na podstawie adresu odbiorcy listu (MAIL FROM):
smtpd_sender_restrictions =
permit_sasl_authenticated
# reject_unknown_sender_domain
reject_non_fqdn_sender
# reject_unknown_adress
check_sender_access mysql:/usr/local/etc/postfix/mysql/sender_access
reject_sender_login_mismatch
reject_unauth_pipelining
permit
##########################
#dodatkowe parametry #
##########################
bounce_queue_lifetime = 3h
maximal_queue_lifetime = 4h
berkeley_db_create_buffer_size = 16777216
berkeley_db_read_buffer_size = 131072
body_checks_size_limit = 51200
bounce_size_limit = 50000
header_size_limit = 102400
mailbox_size_limit = 1000000000
message_size_limit = 40960000
delay_warning_time = 2h
transport_retry_time = 10m
minimal_backoff_time = 600sKod: Zaznacz cały
serwer:~# cat amavisd.conf
use strict;
$max_servers = 10; # num of pre-forked children (2..15 is common), -m
$daemon_user = 'vscan'; # (no default; customary: vscan or amavis), -u
$daemon_group = 'vscan'; # (no default; customary: vscan or amavis), -g
$mydomain = 'amermedia.pl'; # a convenient default for other settings
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = '/var/virusmails'; # -Q
$db_home = "$MYHOME/db"; # dir for bdb nanny/cache/snmp databases, -D
$helpers_home = "$MYHOME/var"; # working directory for SpamAssassin, -S
@local_domains_maps = ( ["."] );
$log_level = 3; # verbosity 0..5, -d
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$syslog_facility = 'mail'; # Syslog facility as a string
# e.g.: mail, daemon, user, local0, ... local7
$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string,
# choose from: emerg, alert, crit, err, warning, notice, info, debug
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # listen on this local TCP port(s) (see $protocol)
$unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-milter
# option(s) -p overrides $inet_socket_port and $unix_socketname
$interface_policy{'SOCK'}='AM.PDP-SOCK'; # only relevant with $unix_socketname
$policy_bank{'AM.PDP-SOCK'} = { protocol=>'AM.PDP' };
$sa_tag_level_deflt = -100; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 4.2; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 4.53; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 512*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
$virus_admin = "virusalert\@amermedia.pl"; # notifications recip.
#$virus_admin = "virusalert@amermedia.pl"; # notifications recip.
$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
@addr_extension_virus_maps = ('virus');
@addr_extension_spam_maps = ('spam');
@addr_extension_banned_maps = ('banned');
@addr_extension_bad_header_maps = ('badh');
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$sa_spam_subject_tag = '***SPAM*** ';
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
$myhostname = 'localhost'; # must be a fully-qualified domain name!
$notify_method = 'smtp:[127.0.0.1]:10025';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_BOUNCE;
$final_bad_header_destiny = D_PASS;
$warnvirusrecip=0;
$virus_quarantine_to=undef;
@keep_decoded_original_maps = (new_RE(
qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
[ qr'^pliczek.(zip)$' => 0 ], # allow zip o nazwie "pliczek"
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
);
@score_sender_maps = ({ # a by-recipient hash lookup table,
# results from all matching recipient tables are summed
'.' => [ # the _first_ matching sender determines the score boost
new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
),
{ # a hash-type lookup table (associative array)
'nobody@cert.org' => -3.0,
'cert-advisory@us-cert.gov' => -3.0,
'owner-alert@iss.net' => -3.0,
'slashdot@slashdot.org' => -3.0,
'securityfocus.com' => -3.0,
'ntbugtraq@listserv.ntbugtraq.com' => -3.0,
'security-alerts@linuxsecurity.com' => -3.0,
'mailman-announce-admin@python.org' => -3.0,
'amavis-user-admin@lists.sourceforge.net'=> -3.0,
'amavis-user-bounces@lists.sourceforge.net' => -3.0,
'spamassassin.apache.org' => -3.0,
'notification-return@lists.sophos.com' => -3.0,
'owner-postfix-users@postfix.org' => -3.0,
'owner-postfix-announce@postfix.org' => -3.0,
'owner-sendmail-announce@lists.sendmail.org' => -3.0,
'sendmail-announce-request@lists.sendmail.org' => -3.0,
'donotreply@sendmail.org' => -3.0,
'ca+envelope@sendmail.org' => -3.0,
'noreply@freshmeat.net' => -3.0,
'owner-technews@postel.acm.org' => -3.0,
'ietf-123-owner@loki.ietf.org' => -3.0,
'cvs-commits-list-admin@gnome.org' => -3.0,
'rt-users-admin@lists.fsck.com' => -3.0,
'clp-request@comp.nus.edu.sg' => -3.0,
'surveys-errors@lists.nua.ie' => -3.0,
'emailnews@genomeweb.com' => -5.0,
'yahoo-dev-null@yahoo-inc.com' => -3.0,
'returns.groups.yahoo.com' => -3.0,
'clusternews@linuxnetworx.com' => -3.0,
lc('lvs-users-admin@LinuxVirtualServer.org') => -3.0,
lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
# soft-blacklisting (positive score) #[B]tutaj probowalem dodac konta z ktorymi jest problem ale niestety nadal nie działa jak powinno[/B]
'sender@example.net' => 3.0,
'.example.net' => 1.0,
'ludmila@domena.ru' => -3.0,
'nika@domena.ru' => -3.0,
'wkasia@domena.com.pl' => -3.0,
'pwos@domena.com.pl' => -3.0,
'wdarek@domena.com.pl' => -4.0,
'bamer@domena.com.pl' => -2.0,
'pawel@domena.com.pl' => -4.0,
'smarzena@domena.com.pl' => -5.0,
'miccntwll@aol.com' => -2.0,
'amazein@msn.com' => -2.0,
'@kaspersky.pl' => -5.0,
'mmotyl@freeandstyle.com.pl' => -5.0,
'@achilles.pl' => -4.0,
'wdarek@domena.com.pl' => -4.0,
'wdarek@domena2.pl' => -4.0,
'@domena.com.pl' => -2.0,
'@domena3.com.pl' => -4.0,
'@domena4.net.pl' => -4.0,
'@domena5.pl' => -4.0,
},
], # end of site-wide tables
});
@decoders = (
['mail', \&do_mime_decode],
['asc', \&do_ascii],
['uue', \&do_ascii],
['hqx', \&do_ascii],
['ync', \&do_ascii],
['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ],
['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ],
['gz', \&do_uncompress, 'gzip -d'],
['gz', \&do_gunzip],
['bz2', \&do_uncompress, 'bzip2 -d'],
['lzo', \&do_uncompress, 'lzop -d'],
['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ],
['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
['tar', \&do_tar],
['deb', \&do_ar, 'ar'],
# ['a', \&do_ar, 'ar'], # unpacking .a seems an overkill
['zip', \&do_unzip],
['rar', \&do_unrar, ['rar','unrar'] ],
['arj', \&do_unarj, ['arj','unarj'] ],
['arc', \&do_arc, ['nomarch','arc'] ],
['zoo', \&do_zoo, ['zoo','unzoo'] ],
['lha', \&do_lha, 'lha'],
# ['doc', \&do_ole, 'ripole'],
['cab', \&do_cabextract, 'cabextract'],
['tnef', \&do_tnef_ext, 'tnef'],
['tnef', \&do_tnef],
# ['sit', \&do_unstuff, 'unstuff'], # broken/unsafe decoder
['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ],
);
@av_scanners = (
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
['KasperskyLab AVP - aveclient',
['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
'/opt/kav/bin/aveclient','aveclient'],
'-p /var/run/aveserver -s {}/*', [0,3,6,8], qr/\b(INFECTED|SUSPICION)\b/,
qr/(?:INFECTED|SUSPICION) (.+)/,
],
### http://www.kaspersky.com/
['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
'-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ?
qr/infected: (.+)/,
sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
],
['KasperskyLab AVPDaemonClient',
[ '/opt/AVP/kavdaemon', 'kavdaemon',
'/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
'/opt/AVP/AvpTeamDream', 'AvpTeamDream',
'/opt/AVP/avpdc', 'avpdc' ],
"-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/ ],
['CentralCommand Vexira (new) vascan',
['vascan','/usr/lib/Vexira/vascan'],
"-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".
"--vdb=/usr/lib/Vexira/vexira8.vdb --log=/var/log/vascan.log {}",
[0,3], [1,2,5],
qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ / ],
['H+BEDV AntiVir or the (old) CentralCommand Vexira Antivirus',
['antivir','vexira'],
'--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
(?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
['Command AntiVirus for Linux', 'csav',
'-all -archive -packed {}', [50], [51,52,53],
qr/Infection: (.+)/ ],
['Symantec CarrierScan via Symantec CommandLineScanner',
'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
qr/^Files Infected:\s+0$/, qr/^Infected\b/,
qr/^(?:Info|Virus Name):\s+(.+)/ ],
['Symantec AntiVirus Scan Engine',
'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
[0], qr/^Infected\b/,
qr/^(?:Info|Virus Name):\s+(.+)/ ],
# NOTE: check options and patterns to see which entry better applies
['F-Secure Antivirus', 'fsav',
'--dumb --mime --archive {}', [0], [3,8],
qr/(?:infection|Infected|Suspected): (.+)/ ],
['CAI InoculateIT', 'inocucmd', # retired product
'-sec -nex {}', [0], [100],
qr/was infected by virus (.+)/ ],
['CAI eTrust Antivirus', 'etrust-wrapper',
'-arc -nex -spm h {}', [0], [101],
qr/is infected by virus: (.+)/ ],
['MkS_Vir for Linux (beta)', ['mks32','mks'],
'-s {}/*', [0], [1,2],
qr/--[ \t]*(.+)/ ],
['MkS_Vir daemon', 'mksscan',
'-s -q {}', [0], [1..7],
qr/^... (\S+)/ ],
['ESET Software NOD32 Command Line Interface v 2.51', 'nod32cli',
'--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/ ],
['Norman Virus Control v5 / Linux', 'nvcc',
'-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
qr/(?i).* virus in .* -> \'(.+)\'/ ],
['Panda Antivirus for Linux', ['pavcl'],
'-aut -aex -heu -cmp -nbr -nor -nso -eng {}',
qr/Number of files infected[ .]*: 0+(?!\d)/,
qr/Number of files infected[ .]*: 0*[1-9]/,
qr/Found virus :\s*(\S+)/ ],
['NAI McAfee AntiVirus (uvscan)', 'uvscan',
'--secure -rv --mime --summary --noboot - {}', [0], [13],
qr/(?x) Found (?:
\ the\ (.+)\ (?:virus|trojan) |
\ (?:virus|trojan)\ or\ variant\ (.+?)\s*! |
:\ (.+)\ NOT\ a\ virus)/,
],
['VirusBuster', ['vbuster', 'vbengcl'],
"{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
qr/: '(.*)' - Virus/ ],
['CyberSoft VFind', 'vfind',
'--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/,
],
['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
'-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/ ],
['Ikarus AntiVirus for Linux', 'ikarus',
'{}', [0], [40], qr/Signature (.+) found/ ],
['BitDefender', 'bdc',
'--arc --mail {}', qr/^Infected files *:0+(?!\d)/,
qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
);
@av_scanners_backup = (
);
1; # insure a defined return
serwer:~# ", [0], [1],
> qr/: '(.*)' - Virus/ ],
>
> ['CyberSoft VFind', 'vfind',
> '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/,
> ],
>
> ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
> '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/ ],
>
> ['Ikarus AntiVirus for Linux', 'ikarus',
> '{}', [0], [40], qr/Signature (.+) found/ ],
>
> ['BitDefender', 'bdc',
> '--arc --mail {}', qr/^Infected files *:0+(?!\d)/,
-bash: !\d: event not found
> qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
> qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
>
> );
>
>
> @av_scanners_backup = (
>
> );
>
>
> 1; # insure a defined return
> serwer:~#
> ", [0], [1],
-bash: , [0], [1],
qr/: '(.*)' - Virus/ ],
['CyberSoft VFind', 'vfind',
'--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/,
],
['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
'-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/ ],
['Ikarus AntiVirus for Linux', 'ikarus',
'{}', [0], [40], qr/Signature (.+) found/ ],
['BitDefender', 'bdc',
qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
);
@av_scanners_backup = (
);
1; # insure a defined return
serwer:~#