Results 1 to 8 of 8

Thread: need per-user AV SPAM PHISH configs (some need no filtering)

  1. #1
    Join Date
    Nov 2007
    Posts
    48
    Rep Power
    7

    Exclamation need per-user AV SPAM PHISH configs (some need no filtering)

    I've long grown frustrating reading a lot of hopeful sounding documentation on per-user A/V SPAM etc. configs in version 4.x (or no version mentioned at all). Checking the paths for those parts, they do not exists in 5.

    Right now we are on 5.0.0 I have 5.0.16 ready to deploy. But there is no point in doing this on our single server unless we can have the filtering run on some boxes, and be totally transparent (no scanning / filter / drop of any kind) on others.

    We need per-user configuration. I found one message that mentioned deamonizing spamassassin (running spamd) if that really could work, I'd like to know where I can find wiki or threat that is more descriptive than a single one regarding running 'man spamd'.

    Bottom on. Is there a per-user A/V SPAM configuration capability in 5.0.16 OR is there a robust non-time intensive 'add-on' we can implement without trashing our current system.

    Right now, to allow us to get all the PHISH URL's we need, SPAM is totally turned off, which is killing the company principals. We have competing needs.

    One thing we considered was a SPAM Firewall/Appliance suchas Baraccuda to allows descrete settings.

    According to all the old threads from 2005 this is feature, but for the life of me I can figure out how to implement. I have 30-40 boxes that need to live on our server, processing about 2500 messages per hour, without ANY sort of Anti-Spam Anti-Virus Anti-Phish, Anti-Malware Anti-anything, while the remaining 100 boxes absolutely need at least Anti-Spam.

    If it requires a bunch of custom config files (like spam_lovers capability that looked like it lived on 4.x) then we can do that. But so far I can't find anything really helpful besides turning UP SPAM filtering.. on everything.. I need to turn id DOWN on some and UP on others.

    HELP, please.

  2. #2
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    In V5 you will need to do it via config files, and as you have said, by creating a spam lovers list. Yes, you could put a Barracuda in front but why spend all the money when you could put in a MailScanner server or even two

  3. #3
    Join Date
    Nov 2007
    Posts
    48
    Rep Power
    7

    Default requesting a confirmation

    So, in V5 I can use the same (similar) strategy to implement a spam_lovers config? I did not have any of the paths mentioned in this post:
    Improving Anti-spam system - Zimbra :: Wiki

    User white/black list

    It very simple changing amavis config:

    put in /opt/zimbra/conf/amavis.conf*

    read_hash(\%whitelist_sender, '/etc/zimbra/whitelist');
    read_hash(\%blacklist_sender, '/etc/zimbra/blacklist');
    read_hash(\%spam_lovers, '/etc/zimbra/spamlovers');

    In /etc/zimbra/* put sender address or domain, one per line. Wildcards allowed. Example:

    hotstuff@***nzen.com
    spammersites.net

    A spamlovers list is for that accounts that always need to receive all messages, even if spam. According to rfc 2822 postmaster, abuse and other account of this kind should be spam lovers.

    I think we should prepare a script to save and restore this config changes upon zimbra updates...
    If this *should* work on V5 I'll give it a try, after we upgrade to 5.0.16 from 5.0.0 (which we have right now).

    I'm assuming it's normal that in my install I would NOT already have an /etc/zimbra directory nor that config file?

    Code:
    ls -l /opt/zimbra/conf/amavis.conf*
    ls: /opt/zimbra/conf/amavis.conf*: No such file or directory
    
     ls -l /etc/zimbra
    ls: /etc/zimbra: No such file or directory
    -- OR --

    Is this really in amavisd.conf ?? I found this block of commented code.. map names are different? Are the docs wrong in the forums/Wiki or is this wrong in my amavisd.conf file?

    # @bypass_virus_checks_maps, @bypass_spam_checks_maps,
    # @bypass_banned_checks_maps, @bypass_header_checks_maps,
    #
    # @virus_lovers_maps, @spam_lovers_maps,
    # @banned_files_lovers_maps, @bad_header_lovers_maps,
    Last edited by PhishKiller; 05-19-2009 at 07:19 AM.

  4. #4
    Join Date
    Nov 2007
    Posts
    48
    Rep Power
    7

    Default

    Will this work at all in V5.0.x? from this thread:
    Improving Anti-spam system - Zimbra :: Wiki

    User white/black list

    It very simple changing amavis config:

    put in /opt/zimbra/conf/amavis.conf*

    read_hash(\%whitelist_sender, '/etc/zimbra/whitelist');
    read_hash(\%blacklist_sender, '/etc/zimbra/blacklist');
    read_hash(\%spam_lovers, '/etc/zimbra/spamlovers');

    In /etc/zimbra/* put sender address or domain, one per line. Wildcards allowed. Example:

    hotstuff@***nzen.com
    spammersites.net

    A spamlovers list is for that accounts that always need to receive all messages, even if spam. According to rfc 2822 postmaster, abuse and other account of this kind should be spam lovers.


    I think we should prepare a script to save and restore this config changes upon zimbra updates...
    -- OR --

    Is this really in amavisd.conf ?? I found this block of commented code.. map names are different? Are the docs wrong in the forums/Wiki or is this wrong in my amavisd.conf file?

    # @bypass_virus_checks_maps, @bypass_spam_checks_maps,
    # @bypass_banned_checks_maps, @bypass_header_checks_maps,
    #
    # @virus_lovers_maps, @spam_lovers_maps,
    # @banned_files_lovers_maps, @bad_header_lovers_maps,
    Last edited by PhishKiller; 05-19-2009 at 07:20 AM.

  5. #5
    Join Date
    Nov 2007
    Posts
    48
    Rep Power
    7

    Default I found a way to make it work.

    So I upgraded, then I read a bunch of docs, tried a bunch of things and nothing seemed to work. Ran searches of these mysterious vars @bypass_spam_lovers_maps being one of them and nothing ever came up.

    Since all the documentation that I read failed to produce, I started hacking. What I found seems to work (and hopefully I am not leveraging some unintended side effect of some other function.. was to create the map, inside the configuration file itself, using some samples of other implementations within the file.

    OBJECTIVE
    - turn off spam filtering for jon_doe@ourdomain.com

    THIS IS HOW I AM DOING THIS.


    • Edit the config file that is used to generate the working config files on a restart:
      Code:
      vi /opt/zimbra/conf/amavisd.conf.in
    • Locate the comment block that lists all these vars that a seach of the forums and wiki did not return any useful results
      Code:
      # SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for all)
      
      # $warnbadhsender,
      # $warnvirusrecip, $warnbannedrecip, $warnbadhrecip, (or @warn*recip_maps)
      #
      # @bypass_virus_checks_maps, @bypass_spam_checks_maps,
      # @bypass_banned_checks_maps, @bypass_header_checks_maps,
      #
      # @virus_lovers_maps, @spam_lovers_maps,
      # @banned_files_lovers_maps, @bad_header_lovers_maps,
      #
      # @blacklist_sender_maps, @score_sender_maps,
      #
      # $clean_quarantine_method, $virus_quarantine_to, $banned_quarantine_to,
      # $bad_header_quarantine_to, $spam_quarantine_to,
      #
      # $defang_bad_header, $defang_undecipherable, $defang_spam
    • Add the following below the block. It does not matter WHERE in the file you do this.. I just put it near something relevant.

      Code:
      @bypass_spam_checks_maps = (new_RE(
         'jon_doe@*',
      ));
    • Finally (after saving the file of course) I restarted this component.
      Code:
      zmantispamctl stop;zmantispamctl start
    • Checked the files and I see the new config has been created ( /opt/zimbra/conf/amavisd.conf )
      Code:
      [zimbra@mail conf]$ ls -ltr
      total 760
      .....
      -r--r--r-- 1 zimbra zimbra  29742 May 21 10:51 amavisd.conf.in
      -r--r----- 1 zimbra zimbra  29424 May 21 10:52 amavisd.conf
    • This seems to be working for us.


    REMAINING QUESTIONS:
    • Is this supposed to work?
    • If this is wrong, where can I find a REAL example of the right way?
    • Will this work (provided I backup my config) on future versions
    • Why in the h*ll is it so difficult to find some simple docs on this?

  6. #6
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    It's must easier and straight forward to do this.

    zmprov ma john.doe@ourdomain.com amavisBypassSpamChecks TRUE
    Bugzilla - Wiki - Downloads - Before posting... Search!

  7. #7
    Join Date
    Nov 2007
    Posts
    48
    Rep Power
    7

    Default

    Quote Originally Posted by brian View Post
    It's must easier and straight forward to do this.

    zmprov ma john.doe@ourdomain.com amavisBypassSpamChecks TRUE
    Are you saying that the above WILL work or *should* work?

    The flip side of this is.. how does not get a list of those accounts that are bypassing. I'm aslo taking from this that there is an analogous command for BypassVirusChecks would that also be the case?

  8. #8
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    /opt/zimbra/conf/attrs/amavisd-new-attrs.xml contains a list of all the amavis attrs you can assign to an account that will affect spam/virus processing. This will work in 5.0.x versions of ZCS. zmprov or soap is the only way to set/view these attributes in 5.0.

    In 6.0.x you can assign these attributes on a domain level as well. The 6.0.x webclient account preferences provides a per user ability to view/set whitelist/blacklist attributes.

    amavisBypassVirusChecks is the analogous setting for virus checking.
    Bugzilla - Wiki - Downloads - Before posting... Search!

Similar Threads

  1. Replies: 21
    Last Post: 02-04-2010, 09:06 AM
  2. [SOLVED] Zimbra logwatch.
    By nishith in forum Administrators
    Replies: 5
    Last Post: 06-10-2009, 04:42 PM
  3. Post instsallation problems
    By Assaf in forum Installation
    Replies: 14
    Last Post: 01-29-2007, 10:38 AM
  4. Services stopped working
    By lilwong in forum Administrators
    Replies: 4
    Last Post: 08-15-2006, 09:19 AM
  5. Fedora Core 3, Clean Install - Not working!
    By pcjackson in forum Installation
    Replies: 17
    Last Post: 03-05-2006, 06:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •