Improve configuration for antispam/antivirus
This commit is contained in:
parent
0bd0991a8e
commit
b101665d78
|
@ -34,7 +34,17 @@ $sa_spam_subject_tag = '[SPAM]';
|
||||||
$log_level = 2;
|
$log_level = 2;
|
||||||
|
|
||||||
# En fonction besoin/ressources, on a juste le nbre de process
|
# En fonction besoin/ressources, on a juste le nbre de process
|
||||||
$max_servers = 10;
|
$max_servers = 2;
|
||||||
|
|
||||||
|
$enable_ldap = 1;
|
||||||
|
$default_ldap = {
|
||||||
|
hostname => '127.0.0.1', tls => 0,
|
||||||
|
base => 'dc=cpnt,dc=fr', scope => 'sub',
|
||||||
|
query_filter => '(&(mailacceptinggeneralid=%m)(isActive=TRUE))'
|
||||||
|
};
|
||||||
|
|
||||||
|
#@local_domains_acl = qw(.);
|
||||||
|
#@local_domains_acl = ( "example.com","example.net" );
|
||||||
|
|
||||||
#------------ Do not modify anything below this line -------------
|
#------------ Do not modify anything below this line -------------
|
||||||
#1; # ensure a defined return
|
#1; # ensure a defined return
|
||||||
|
|
|
@ -34,7 +34,7 @@ home_mailbox = Maildir/
|
||||||
#mailbox_command = /usr/bin/procmail
|
#mailbox_command = /usr/bin/procmail
|
||||||
|
|
||||||
# Separateur entre noms d'utilisateur et extensions d'adresse
|
# Separateur entre noms d'utilisateur et extensions d'adresse
|
||||||
# mettre + pour intégration avec amavis
|
# mettre + pour integration avec amavis
|
||||||
#par defaut, =
|
#par defaut, =
|
||||||
recipient_delimiter = +
|
recipient_delimiter = +
|
||||||
|
|
||||||
|
@ -350,7 +350,7 @@ header_checks =
|
||||||
#par defaut, = yes
|
#par defaut, = yes
|
||||||
#smtpd_delay_reject =
|
#smtpd_delay_reject =
|
||||||
|
|
||||||
# Définition des plages IP appartenant à mynetworks
|
# Definition des plages IP appartenant a mynetworks
|
||||||
#par defaut, toutes les plages d'adresses IPv4 (et IPv6) des interfaces
|
#par defaut, toutes les plages d'adresses IPv4 (et IPv6) des interfaces
|
||||||
mynetworks = 127.0.0.0/8,[::1]/128,10.0.0.0/16
|
mynetworks = 127.0.0.0/8,[::1]/128,10.0.0.0/16
|
||||||
|
|
||||||
|
|
|
@ -1,96 +1,24 @@
|
||||||
# This is the right place to customize your installation of SpamAssassin.
|
#required_score 5 -> assure par Amavis
|
||||||
#
|
|
||||||
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
|
|
||||||
# tweaked.
|
|
||||||
#
|
|
||||||
# Only a small subset of options are listed below
|
|
||||||
#
|
|
||||||
###########################################################################
|
|
||||||
|
|
||||||
# Add *****SPAM***** to the Subject header of spam e-mails
|
|
||||||
#
|
|
||||||
rewrite_header Subject *****SPAM*****
|
|
||||||
|
|
||||||
|
|
||||||
# Save spam messages as a message/rfc822 MIME attachment instead of
|
|
||||||
# modifying the original message (0: off, 2: use text/plain instead)
|
|
||||||
#
|
|
||||||
report_safe 0
|
report_safe 0
|
||||||
|
#rewrite_header Subject [SPAM] -> assure par Amavis
|
||||||
|
add_header all Report _REPORT_
|
||||||
|
|
||||||
|
# filtre bayesien
|
||||||
# Set which networks or hosts are considered 'trusted' by your mail
|
# mkdir -p /var/spool/spam/ && chown amavis /var/spool/spam/
|
||||||
# server (i.e. not spammers)
|
use_bayes 1
|
||||||
#
|
bayes_auto_learn 1
|
||||||
# trusted_networks 212.17.35.
|
bayes_path /var/spool/spam/bayes
|
||||||
|
|
||||||
|
|
||||||
# Set file-locking method (flock is not safe over NFS, but is faster)
|
|
||||||
#
|
|
||||||
# lock_method flock
|
|
||||||
|
|
||||||
|
|
||||||
# Set the threshold at which a message is considered spam (default: 5.0)
|
|
||||||
#
|
|
||||||
# required_score 5.0
|
|
||||||
|
|
||||||
|
|
||||||
# Use Bayesian classifier (default: 1)
|
|
||||||
#
|
|
||||||
# use_bayes 1
|
|
||||||
|
|
||||||
|
|
||||||
# Bayesian classifier auto-learning (default: 1)
|
|
||||||
#
|
|
||||||
# bayes_auto_learn 1
|
|
||||||
|
|
||||||
|
|
||||||
# Set headers which may provide inappropriate cues to the Bayesian
|
|
||||||
# classifier
|
|
||||||
#
|
|
||||||
# bayes_ignore_header X-Bogosity
|
|
||||||
# bayes_ignore_header X-Spam-Flag
|
|
||||||
# bayes_ignore_header X-Spam-Status
|
|
||||||
|
|
||||||
bayes_path /var/spool/spamassassin/bayes
|
|
||||||
bayes_file_mode 0777
|
bayes_file_mode 0777
|
||||||
|
|
||||||
# Some shortcircuiting, if the plugin is enabled
|
|
||||||
#
|
|
||||||
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
|
|
||||||
#
|
|
||||||
# default: strongly-whitelisted mails are *really* whitelisted now, if the
|
|
||||||
# shortcircuiting plugin is active, causing early exit to save CPU load.
|
|
||||||
# Uncomment to turn this on
|
|
||||||
#
|
|
||||||
# shortcircuit USER_IN_WHITELIST on
|
|
||||||
# shortcircuit USER_IN_DEF_WHITELIST on
|
|
||||||
# shortcircuit USER_IN_ALL_SPAM_TO on
|
|
||||||
# shortcircuit SUBJECT_IN_WHITELIST on
|
|
||||||
|
|
||||||
# the opposite; blacklisted mails can also save CPU
|
|
||||||
#
|
|
||||||
# shortcircuit USER_IN_BLACKLIST on
|
|
||||||
# shortcircuit USER_IN_BLACKLIST_TO on
|
|
||||||
# shortcircuit SUBJECT_IN_BLACKLIST on
|
|
||||||
|
|
||||||
# if you have taken the time to correctly specify your "trusted_networks",
|
|
||||||
# this is another good way to save CPU
|
|
||||||
#
|
|
||||||
# shortcircuit ALL_TRUSTED on
|
|
||||||
|
|
||||||
# and a well-trained bayes DB can save running rules, too
|
|
||||||
#
|
|
||||||
# shortcircuit BAYES_99 spam
|
|
||||||
# shortcircuit BAYES_00 ham
|
|
||||||
|
|
||||||
endif # Mail::SpamAssassin::Plugin::Shortcircuit
|
|
||||||
|
|
||||||
# AWL : AutoWhitelist
|
# AWL : AutoWhitelist
|
||||||
|
# mkdir -p /var/spool/spam/ && chown amavis /var/spool/spam/
|
||||||
|
loadplugin Mail::SpamAssassin::Plugin::AWL
|
||||||
use_auto_whitelist 1
|
use_auto_whitelist 1
|
||||||
auto_whitelist_path /var/spool/spamassassin/auto_whitelist
|
auto_whitelist_path /var/spool/spam/auto_whitelist
|
||||||
auto_whitelist_file_mode 0666
|
auto_whitelist_file_mode 0666
|
||||||
|
|
||||||
# LANG TESTS
|
# LANG TESTS
|
||||||
|
loadplugin Mail::SpamAssassin::Plugin::TextCat
|
||||||
ok_languages en fr es it
|
ok_languages en fr es it
|
||||||
ok_locales en fr es it
|
ok_locales en fr es it
|
||||||
|
|
||||||
|
@ -166,8 +94,25 @@ score ADDRESS_IN_SUBJECT 0.1
|
||||||
|
|
||||||
score HELO_LH_HOME 1.0
|
score HELO_LH_HOME 1.0
|
||||||
|
|
||||||
internal_networks 192.168.XXX/24
|
#internal_networks 192.168.XXX/24
|
||||||
|
trusted_networks 31.170.8.33 31.170.8.15 62.212.111.216 88.179.18.233 85.118.59.50
|
||||||
#score ALL_TRUSTED 0.3
|
#score ALL_TRUSTED 0.3
|
||||||
score HELO_DYNAMIC_IPADDR 0.3
|
score HELO_DYNAMIC_IPADDR 0.3
|
||||||
|
|
||||||
score FORGED_MUA_OUTLOOK 0.5
|
score FORGED_MUA_OUTLOOK 0.5
|
||||||
|
|
||||||
|
# Eudora sucks
|
||||||
|
score EXTRA_MPART_TYPE 0.1
|
||||||
|
score MIME_BOUND_EQ_REL 0.1
|
||||||
|
score MIME_QP_LONG_LINE 0.1
|
||||||
|
|
||||||
|
# SMTP senders *have* dynamic IP addresses
|
||||||
|
# A.B.C.D.dnsbl.sorbs.net -> 127.0.0.10
|
||||||
|
score RCVD_IN_DYNABLOCK 0
|
||||||
|
score HELO_DYNAMIC_IPADDR 0.3
|
||||||
|
score RCVD_IN_SORBS 0.1
|
||||||
|
score RCVD_IN_PBL 0.1
|
||||||
|
score RCVD_IN_SORBS_DUL 0
|
||||||
|
|
||||||
|
# old bug...
|
||||||
|
score FH_DATE_PAST_20XX 0.0
|
||||||
|
|
Loading…
Reference in a new issue