On Thu, May 13, 2010 at 14:19, Noel Jones <njo...@megan.vbhcs.org> wrote: > On 5/13/2010 5:45 AM, Markus Schwengel wrote: >>> >>> please don't top-post. >>> >>> If you're using clamav-milter postfix will reject the mail with a >>> milter-reject: log entry and no DSN is sent. >>> >>> So, what are you really doing? >>> http://www.postfix.org/DEBUG_README.html#mail >>> >>> >>> -- Noel Jones >>> >> >> sorry about the posting style. >> >> I have the line "OnInfected Reject" in my mailter.conf >> >> postconf -n: >> alias_maps = hash:/etc/aliases >> allow_min_user = yes >> broken_sasl_auth_clients = yes >> command_directory = /usr/sbin >> config_directory = /etc/postfix >> daemon_directory = /usr/lib/postfix >> data_directory = /var/lib/postfix >> defer_transports = >> disable_dns_lookups = no >> html_directory = no >> mail_owner = postfix >> mail_spool_directory = /var/mail >> mailbox_size_limit = 102400000 >> mailq_path = /usr/bin/mailq >> manpage_directory = /usr/local/man >> masquerade_classes = envelope_sender, header_sender, header_recipient >> masquerade_domains = >> masquerade_exceptions = root >> message_size_limit = 102400000 >> milter_default_action = accept >> mydestination = $myhostname, localhost.$mydomain >> myhostname =<HOSTNAME> >> mynetworks = 192.168.0.0/16, 127.0.0.0/8 >> newaliases_path = /usr/bin/newaliases >> non_smtpd_milters = inet:192.168.10.250:7357 >> queue_directory = /var/spool/postfix >> readme_directory = /usr/share/doc/packages/postfix/README_FILES >> relayhost = 192.168.30.11 >> relocated_maps = hash:/etc/postfix/relocated >> sample_directory = /etc/postfix >> sendmail_path = /usr/sbin/sendmail >> setgid_group = postdrop >> smtpd_client_restrictions = >> smtpd_helo_required = no >> smtpd_helo_restrictions = >> smtpd_milters = inet:192.168.10.250:7357 >> smtpd_recipient_restrictions = permit_mynetworks, >> permit_sasl_authenticated, reject_unauth_destination >> smtpd_sasl_auth_enable = yes >> smtpd_sasl_authenticated_header = yes >> smtpd_sasl_path = smtpd >> smtpd_sender_restrictions = hash:/etc/postfix/access >> smtpd_tls_security_level = may >> strict_rfc821_envelopes = no >> transport_maps = hash:/etc/postfix/transport, >> ldap:/etc/postfix/transport_recipients >> unknown_local_recipient_reject_code = 550 >> >> When a virus is found postfix sends a message like the one I posted >> earlier. Is this not a DSN generated by postfix? I'm confused... > > > We need to see log entries of an entire infected message transaction. > > >
here you go: postfix/pickup[9871]: 445AE1EAEB1: uid=33 from=<SENDER> postfix/cleanup[9878]: 445AE1EAEB1: message-id=<1273824671.91686-9...@host> postfix/cleanup[9878]: 445AE1EAEB1: milter-reject: END-OF-MESSAGE from localhost[127.0.0.1]: \ 5.7.1 Virus Eicar-Test-Signature found!; from=<SENDER> to=<RECEIVER> postfix/cleanup[9878]: 445AE1EAEB1: to=<RECEIVER>, orig_to=<@HOST:RECEIVER>, relay=none, delay=0.11, \ delays=0.11/0/0/0, dsn=5.7.1, status=bounced (Virus Eicar-Test-Signature found!) postfix/cleanup[9882]: 5CFE71EAEB3: message-id=<20100514081111.5cfe71ea...@host> postfix/qmgr[9870]: 5CFE71EAEB3: from=<>, size=2559, nrcpt=1 (queue active) postfix/bounce[9880]: 445AE1EAEB1: sender non-delivery notification: 5CFE71EAEB3 postfix/smtp[9883]: 5CFE71EAEB3: to=<SENDER>, relay=192.168.30.11[192.168.30.11]:25, delay=0.07, \ delays=0.02/0.01/0/0.04, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 5F8193955D9) postfix/qmgr[9870]: 5CFE71EAEB3: removed
