Re: before-queue Milter support

[Paul van der Vlis]

Hello Matus and others,

Op 16-11-2022 om 17:40 schreef Matus UHLAR - fantomas:
from clamav-milter.conf man page:

        OnInfected STRING
               Action to be performed on infected messages
               Default: Quarantine

set it to reject:

OnInfected Reject

Ah, that was the point, now it works. Thanks for your help!

With regards,
Paul van der Vlis

root@hosting:~# echo "Test virus body" | mutt -a eicar.com.txt -s "This 
is virus8" -- p...@vandervlis.nl
root@hosting:~# less /var/log/mail.log
root@hosting:~# grep 74D3C2304A /var/log/mail.log
Nov 16 18:29:58 hosting postfix/pickup[2114568]: 74D3C2304A: uid=0 
from=<root>
Nov 16 18:29:58 hosting postfix/cleanup[2117871]: 74D3C2304A: 
message-id=<y3uefl035dkou...@hosting.vandervlis.nl>
Nov 16 18:29:58 hosting postfix/qmgr[897]: 74D3C2304A: 
from=<r...@hosting.vandervlis.nl>, size=742, nrcpt=1 (queue active)
Nov 16 18:30:00 hosting postfix/smtp[2117877]: 74D3C2304A: 
to=<p...@vandervlis.nl>, relay=server.vandervlis.nl[45.95.238.187]:25, 
delay=2.2, delays=0.03/0.02/0.12/2, dsn=5.7.1, status=bounced (host 
server.vandervlis.nl[45.95.238.187] said: 550 5.7.1 Command rejected (in 
reply to end of DATA command))
Nov 16 18:30:00 hosting postfix/bounce[2117879]: 74D3C2304A: sender 
non-delivery notification: A0F3823051
Nov 16 18:30:00 hosting postfix/qmgr[897]: 74D3C2304A: removed

Nov 16 18:29:58 server postfix/smtpd[64087]: connect from 
hosting.vandervlis.nl[91.198.178.59]
Nov 16 18:29:58 server postfix/smtpd[64087]: Anonymous TLS connection 
established from hosting.vandervlis.nl[91.198.178.59]: TLSv1.3 with 
cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 
server-signature RSA-PSS (2048 bits) server-digest SHA256
Nov 16 18:30:00 server policyd-spf[64093]: prepend Received-SPF: Pass 
(mailfrom) identity=mailfrom; client-ip=91.198.178.59; 
helo=hosting.vandervlis.nl; envelope-from=r...@hosting.vandervlis.nl; 
receiver=<UNKNOWN>
Nov 16 18:30:00 server postfix/smtpd[64087]: 857F9880C56: 
client=hosting.vandervlis.nl[91.198.178.59]
Nov 16 18:30:00 server postfix/cleanup[64094]: 857F9880C56: 
message-id=<y3uefl035dkou...@hosting.vandervlis.nl>
Nov 16 18:30:00 server clamav-milter[63727]: Message 857F9880C56 from 
<r...@hosting.vandervlis.nl> to <p...@vandervlis.nl> with subject 'This 
is virus8' message-id '<y3uefl035dkou...@hosting.vandervlis.nl>' date 
'Wed, 16 Nov 2022 18:29:58 +0100' infected by Eicar-Signature
Nov 16 18:30:00 server postfix/cleanup[64094]: 857F9880C56: 
milter-reject: END-OF-MESSAGE from hosting.vandervlis.nl[91.198.178.59]: 
5.7.1 Command rejected; from=<r...@hosting.vandervlis.nl> 
to=<p...@vandervlis.nl> proto=ESMTP helo=<hosting.vandervlis.nl>
Nov 16 18:30:00 server postfix/smtpd[64087]: disconnect from 
hosting.vandervlis.nl[91.198.178.59] ehlo=2 starttls=1 mail=1 rcpt=1 
data=0/1 quit=1 commands=6/7



--
Paul van der Vlis Linux systeembeheer Groningen
https://vandervlis.nl/