postfix + amavis + spam reports wit spam in attachment

Discussion in 'Server Operation' started by Ruthwen, May 6, 2021.

Tags:
  1. Ruthwen

    Ruthwen New Member

    Hi everyone.
    I have a mail server and as almost all people I don't want spam messages - it works - I don't receive them, but when my server receive spam message and it is spam message, the server reject it and send report to sender. In report is an attachment - received message with spam.
    So, if my server receive a spam message from Outlook server, then send the same message in report to sender. In result Outlook server add my server to banlist because my server is sending spam to them... very funny, but it's real.
    How can I prevent to send message in attachment in this case? I'm thinking about:
    1. Drop message and do nothing.
    2. Drop message and answer about spam and attach only headers.
     
    Ruthwen, May 6, 2021
    #1
  2. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Change $final_spam_destiny to something else. You don't indicate your OS nor how you have things setup, but eg. this is from /etc/amavis/conf.d/20-debian_defaults on a debian machine:
    Code:
    # You should:
#   Use D_DISCARD to discard data (viruses)
#   Use D_BOUNCE to generate local bounces by amavisd-new
#   Use D_REJECT to generate local or remote bounces by the calling MTA
#   Use D_PASS to deliver the message
#
# Whatever you do, *NEVER* use D_REJECT if you have other MTAs *forwarding*
# mail to your account.  Use D_BOUNCE instead, otherwise you are delegating
# the bounce work to your friendly forwarders, which might not like it at all.
#
# On dual-MTA setups, one can often D_REJECT, as this just makes your own
# MTA generate the bounce message.  Test it first.
#
# Bouncing viruses is stupid, always discard them after you are sure the AV
# is working correctly.  Bouncing real SPAM is also useless, if you cannot
# D_REJECT it (and don't D_REJECT mail coming from your forwarders!).

$final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
$final_banned_destiny     = D_DISCARD;
$final_spam_destiny       = D_PASS;
$final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)
    That is the correct action for the typical amavis+spamassassin setup (a better option is to reject the message in the smtp connection, but amavis is not normally setup to do that).
     
    Jesse Norell, May 6, 2021
    #2
  3. Ruthwen

    Ruthwen New Member

    Indeed it is Debian, so thank you, in my config I had:
    Code:
    $final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
$final_banned_destiny     = D_BOUNCE;   # D_REJECT when front-end MTA
$final_spam_destiny       = D_BOUNCE;
$final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)
    Now I changed it to D_DISCARD.
    We will see :)
     
    Ruthwen, May 6, 2021
    #3

Share This Page