Discussion:
amavisd-release does not work with SQL quarantine (missing quar_type = "Q")
p***@wf-partner.com
2017-02-16 06:52:57 UTC
Permalink
Hello,

We are using amavisd with iRedMail. Banned mails are quarantined in a
SQL quarantine.

Everytime I tried to release an email with amavisd-release an error
occured:

450 4.5.0 Failure: File /var/lib/amavis/virusmails/BWEgBXUllkJU does not
exist at (eval 95) line 386, <GEN34> line 5.

Now I realized that in amavisd-release there is no way to change
$quar_type to "Q", see the line:

my $quar_type = $fn_suffix eq '.gz' ? 'Z' : $fn_path ne '' ? 'F' : '';

After I changed this line to

my $quar_type = $fn_suffix eq '.gz' ? 'Z' : $fn_path ne '' ? 'F' :
'Q';

mails in SQL-quarantine are released by amavisd-release.

But I don't know if this right for users not using a SQL-quarantine.

Kind regards
Thomas Sattler
Dominic Raferd
2017-02-16 08:11:35 UTC
Permalink
Post by p***@wf-partner.com
Hello,
We are using amavisd with iRedMail. Banned mails are quarantined in a SQL
quarantine.
450 4.5.0 Failure: File /var/lib/amavis/virusmails/BWEgBXUllkJU does not
exist at (eval 95) line 386, <GEN34> line 5.
Now I realized that in amavisd-release there is no way to change $quar_type
my $quar_type = $fn_suffix eq '.gz' ? 'Z' : $fn_path ne '' ? 'F' : '';
After I changed this line to
my $quar_type = $fn_suffix eq '.gz' ? 'Z' : $fn_path ne '' ? 'F' : 'Q';
mails in SQL-quarantine are released by amavisd-release.
But I don't know if this right for users not using a SQL-quarantine.
We use file-based quarantine. I tried this change and then
amavisd-release does not work, I am sorry to report; there is no error
message - just the mail is not released and the file remains in
quarantine.
p***@wf-partner.com
2017-02-16 13:03:58 UTC
Permalink
Post by Dominic Raferd
We use file-based quarantine. I tried this change and then
amavisd-release does not work, I am sorry to report; there is no error
message - just the mail is not released and the file remains in
quarantine.
Thanks for your answer.

Could you try and write the whole filename including full path when
using amavisd-release.
I think you should get the mail resent by amavisd-release like this.

If $fn_path is emtpy $quar_type = 'Q' is used with my change.

I don't know another way to get mails resent from SQL.
p***@wf-partner.com
2017-02-20 12:44:29 UTC
Permalink
Post by p***@wf-partner.com
Post by Dominic Raferd
We use file-based quarantine. I tried this change and then
amavisd-release does not work, I am sorry to report; there is no error
message - just the mail is not released and the file remains in
quarantine.
Thanks for your answer.
Could you try and write the whole filename including full path when
using amavisd-release.
I think you should get the mail resent by amavisd-release like this.
If $fn_path is emtpy $quar_type = 'Q' is used with my change.
I don't know another way to get mails resent from SQL.
I found the underlying reason of this issue. We use the sql-based
quarantine only for banned-files and virus, but not for spam. Therefore

$spam_quarantine_method = undefined;

In amavisd-new $quar_type defaults to 'F' if $spam_quarantine_method
Post by p***@wf-partner.com
# choose some reasonable default (simpleminded)
$quar_type = c('spam_quarantine_method') =~ /^sql:/i ? 'Q' : 'F';
What do you recommend to solve this issue?

Thomas Sattler
Dino Edwards
2017-02-20 13:16:18 UTC
Permalink
Here's how to do it. In your amavis config file set the following to get everything quarantined. :

$virus_quarantine_method = 'sql:';
$spam_quarantine_method = 'sql:';
$banned_files_quarantine_method = 'sql:';
$bad_header_quarantine_method = 'sql:';
$clean_quarantine_method = 'sql:';

Just out of curiosity, any particular reason you are using sql instead of local to quarantine? I used to use sql and the database became unmanageable because of the sheer amount of email that was stored in it. So, I don't recommend storing your email in the database. If you want to go local storage, set it like below. Ensure you set your $QUARANtINEDIR path below to a mount point with plenty of space and ensure that it's owned by amavis:

$QUARANTINEDIR = "/some/mountpoint/with/plenty/of/space";
$virus_quarantine_method = 'local:virus/%m';
$spam_quarantine_method = 'local:spam/%m';
$banned_files_quarantine_method = 'local:banned/%m';
$bad_header_quarantine_method = 'local:bad_header/%m';
$clean_quarantine_method = 'local:clean/%m';




----------------
Dino Edwards
----------------

Hermes Secure Email Gateway
Hermes Secure Email Gateway combines Open Source technologies such as Postfix, Apache SpamAssassin, ClamAV, Amavisd-new, MySQL and CipherMail under one unified web based Web GUI for easy administration and management of your incoming and ougoing email for your organization. Anti-spam, anti-virus and anti-malware protection, encrypted S/MIME, encrypted PDF and SMTP TLS support, built-in email archiving, end-user self-service web gui.

Learn More & Download the free open-source appliance at:
https://www.deeztek.com/hermes-secure-email-gateway/





-----Original Message-----
From: amavis-users [mailto:amavis-users-bounces+dino.edwards=***@amavis.org] On Behalf Of ***@wf-partner.com
Sent: Monday, February 20, 2017 7:44 AM
To: Amavis Users <amavis-***@amavis.org>
Subject: Re: amavisd-release does not work with SQL quarantine (missing quar_type = "Q")
Post by p***@wf-partner.com
Post by Dominic Raferd
We use file-based quarantine. I tried this change and then
amavisd-release does not work, I am sorry to report; there is no
error message - just the mail is not released and the file remains in
quarantine.
Thanks for your answer.
Could you try and write the whole filename including full path when
using amavisd-release.
I think you should get the mail resent by amavisd-release like this.
If $fn_path is emtpy $quar_type = 'Q' is used with my change.
I don't know another way to get mails resent from SQL.
I found the underlying reason of this issue. We use the sql-based quarantine only for banned-files and virus, but not for spam. Therefore

$spam_quarantine_method = undefined;
Post by p***@wf-partner.com
# choose some reasonable default (simpleminded)
$quar_type = c('spam_quarantine_method') =~ /^sql:/i ? 'Q' : 'F';
What do you recommend to solve this issue?

Thomas Sattler
@lbutlr
2017-02-20 19:36:40 UTC
Permalink
Post by Dino Edwards
$QUARANTINEDIR = "/some/mountpoint/with/plenty/of/space";
$virus_quarantine_method = 'local:virus/%m';
$spam_quarantine_method = 'local:spam/%m';
$banned_files_quarantine_method = 'local:banned/%m';
$bad_header_quarantine_method = 'local:bad_header/%m';
$clean_quarantine_method = 'local:clean/%m';
I'm puzzled, only the first exists in amavisd.conf

The only (non commented) lines with quarantine:

$QUARANTINEDIR = '/var/virusmails'; # -Q
$sa_quarantine_cutoff_level = 12; # spam level beyond which quarantine is off
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
"-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".
--
Apple broke AppleScripting signatures in Mail.app, so no random signatures.
Dino Edwards
2017-02-20 20:21:24 UTC
Permalink
There is a lot more to it than that. What's the setting for the following?

$final_virus_destiny =
$final_banned_destiny =
$final_bad_header_destiny =

$virus_quarantine_to =
$banned_quarantine_to =
$bad_header_quarantine_to =




-----Original Message-----
From: amavis-users [mailto:amavis-users-bounces+dino.edwards=***@amavis.org] On Behalf Of @lbutlr
Sent: Monday, February 20, 2017 2:37 PM
To: amavis-***@amavis.org
Subject: Re: amavisd-release does not work with SQL quarantine (missing quar_type = "Q")
Post by Dino Edwards
$QUARANTINEDIR = "/some/mountpoint/with/plenty/of/space";
$virus_quarantine_method = 'local:virus/%m'; $spam_quarantine_method =
'local:spam/%m'; $banned_files_quarantine_method = 'local:banned/%m';
$bad_header_quarantine_method = 'local:bad_header/%m';
$clean_quarantine_method = 'local:clean/%m';
I'm puzzled, only the first exists in amavisd.conf

The only (non commented) lines with quarantine:

$QUARANTINEDIR = '/var/virusmails'; # -Q $sa_quarantine_cutoff_level = 12; # spam level beyond which quarantine is off $mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
"-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".

--
Apple broke AppleScripting signatures in Mail.app, so no random signatures.
Dino Edwards
2017-02-20 20:32:20 UTC
Permalink
To be clear here's my config relating to quarantine:

$sa_spam_modifies_subj = 1;
$sa_spam_subject_tag = '[SUSPECTED SPAM]';
$sa_tag_level_deflt = undef;
$sa_tag2_level_deflt = 2;
$sa_kill_level_deflt = 5;
$sa_local_tests_only = 0;
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
$final_bad_header_destiny = D_DISCARD;

$QUARANTINEDIR = "/mnt/data/amavis";
$virus_quarantine_method = 'local:virus/%m';
$spam_quarantine_method = 'local:spam/%m';
$banned_files_quarantine_method = 'local:banned/%m';
$bad_header_quarantine_method = 'local:bad_header/%m';
$clean_quarantine_method = 'local:clean/%m';
$timestamp_fmt_mysql = 1;

I save all emails whether spam, clean, virus or bad headers cause I ALWAYS have users misplacing emails and they are looking for them months later. Besides, I don't have 100% confidence in the spam filter to always tag things as spam or ham like it's supposed to. You haven't lived until you had a VIP user looking for a very important email that your spam filter decided not to pass to the user because it scored too high. This way all I have to do is do an amavis-release and it's back in their mailbox like below:

amavisd-release /mnt/data/amavis/someemail <secretid> ***@domain.tld





-----Original Message-----
From: amavis-users [mailto:amavis-users-bounces+dino.edwards=***@amavis.org] On Behalf Of @lbutlr
Sent: Monday, February 20, 2017 2:37 PM
To: amavis-***@amavis.org
Subject: Re: amavisd-release does not work with SQL quarantine (missing quar_type = "Q")
Post by Dino Edwards
$QUARANTINEDIR = "/some/mountpoint/with/plenty/of/space";
$virus_quarantine_method = 'local:virus/%m'; $spam_quarantine_method =
'local:spam/%m'; $banned_files_quarantine_method = 'local:banned/%m';
$bad_header_quarantine_method = 'local:bad_header/%m';
$clean_quarantine_method = 'local:clean/%m';
I'm puzzled, only the first exists in amavisd.conf

The only (non commented) lines with quarantine:

$QUARANTINEDIR = '/var/virusmails'; # -Q $sa_quarantine_cutoff_level = 12; # spam level beyond which quarantine is off $mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
"-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".

--
Apple broke AppleScripting signatures in Mail.app, so no random signatures.
p***@wf-partner.com
2017-02-21 07:25:04 UTC
Permalink
We only quarantine mails containing viruses or banned files. I would not
recommend quarantining clean mails.

What I was looking for is a solution for people who use sql quarantine
only for viruses and banned files and who want to release a quarantined
mail.

This doesn't work because in amavisd-release the default value of
$quar_type = ''. And in amavisd-new $quar_type defaults to 'F' if
Post by p***@wf-partner.com
# choose some reasonable default (simpleminded)
$quar_type = c('spam_quarantine_method') =~ /^sql:/i ? 'Q' : 'F';
My solution is to change default value of $quar_type to 'Q' in
amamvisd-release.
But this does not fix the bug.
Post by p***@wf-partner.com
Just out of curiosity, any particular reason you are using sql instead
of local to quarantine?
No there is no particular reason to use sql quarantine. But we have not
so many quarantined mails in a week, so we can live with it.

Thomas

-----Original Message-----
From: amavis-users
[mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at
amavis.org] On Behalf Of Dino Edwards dino.edwards at mydirectmail.net

Here's how to do it. In your amavis config file set the following to
get everything quarantined. :

$virus_quarantine_method = 'sql:';
$spam_quarantine_method = 'sql:';
$banned_files_quarantine_method = 'sql:';
$bad_header_quarantine_method = 'sql:';
$clean_quarantine_method = 'sql:';

Just out of curiosity, any particular reason you are using sql instead
of local to quarantine? I used to use sql and the database became
unmanageable because of the sheer amount of email that was stored in it.
So, I don't recommend storing your email in the database. If you want to
go local storage, set it like below. Ensure you set your $QUARANtINEDIR
path below to a mount point with plenty of space and ensure that it's
owned by amavis:

$QUARANTINEDIR = "/some/mountpoint/with/plenty/of/space";
$virus_quarantine_method = 'local:virus/%m';
$spam_quarantine_method = 'local:spam/%m';
$banned_files_quarantine_method = 'local:banned/%m';
$bad_header_quarantine_method = 'local:bad_header/%m';
$clean_quarantine_method = 'local:clean/%m';




----------------
Dino Edwards
----------------

Hermes Secure Email Gateway
Hermes Secure Email Gateway combines Open Source technologies such as
Postfix, Apache SpamAssassin, ClamAV, Amavisd-new, MySQL and CipherMail
under one unified web based Web GUI for easy administration and
management of your incoming and ougoing email for your organization.
Anti-spam, anti-virus and anti-malware protection, encrypted S/MIME,
encrypted PDF and SMTP TLS support, built-in email archiving, end-user
self-service web gui.

Learn More & Download the free open-source appliance at:
https://www.deeztek.com/hermes-secure-email-gateway/





-----Original Message-----
From: amavis-users
[mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at
amavis.org] On Behalf Of postmaster at wf-partner.com
Sent: Monday, February 20, 2017 7:44 AM
To: Amavis Users <amavis-users at amavis.org>
Subject: Re: amavisd-release does not work with SQL quarantine (missing
quar_type = "Q")
Post by p***@wf-partner.com
Post by Dominic Raferd
We use file-based quarantine. I tried this change and then
amavisd-release does not work, I am sorry to report; there is no
error message - just the mail is not released and the file remains in
quarantine.
Thanks for your answer.
Could you try and write the whole filename including full path when
using amavisd-release.
I think you should get the mail resent by amavisd-release like this.
If $fn_path is emtpy $quar_type = 'Q' is used with my change.
I don't know another way to get mails resent from SQL.
I found the underlying reason of this issue. We use the sql-based
quarantine only for banned-files and virus, but not for spam. Therefore

$spam_quarantine_method = undefined;

In amavisd-new $quar_type defaults to 'F' if $spam_quarantine_method
Post by p***@wf-partner.com
# choose some reasonable default (simpleminded)
$quar_type = c('spam_quarantine_method') =~ /^sql:/i ? 'Q' : 'F';
What do you recommend to solve this issue?

Thomas Sattler
Dino Edwards
2017-02-21 10:47:29 UTC
Permalink
Fair enough. I'm a little confused still. What type of message are you trying to release? A spam, virus or banned when you do amavis-release? So the following lines exist in your amavis config file?

$virus_quarantine_method = 'sql:';
$banned_files_quarantine_method = 'sql:';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;



-----Original Message-----
From: amavis-users [mailto:amavis-users-bounces+dino.edwards=***@amavis.org] On Behalf Of ***@wf-partner.com
Sent: Tuesday, February 21, 2017 2:25 AM
To: Amavis Users <amavis-***@amavis.org>
Subject: Re: amavisd-release does not work with SQL quarantine (missing quar_type = "Q")

We only quarantine mails containing viruses or banned files. I would not recommend quarantining clean mails.

What I was looking for is a solution for people who use sql quarantine only for viruses and banned files and who want to release a quarantined mail.
Post by p***@wf-partner.com
# choose some reasonable default (simpleminded)
$quar_type = c('spam_quarantine_method') =~ /^sql:/i ? 'Q' : 'F';
My solution is to change default value of $quar_type to 'Q' in amamvisd-release.
But this does not fix the bug.
Post by p***@wf-partner.com
Just out of curiosity, any particular reason you are using sql instead
of local to quarantine?
No there is no particular reason to use sql quarantine. But we have not so many quarantined mails in a week, so we can live with it.

Thomas

-----Original Message-----
From: amavis-users
[mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at amavis.org] On Behalf Of Dino Edwards dino.edwards at mydirectmail.net

Here's how to do it. In your amavis config file set the following to get everything quarantined. :

$virus_quarantine_method = 'sql:';
$spam_quarantine_method = 'sql:';
$banned_files_quarantine_method = 'sql:'; $bad_header_quarantine_method = 'sql:'; $clean_quarantine_method = 'sql:';

Just out of curiosity, any particular reason you are using sql instead of local to quarantine? I used to use sql and the database became unmanageable because of the sheer amount of email that was stored in it.
So, I don't recommend storing your email in the database. If you want to go local storage, set it like below. Ensure you set your $QUARANtINEDIR path below to a mount point with plenty of space and ensure that it's owned by amavis:

$QUARANTINEDIR = "/some/mountpoint/with/plenty/of/space";
$virus_quarantine_method = 'local:virus/%m'; $spam_quarantine_method = 'local:spam/%m'; $banned_files_quarantine_method = 'local:banned/%m'; $bad_header_quarantine_method = 'local:bad_header/%m'; $clean_quarantine_method = 'local:clean/%m';




----------------
Dino Edwards
----------------

Hermes Secure Email Gateway
Hermes Secure Email Gateway combines Open Source technologies such as Postfix, Apache SpamAssassin, ClamAV, Amavisd-new, MySQL and CipherMail under one unified web based Web GUI for easy administration and management of your incoming and ougoing email for your organization.
Anti-spam, anti-virus and anti-malware protection, encrypted S/MIME, encrypted PDF and SMTP TLS support, built-in email archiving, end-user self-service web gui.

Learn More & Download the free open-source appliance at:
https://www.deeztek.com/hermes-secure-email-gateway/





-----Original Message-----
From: amavis-users
[mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at amavis.org] On Behalf Of postmaster at wf-partner.com
Sent: Monday, February 20, 2017 7:44 AM
To: Amavis Users <amavis-users at amavis.org>
Subject: Re: amavisd-release does not work with SQL quarantine (missing quar_type = "Q")
Post by p***@wf-partner.com
Post by Dominic Raferd
We use file-based quarantine. I tried this change and then
amavisd-release does not work, I am sorry to report; there is no
error message - just the mail is not released and the file remains in
quarantine.
Thanks for your answer.
Could you try and write the whole filename including full path when
using amavisd-release.
I think you should get the mail resent by amavisd-release like this.
If $fn_path is emtpy $quar_type = 'Q' is used with my change.
I don't know another way to get mails resent from SQL.
I found the underlying reason of this issue. We use the sql-based quarantine only for banned-files and virus, but not for spam. Therefore

$spam_quarantine_method = undefined;
Post by p***@wf-partner.com
# choose some reasonable default (simpleminded)
$quar_type = c('spam_quarantine_method') =~ /^sql:/i ? 'Q' : 'F';
What do you recommend to solve this issue?

Thomas Sattler
p***@wf-partner.com
2017-02-21 12:40:35 UTC
Permalink
You are almost right, the following lines exist in our amavis config
file:

$virus_quarantine_method = 'sql:';
$banned_files_quarantine_method = 'sql:';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_REJECT;

I tried to release a banned message.
Post by Dino Edwards
Fair enough. I'm a little confused still. What type of message are you
trying to release? A spam, virus or banned when you do amavis-release?
So the following lines exist in your amavis config file?
$virus_quarantine_method = 'sql:';
$banned_files_quarantine_method = 'sql:';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
-----Original Message-----
From: amavis-users
Sent: Tuesday, February 21, 2017 2:25 AM
Subject: Re: amavisd-release does not work with SQL quarantine
(missing quar_type = "Q")
We only quarantine mails containing viruses or banned files. I would
not recommend quarantining clean mails.
What I was looking for is a solution for people who use sql quarantine
only for viruses and banned files and who want to release a
quarantined mail.
This doesn't work because in amavisd-release the default value of
$quar_type = ''. And in amavisd-new $quar_type defaults to 'F' if
Post by p***@wf-partner.com
# choose some reasonable default (simpleminded)
$quar_type = c('spam_quarantine_method') =~ /^sql:/i ? 'Q' : 'F';
My solution is to change default value of $quar_type to 'Q' in
amamvisd-release.
But this does not fix the bug.
Post by p***@wf-partner.com
Just out of curiosity, any particular reason you are using sql instead
of local to quarantine?
No there is no particular reason to use sql quarantine. But we have
not so many quarantined mails in a week, so we can live with it.
Thomas
-----Original Message-----
From: amavis-users
[mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at
amavis.org] On Behalf Of Dino Edwards dino.edwards at mydirectmail.net
Here's how to do it. In your amavis config file set the following to
$virus_quarantine_method = 'sql:';
$spam_quarantine_method = 'sql:';
$banned_files_quarantine_method = 'sql:';
$bad_header_quarantine_method = 'sql:'; $clean_quarantine_method =
'sql:';
Just out of curiosity, any particular reason you are using sql instead
of local to quarantine? I used to use sql and the database became
unmanageable because of the sheer amount of email that was stored in it.
So, I don't recommend storing your email in the database. If you want
to go local storage, set it like below. Ensure you set your
$QUARANtINEDIR path below to a mount point with plenty of space and
$QUARANTINEDIR = "/some/mountpoint/with/plenty/of/space";
$virus_quarantine_method = 'local:virus/%m'; $spam_quarantine_method =
'local:spam/%m'; $banned_files_quarantine_method = 'local:banned/%m';
$bad_header_quarantine_method = 'local:bad_header/%m';
$clean_quarantine_method = 'local:clean/%m';
----------------
Dino Edwards
----------------
Hermes Secure Email Gateway
Hermes Secure Email Gateway combines Open Source technologies such as
Postfix, Apache SpamAssassin, ClamAV, Amavisd-new, MySQL and
CipherMail under one unified web based Web GUI for easy administration
and management of your incoming and ougoing email for your
organization.
Anti-spam, anti-virus and anti-malware protection, encrypted S/MIME,
encrypted PDF and SMTP TLS support, built-in email archiving, end-user
self-service web gui.
https://www.deeztek.com/hermes-secure-email-gateway/
-----Original Message-----
From: amavis-users
[mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at
amavis.org] On Behalf Of postmaster at wf-partner.com
Sent: Monday, February 20, 2017 7:44 AM
To: Amavis Users <amavis-users at amavis.org>
Subject: Re: amavisd-release does not work with SQL quarantine
(missing quar_type = "Q")
Post by p***@wf-partner.com
Post by Dominic Raferd
We use file-based quarantine. I tried this change and then
amavisd-release does not work, I am sorry to report; there is no
error message - just the mail is not released and the file remains in
quarantine.
Thanks for your answer.
Could you try and write the whole filename including full path when
using amavisd-release.
I think you should get the mail resent by amavisd-release like this.
If $fn_path is emtpy $quar_type = 'Q' is used with my change.
I don't know another way to get mails resent from SQL.
I found the underlying reason of this issue. We use the sql-based
quarantine only for banned-files and virus, but not for spam.
Therefore
$spam_quarantine_method = undefined;
In amavisd-new $quar_type defaults to 'F' if $spam_quarantine_method
Post by p***@wf-partner.com
# choose some reasonable default (simpleminded)
$quar_type = c('spam_quarantine_method') =~ /^sql:/i ? 'Q' : 'F';
What do you recommend to solve this issue?
Thomas Sattler
Loading...