[Rspamd-Users] weird bug in settings.conf
Jens Friedrichs
jens.friedrichs at uni-leipzig.de
Mon Oct 12 05:13:21 UTC 2020
Hello @all
I have a little problem and need somebody who can confirm this.
This is my setting with the bug:
INCOMING_SMTP_EMOTET_ONLY_AUTHENTICATED {
id = "INCOMING_SMTP_EMOTET_ONLY_AUTHENTICATED"
priority = medium;
authenticated = true;
request_header = {
"MTA-Name" = "smtpd-emotet";
}
apply {
actions {
rewrite_subject = null;
reject = null;
greylist = null;
add_header = null;
}
symbols_enabled = [
"MILTER_HEADERS",
"FORCE_ACTION_VIRUS_FOUND",
"FORCE_ACTION_OLETOOLS_FOUND",
"FORCE_ACTION_BLOCK_BANNED_EXTENSIONS_EXTERN",
"FORCE_ACTION_BLOCK_BANNED_EXTENSIONS_INTERN",
"FORCE_ACTION_BLOCK_INTERNAL_DOMAIN_IN_DISPLAYNAME",
"FORCE_ACTION_BLOCK_INTERNAL_DOMAIN_IN_FROM_HEADER",
"FORCE_ACTION_BLOCK_INTERNAL_DOMAIN_IN_ENVELOPE",
"OLETOOLS",
"OLETOOLS_ENCRYPTED",
"OLETOOLS_TIMEOUT",
"MIME_ENCRYPTED_ARCHIVE",
"GROUP_ENCRYPTED_ATTACHMENT",
"GROUP_VIRUS_REJECT",
"GROUP_AV_SCANNER_FAILED",
"INTERNAL_SERVER",
"BANNED_EXTENSIONS_INTERN",
"BANNED_EXTENSIONS_EXTERN",
"INTERNAL_DOMAIN_ENVELOPE",
"INTERNAL_DOMAIN_DISPLAYNAME",
"INTERNAL_DOMAIN_FROM"
]
groups_enabled = [
"antivirus",
]
}
symbols [
"INCOMING_SMTP_EMOTET_AUTHENTICATED",
"AUTHENTICATED"
]
}
basically it is just activating antivirus, oletools and some
blacklists/force_actions. Oletools are working. All blacklists are
working but not antivirus. It seems that the antivirus group won't get
activated. BUT ... if i change the name and the ID of the Setting to
"INCOMING_SMTP_EMOTET_ONLY" (just remove the _AUTHENTICATED) it works.
Now Sophos and ClamAV are working. Can somebody confirm this bug?
--
Jens Friedrichs
System Administrator
Universität Leipzig
Universitätsrechenzentrum
Augustusplatz 10, 04109 Leipzig
jens.friedrichs at uni-leipzig.de
https://www.urz.uni-leipzig.de
More information about the Users
mailing list