# Configuration file for MailScanner E-Mail Virus Scanner # This file assumes everything is in the default locations provided # by the MailScanner and RedHat 6.2 and upwards. # User to run as (provided for Exim users) #Run As User = mail # Group to run as (provided for Exim users) #Run As Group = mail # In every batch of virus-scanning, limit the maximum # a) number of text-only messages to deliver # b) number of potentially infected messages to unpack and scan # c) total size of text-only messages to deliver # d) total size of potentially infected messages to unpack and scan Max Safe Messages Per Scan = 500 Max Unsafe Messages Per Scan = 100 Max Safe Bytes Per Scan = 100000000 Max Unsafe Bytes Per Scan = 50000000 # To avoid resource leaks, re-start periodically. Restart Every = 14400 # 4 hours # Name of this host, or just "the MailScanner" if you want to hide this info. # It can be placed in the Help Desk note contained in virus warnings sent to users. Host name = the MailScanner # Add this extra header to all mail as it is scanned. Mail Header = X-ECS-MailScanner: # Set the mail header to these values for clean/infected messages. Clean Header = Found to be clean Infected Header = Found to be infected Disinfected Header = Disinfected # Set where to unpack incoming messages before scanning them Incoming Work Dir = /var/spool/MailScanner/incoming # Set where to store infected message attachments (if they are kept) Quarantine Dir = /var/spool/MailScanner/quarantine # Set where to store the process id so you can easily stop the scanner Pid File = /opt/mailscanner/var/virus.pid # Set where to find the attachment filename ruleset. # The structure of this file is explained elsewhere, but it is used to # accept or reject file attachments based on their name, regardless of # whether they are infected or not. Filename Rules = /opt/mailscanner/etc/filename.rules.conf # Set where to find the message text sent to users when one of their # attachments has been quarantined. Stored Message Report = /opt/mailscanner/etc/stored.message.txt # Set where to find the message text sent to users when one of their # attachments has been deleted. Deleted Message Report = /opt/mailscanner/etc/deleted.message.txt # Set where to find the message text sent to users explaining about the # attached disinfected documents. Disinfected Report = /opt/mailscanner/etc/disinfected.report.txt # Set location of sendmail binary, location of incoming mail queue # and location of outgoing mail queue. MTA = sendmail Sendmail = /usr/lib/sendmail Incoming Queue Dir = /var/spool/mqueue.in Outgoing Queue Dir = /var/spool/mqueue # Where Sophos is installed. This is the command needed to run it Sweep = /opt/sophos/bin/sophoswrapper # Where the MS-TNEF expander is installed. TNEF Expander = /opt/mailscanner/bin/tnef # Notify the senders of infected messages that they should check out # their systems? Notify Senders = yes # Set where to find the message text sent to the senders of infected # messages. Sender Report = /opt/mailscanner/etc/sender.report.txt # Notify the local postmaster when any infections are found? Notify Local Postmaster = yes # Set email address of who to notify about any infections found. # Should put your full domain name here too, # e.g. postmaster@your.domain.com Local Postmaster = postmaster # Set what to do with infected attachments or messages. # keep ==> Store under the "Quarantine Dir" # delete ==> Just delete them #Action = delete Action = keep # Should I attempt to disinfect infected attachments and then deliver # the clean ones Deliver Disinfected Files = yes # Mark infected messages in the message body Mark Infected Messages = yes Inline Text Warning = Warning: This message has had one or more viruses removed. Please read the "Virus Warning.txt" attachment(s) for more information. Inline HTML Warning =

Warning: This message has had one or more viruses removed. Please read the "Virus Warning.txt" attachment(s) for more information.

# # Spam Detection # # Should the anti-spam checks be done on all incoming messages? Spam Checks = yes # Set the name of the extra header to add to all messages found to be # likely spam. Spam Header = X-MailScanner-SpamCheck: # Set the list of database names and their corresponding DNS domains. # All of these databases work in a similar way, allowing the simple use # of multiple databases. # See www.ordb.org and www.mail-abuse.org for more information. Spam List = ORDB-RBL, relays.ordb.org. # MAPS now charge for their services, so you'll have to buy a contract before # attempting to use the next 3 lines. #Spam List = MAPS-RBL, blackholes.mail-abuse.org. #Spam List = MAPS-DUL, dialups.mail-abuse.org. #Spam List = MAPS-RSS, relays.mail-abuse.org. # This next line works for JANET UK Academic sites only Spam List = MAPS-RBL+, rbl-plus.mail-abuse.ja.net. # Define local networks from whom you should always accept mail, and # never mark it as spam. This is useful in case your own mail servers # are ever in the ORBS or MAPS lists. Accept Spam From = 152.78. Accept Spam From = 139.166. # # Advanced Features # ================= # # Don't bother changing anything below this unless you really know what # you are doing. # # Set Debug to 1 to stop it running as a daemon # and produce more verbose output Debug = 0 # Attempt immediate delivery of messages, or just place them in the outgoing # queue for the MTA to deliver at a time of its own choosing? # If attempting immediate delivery, do them one at a time, # or do them in batches of 30 at a time? # Delivery Method = queue # Delivery Method = individual Delivery Method = batch # How to lock spool files. # Don't set this unless you *know* you need to. # For sendmail, it defaults to "flock". # For Exim, it defaults to "posix". # No other type is implemented. #Lock Type = flock