1amavisd-milter(8) BSD System Manager's Manual amavisd-milter(8)
2
4 amavisd-milter — sendmail milter for amavisd-new
5
7 amavisd-milter [-Bfhv] [-d debug-level] [-D delivery-care-of]
8 [-m max-conns] [-M max-wait] [-p pidfile] [-P]
9 [-q backlog] [-s socket] [-t timeout] [-S socket]
10 [-T timeout] [-w directory]
11
13 The amavisd-milter is a sendmail milter (mail filter) for amavisd-new
14 2.4.3 and above and sendmail 8.13 and above (limited support for 8.12 is
15 provided).
16 Instead of older amavis-milter helper program, full amavisd-new function‐
18 ality is available, including adding spam and virus information header
19 fields, modifying Subject, adding address extensions and removing certain
20 recipients from delivery while delivering the same message to the rest.
21 For more information you can visit amavisd-milter website:
23 http://amavisd-milter.sourceforge.net/
25 and SourceForge project:
27 http://sourceforge.net/projects/amavisd-milter
29 Options
31 The options are as follows:
32 -B Uses {daemon_name} macro as a policy bank name (see POLICY BANKS
34 below).
35 -d debug-level
37 Set the debug level to debug-level. Debugging traces become more
38 verbose as the debug level increases. Maximum is 9.
39 -D delivery-care-of
41 Set AM.PDP request attribute delivery_care_of to client (default)
42 or server. When client method is used then amavisd-milter is
43 responsible to forward the message to recipients. This method
44 doesn't allow personalized header or body modification.
45 When server method is used then amavisd-new is responsible to
47 forward the message to recipients and can provide personalized
48 header and body modification. $forward_method in amavisd.conf
49 must point to some place willing to accept mail without further
50 checking in amavisd-new.
51 -f Run amavisd-milter in the foreground (i.e. do not daemonize).
53 Print debug messages to the terminal.
54 -h Print help page and exit.
56 -m max-conns
58 Maximum concurrent amavisd connections (default 0 - unlimited
59 number of connections). It must agree with the $max_servers
60 entry in amavisd.conf.
61 -M max-wait
63 Maximum wait for connection to amavisd in seconds (default 300 =
64 5 minutes). It must be less then sending MTA timeout for a
65 response to the final "." that terminates a message on sending
66 MTA. sendmail has default value 1 hour, postfix 10 minutes and
67 qmail 20 minutes. We suggest to use less than 10 minutes.
68 -p pidfile
70 Use this pid file (default /run/amavisd/amavisd-milter.pid).
71 -P When amavisd-new fails mail will be passed through unchecked.
73 -q backlog
75 Sets the incoming socket backlog used by listen(2). If it is not
76 set or set to zero, the operating system default is used.
77 -s socket
79 Communication socket between sendmail and amavisd-milter (default
80 /run/amavisd/amavisd-milter.sock). The protocol spoken over this
81 socket is MILTER (Mail FILTER). It must agree with the
82 INPUT_MAIL_FILTER entry in sendmail.mc
83 The socket should be in "proto:address" format:
85 · {unix|local}:/path/to/file - A named pipe.
86 · inet:port@{hostname|ip-address} - An IPV4 socket.
87 · inet6:port@{hostname|ip-address} - An IPV6 socket.
88 -S socket
90 Communication socket between amavisd-milter and amavisd-new
91 (default /run/amavisd/amavisd.sock). The protocol spoken over
92 this socket is AM.PDP (AMavis Policy Delegation Protocol). It
93 must agree with the $unix_socketname entry in amavisd.conf.
94 The socket should be in "proto:address" format:
96 · {unix|local}:/path/to/file - A named pipe.
97 -t timeout
99 sendmail connection timeout in seconds (default 600 = 10 min‐
100 utes). It must agree with the INPUT_MAIL_FILTER entry in send‐
101 mail.mc and must be greater than or equal to the amavisd-new con‐
102 nection timeout. When you use other milters (especially time-
103 consuming), the timeout must be sufficient to process message in
104 all milters.
105 -T timeout
107 amavisd-new connection timeout in seconds (default 600 = 10 min‐
108 utes). This timeout must be sufficient for message processing in
109 amavisd-new. It's usually a good idea to adjust them to the same
110 value as sendmail connection timeout.
111 -v Report the version number and exit.
113 -w directory
115 Set working directory (default /var/spool/amavisd/tmp).
116 Limited support for sendmail 8.12
118 · smfi_addheader() is used instead of smfi_insheader() for insheader
119 and addheader AM.PDP responses. This works well with amavisd-new
120 2.4.3 or newer.
121 · smfi_progress() isn't called when amavisd-milter wait for amavisd-new
122 communication socket.
123 · AM.PDP response quarantine isn't implemented.
124
126 /run/amavisd/amavisd-milter.pid
127 The default process-id file.
128 /run/amavisd/amavisd-milter.sock
130 The default sendmail communication socket.
131 /run/amavisd/amavisd.sock
133 Th default amavisd-new communication socket.
134 /var/spool/amavisd/tmp
136 The default working directory.
137
139 If the option -B is enabled, amavisd-milter uses the value of the milter
140 macro {daemon_name} as a name of the amavisd-new policy bank. Usualy this
141 milter macro is set to name of the MTA.
142 When remote client is authenticated, amavisd-milter uses this information
144 as a name of the amavisd-new policy banks:
145 SMTP_AUTH
147 Indicate that the remote client is authenticated.
148 SMTP_AUTH_<MECH>
150 Remote client authentication mechanism.
151 SMTP_AUTH_<MECH>_<BITS>
153 The number of bits used for the key of the symmetric cipher when
154 authentication mechanism use it.
155
157 Configuring amavisd-new
158 In amavisd.conf file change protocol and socket settings to:
159 $protocol = "AM.PDP"; # Use AM.PDP protocol
161 $unix_socketname = "$MYHOME/amavisd.sock"; # Listen on Unix socket
162 ### $inet_socket_port = 10024; # Don't listen on TCP port
163 Then (re)start amavisd daemon.
165 Configuring sendmail
167 To the sendmail.mc file add the following entries:
168 define(`confMILTER_MACROS_ENVFROM',
170 confMILTER_MACROS_ENVFROM`, r, b')
171 INPUT_MAIL_FILTER(`amavisd-milter',
172 `S=local:/run/amavisd/amavisd-milter.sock,
173 F=T, T=S:10m;R:10m;E:10m')
174 Then rebuild your sendmail.cf file, install it (usually to
176 /etc/mail/sendmail.cf) and (re)start sendmail daemon.
177 Running amavisd-milter
179 This example assume that amavisd-new is running as user amavis. It must
180 agree with the entry $daemon_user in amavisd.conf.
181 First create working directory:
183 mkdir /var/spool/amavisd/tmp
185 chmod 750 /var/spool/amavisd/tmp
186 chown amavis /var/spool/amavisd/tmp
187 Then start amavisd-milter as non-priviledged user amavis:
189 su - amavis -c "amavisd-milter -w /var/spool/amavisd/tmp"
191 Limiting maximum concurrent connections to amavisd
193 To limit concurrent connections to 4 and fail after 10 minutes (10*60
194 secs) of waiting run amavisd-milter with this options:
195 su - amavis -c "amavisd-milter -w /var/spool/amavisd/tmp -m 4 -M
197 600"
198 Troubleshooting
200 For troubleshooting run amavisd-milter on the foreground and set debug
201 level to appropriate level:
202 su - amavis -c "amavisd-milter -w /var/spool/amavisd/tmp -f -d
204 level"
205 where debug levels are:
207 1 Not errors but unexpected states (connection abort etc).
209 2 Main states in message processing.
211 3 All amavisd-milter debug messages.
213 4-9 Milter communication debugging (smfi_setdbg 1-6).
215
217 http://amavisd-milter.sourceforge.net
218 http://www.ijs.si/software/amavisd/
219 http://www.milter.org/developers
220 http://www.sendmail.org
221
223 This manual page was written by Petr Rehor <rx@rx.cz> and is based on
224 Jerzy Sakol <jerzy.sakol@commgraf.pl> initial work.
225
227 A community mailing lists are available at:
228 http://sourceforge.net/mail/?group_id=138169
230 Enhancements, requests and problem reports are welcome.
232 If you run into problems first check the users mailing list archive
234 before asking questions on the list. It's highly likely somebody has
235 already come across the same problem and it's been solved.
236BSD Januar 23, 2006 BSD