1amavisd-milter(8) System Manager’s Manual amavisd-milter(8)
2
3
4
6 amavisd-milter - sendmail milter for amavis
7
9 amavisd-milter [-Bfhv] [-d debug-level] [-D delivery-care-of] [-m max-
10 conns] [-M max-wait] [-p pidfile] [-P] [-q backlog] [-s socket]
11 [-t timeout] [-S socket] [-T timeout] [-w directory]
12
14 The amavisd-milter is a sendmail milter (mail filter) for amavis 2.4.3
15 and above and sendmail 8.13 and above.
16
17 With the amavisd-milter, a full amavis functionality is available, in‐
18 cluding adding spam and virus information header fields, modifying the
19 Subject, adding address extensions and removing certain recipients from
20 delivery, while delivering the same message to the rest.
21
22 For more information you can visit amavisd-milter website:
23
24 https://github.com/prehor/amavisd-milter
25
26 Options
27 The options are as follows:
28
29 -B Uses the milter macro {daemon_name} as the policy bank name (see
30 POLICY BANKS below).
31
32 -d debug-level
33 Set the debug level. The debugging traces become more detailed
34 as the debug level increases. Maximum is 9.
35
36 -D delivery-care-of
37 Set AM.PDP request attribute delivery_care_of to client (de‐
38 fault) or server.
39
40 When the client method is used, then amavisd-milter is responsible for
41 forwarding the message to the recipients. This method does not allow
42 personalized header or body modification.
43
44 When the server method is used, then amavis is responsible for forward‐
45 ing the message to the recipients and may personalize the headers and
46 the body of the messages. $forward_method variable in amavisd.conf
47 must point to a place willing to accept the message without further
48 checking in amavis.
49
50 -f Run amavisd-milter in the foreground (i.e. do not daemonize).
51 Print debugging messages to the terminal.
52
53 -h Print the help page and exit.
54
55 -m max-conns
56 Maximum concurrent amavis connections (default 0 = unlimited
57 number of connections). It must be the same as the $max_servers
58 variable in amavisd.conf.
59
60 -M timeout
61 Timeout for message processing in seconds (default 300 seconds =
62 5 minutes). Must be less then timeout for a response to the fi‐
63 nal “.” that terminates a message on sending MTA. Sendmail uses
64 default value 1 hour, postfix 10 minutes and qmail 20 minutes.
65 Recommended value is less than 10 minutes.
66
67 If you use other milters (especially time-consuming), the timeout must
68 be sufficient to process message in all milters.
69
70 -p pidfile
71 Use this pid file.
72
73 -P When the amavis fails, the message will be passed through
74 unchecked.
75
76 -q backlog
77 Sets the incoming socket backlog used by listen(2). If it is
78 not set or set to zero, the operating system default is used.
79
80 -s socket
81 Communication socket between sendmail and amavisd-milter. The
82 protocol spoken over this socket is MILTER (Mail FILTER). It
83 must have the same vale as the INPUT_MAIL_FILTER macro in send‐
84 mail.mc.
85
86 The socket must be in format proto:address:
87
88 • {unix|local}:/path/to/file - A named pipe.
89
90 • inet:port@{hostname|ip-address} - An IPV4 socket.
91
92 • inet6:port@{hostname|ip-address} - An IPV6 socket.
93
94 -S socket
95 Communication socket between amavisd-milter and amavis. The
96 protocol spoken over this socket is AM.PDP (AMavis Policy Dele‐
97 gation Protocol). It must have the same value as the
98 $unix_socketname variable in amavisd.conf.
99
100 The socket must be in format proto:address:
101
102 • {unix|local}:/path/to/file - A named pipe.
103
104 • inet:port@{hostname|ip-address} - An IPV4 socket.
105
106 • inet6:port@{hostname|ip-address} - An IPV6 socket.
107
108 -t timeout
109 Sendmail connection timeout in seconds (default 600 = 10 min‐
110 utes). It must have the same vale as the INPUT_MAIL_FILTER
111 macro in sendmail.mc and must be greater than or equal to the
112 amavis connection timeout.
113
114 If you use other milters (especially time-consuming), the timeout must
115 be sufficient to process message in all milters.
116
117 -T timeout
118 Amavis connection timeout in seconds (default 600 = 10 minutes).
119 Must be sufficient to process message in amavis. Usually, it is
120 a good idea to set them to the same value as sendmail connection
121 timeout.
122
123 -v Report the version number and exit.
124
125 -w directory
126 Set working directory.
127
129 If the option -B is enabled, amavisd-milter uses the value of the mil‐
130 ter macro {daemon_name} as the name of the amavis policy bank. Usual‐
131 ly, this milter macro is set to name of the MTA.
132
133 When remote client is authenticated, amavisd-milter uses authentication
134 information as the name of the amavis policy banks:
135
136 SMTP_AUTH
137 Remote client has been authenticated.
138
139 SMTP_AUTH_<MECH>
140 The remote client authentication mechanism.
141
142 SMTP_AUTH_<MECH>_<BITS>
143 The number of bits used for the key of the symmetric cipher when
144 authentication mechanism uses it.
145
147 Configuring amavis
148 In the amavisd.conf file set protocol and amavis socket to:
149
150 $protocol = "AM.PDP"; # Use AM.PDP protocol
151 $unix_socketname = "$MYHOME/amavisd.sock"; # Listen on Unix socket
152 ### $inet_socket_port = 10024; # Do not listen on TCP port
153
154 Then (re)start the amavisd daemon.
155
156 Configuring Postfix
157 Add the following entries to Postfix main.cf*:
158
159 smtpd_milters = local:<AMAVISD_MILTER.SOCK>
160 milter_connect_macros = j {client_name} {daemon_name} v
161 milter_protocol = 6
162
163 Then (re)start the Postfix daemon.
164
165 Configuring sendmail
166 Add the following entries to file sendmail.mc:
167
168 define(`confMILTER_MACROS_CONNECT',
169 confMILTER_MACROS_CONNECT`, {client_resolve}')
170 define(`confMILTER_MACROS_ENVFROM',
171 confMILTER_MACROS_ENVFROM`, r, b')
172 INPUT_MAIL_FILTER(`amavisd-milter',
173 `S=local:<AMAVISD_MILTER.SOCK>, F=T, T=S:10m;R:10m;E:10m')
174
175 Then rebuild sendmail.cf file, install it and (re)start the sendmail
176 daemon.
177
178 Running amavisd-milter
179 This examples assumes that amavis is running as user vscan. The actual
180 name is shown in the $daemon_user variable in amavisd.conf.
181
182 Limiting maximum concurrent connections to amavisd
183 To limit the maximum concurrent connections to amavis, run amavisd-mil‐
184 ter with this options:
185
186 su - vscan -c "amavisd-milter -m 4"
187
188 Troubleshooting
189 For troubleshooting, run amavisd-milter on the foreground and set the
190 debug level to the appropriate value:
191
192 su - vscan -c "amavisd-milter -f -d 4"
193
194 Debug levels are:
195
196 • 1 - Not errors but unexpected states (connection abort etc).
197
198 • 2 - Main states in message processing.
199
200 • 3 - All amavisd-milter debug messages.
201
202 • 4-9 - Milter communication debugging (set smfi_setdbg to 1-6).
203
205 • https://github.com/prehor/amavisd-milter
206
207 • https://www.ijs.si/software/amavisd/
208
209 • https://www.sendmail.org
210
212 This manual page was written by Petr Rehor and is based on Jerzy Sakol
213 initial work.
214
216 Issues can be reported by using GitHub at:
217
218 https://github.com/prehor/amavisd-milter/issues
219
220 Full detailed information on how to report issues, please see the Con‐
221 tribution Guidelines at:
222
223 https://github.com/prehor/amavisd-milter/blob/master/CONTRIBUT‐
224 ING.md
225
226 Enhancements, requests and problem reports are welcome.
227
228 If you run into problems, first check the GitHub issues before creating
229 a new one. It is very likely that someone has encountered the same
230 problem and it has already been solved.
231
232
233
234Version 1.7.2 amavisd-milter(8)