#------------------------------------------------------------------------- # Active features. #------------------------------------------------------------------------- feat_verbose = 0 # Warn user about unscanned parts, etc. feat_log_inline = 0 # Inline logs: 0 = Off, 1 = Maybe, 2 = Force feat_log_stderr = 0 # Print log to standard error. feat_log_xml = 0 # Don't use XML format for logs. feat_log_trace = 0 # Omit trace info from logs. feat_log_after = 0 # Don't add any scratch space to part headers. feat_files = 1 # Enable filename-based policy decisions. feat_mime_files = 1 # Always check the mime-type's default name too. feat_force_name = 0 # Force all parts (except text/html parts) to # have file names. feat_boundaries = 0 # Replace all boundary strings with our own # NOTE: Always breaks PGP/MIME messages! feat_lengths = 1 # Protect against buffer overflows and null # values. feat_scripts = 1 # Defang incoming shell scripts. feat_html = 0 # Defang active HTML content. feat_webbugs = 0 # Web-bugs are allowed. feat_trust_pgp = 0 # Don't scan PGP signed message parts. feat_uuencoded = 1 # Sanitize inline uuencoded files. feat_forwards = 1 # Sanitize forwarded messages. feat_testing = 0 # This isn't a test-case configuration. feat_fixmime = 1 # Fix invalid MIME, if possible. feat_paranoid = 0 # Don't be excessively paranoid about MIME headers etc. #------------------------------------------------------------------------- # Create saved files using this template. The directory must exist and # be writable by the user running the sanitizer. # $d - Day of month (01-31) # $m - Month number (01-12) # $y - Two digit year (00-99) # $Y - Four digit year # $H - Hour (00-23) # $M - Minute (00-59) # $S - Second (00-59) # # $P - This process's PID, in hex. # $T - The current Unix time, in hex. # $F - A safe version of the original file name. # $ - A random character, from [A-Z0-9]. #------------------------------------------------------------------------- file_name_tpl = /home/quarantine/$Y$m$d-$T-$F.$$ #------------------------------------------------------------------------- # Message used to replace attachments saved and removed. #------------------------------------------------------------------------- msg_file_save = *****ANTIVIRUS*****\n msg_file_save += ATTENZIONE: Questa mail conteneva l'allegato "%FILENAME"\n msg_file_save += che e' risultato infetto da virus o potenzialmente dannoso.\n msg_file_save += Il file e' stato rimosso al fine di evitarne la diffusione involontaria.\n msg_file_save += %SAVEDNAME\n msg_file_save += *******************\n #------------------------------------------------------------------------- # We have 2 policies, in addition to the file_default_policy. #------------------------------------------------------------------------- file_list_rules = 2 #------------------------------------------------------------------------- # 1) Scan some attachments for virus with Clam AntiVirus. #------------------------------------------------------------------------- # This policy apply to attachments whose file name did not match any # previous policy and matches this regular expression. # The policy action can be: # # accept Don't alter the attachment at all. # defang Alter the attachment's file name. # mangle Change completely the attachment's file name. # save Remove the attachment from the message, replace it with a # text message and save the attachment into a local file. # drop The attachment will be deleted and replaced with message. # unknown Indeterminate result, check the next policy. # #------------------------------------------------------------------------- # Archives, executables, scripts, etc. This is a perl regular # expression, see "man perlre" for info. The (?i) prefix makes # the regexp case insensitive. file_list_1 = (?i)\.( file_list_1 += ar[cj]|bat|bz\d?|chm|class|cmd|com|cpl|dat|deb|doc|exe|g?z file_list_1 += |lha|m?db|php\d?|pif|pl|ppt|rpm|rtf|scr|slp|[sp]?html?|sys file_list_1 += |tgz|[tr]ar|vb[es]|wp.?|xls|z(ip|oo)|pptx|docx file_list_1 += )$ # Virus scanner command line. The three exit codes represent the # following scan conditions: clean, disinfected, infected. file_list_1_scanner = 0:1:1:/usr/bin/clamdscan --fdpass --quiet %FILENAME # What policy to apply for each exit code, plus a catch-all default. file_list_1_policy = unknown:save:save:save #------------------------------------------------------------------------- # 2) White list, this extensions (or Content-Type) will be accepted. #------------------------------------------------------------------------- file_list_2 = (?i)\.( file_list_2 += an6|ang|bmp|bz2|cl|csv|dat|doc|docx|dwg|dxf|gif|gz|html?|ics file_list_2 += |jc3|jc4|jc5|jpe?g|m?db|od[bfgpst]|ot[bfgpst]|p7m|pcx|pdf|png file_list_2 += |pps|ppt|pptx|pub|rtf|snp|sxc|tgz|[tr]ar|tiff?|txt|vcf|wp.? file_list_2 += |xls|xlsx|xml|zip file_list_2 += )$ file_list_2_scanner = 0; file_list_2_policy = accept; #------------------------------------------------------------------------- # Default policy: accept, but mangle file name. #------------------------------------------------------------------------- file_default_policy = defang #------------------------------------------------------------------------- # String used to mangle file names. #------------------------------------------------------------------------- msg_defanged = ANTIVIRUS