1

Topic: Disabling Banned Contents alert

==== Required information ====
- iRedMail version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Related log if you're reporting an issue:
======== Required information ====
- iRedMail version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Related log if you're reporting an issue:
======== Required information ====
- iRedMail version: 0.8.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Ubuntu 12.04.5 LTS
- Related log if you're reporting an issue:
====

Hello all,

I am trying to disable the email alerts that I get about banned contents but I cannot do that. I tried everything that I could find on the internet and nothing succeeded.

Here are some relevant parts from /etc/amavis/conf.d/50-user

# Mail notify.
#$mailfrom_notify_admin     = "root\@$mydomain";  # notifications sender
#$mailfrom_notify_recip     = "root\@$mydomain";  # notifications sender
#$mailfrom_notify_spamadmin = "root\@$mydomain"; # notifications sender
#$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef


$final_virus_destiny      = D_DISCARD;
$final_banned_destiny     = D_DISCARD;
$final_spam_destiny       = D_PASS;
$final_bad_header_destiny = D_PASS;

$policy_bank{'ORIGINATING'} = {  # mail supposedly originating from our users
  originating => 1,  # declare that mail was submitted by our smtp client
  allow_disclaimers => 1,  # enables disclaimer insertion if available
  # notify administrator of locally originating malware
  virus_admin_maps => [],
  spam_admin_maps  => [],
  bad_header_admin_maps => [],
  banned_admin_maps => [],
  warnbadhsender   => 0,
  warnvirussender  => 0,
  warnspamsender   => 0,
  warnbannedrecip => 0,
  warnbannedsender => 0,
  # forward to a smtpd service providing DKIM signing service
  #forward_method => 'smtp:[amavis]:10027',
  # force MTA conversion to 7-bit (e.g. before DKIM signing)
  smtpd_discard_ehlo_keywords => ['8BITMIME'],
  #bypass_banned_checks_maps => [1],  # allow sending any file names and types
  terminate_dsn_on_notify_success => 0,  # don't remove NOTIFY=SUCCESS option
};


$policy_bank{'MYUSERS'} = {
    # declare that mail was submitted by our smtp client
    originating => 1,

    # enables disclaimer insertion if available
    allow_disclaimers => 1,
    
    # notify administrator of locally originating malware
    virus_admin_maps => [],
    spam_admin_maps  => [],
    bad_header_admin_maps => [],
    banned_admin_maps => [],
    warnbadhsender   => 0,
    warnbannedrecip => 0,
    warnbannedsender => 0,

    # forward to a smtpd service providing DKIM signing service
    #forward_method => 'smtp:[127.0.0.1]:10027',

    # force MTA conversion to 7-bit (e.g. before DKIM signing)
    smtpd_discard_ehlo_keywords => ['8BITMIME'],

    # don't remove NOTIFY=SUCCESS option
    terminate_dsn_on_notify_success => 0,
    
    # don't perform spam/virus/header check.
    bypass_spam_checks_maps => [1],
    bypass_virus_checks_maps => [1],
    bypass_header_checks_maps => [1],

    # allow sending any file names and types
    bypass_banned_checks_maps => [1],
};

This is one of the email that I received:
Subject: BANNED contents (.exe,report.exe) in mail FROM LOCAL [84.255.168.93] <taxicabso3@backrecordschedule.com>

Content:

No viruses were found.

Banned name: .exe,report.exe
Content type: Banned
Internal reference code for the message is 15354-01/mox9KB6HUcCW

First upstream SMTP client IP address: [84.255.168.93]
According to a 'Received:' trace, the message originated at: [84.255.168.93],
  backrecordschedule.com unknown [84.255.168.93]

Return-Path: <taxicabso3@backrecordschedule.com>
From: "Tech Server" <taxicabso3@backrecordschedule.com>>
Subject: Alert Transactions Report by users from 2014-10-08 to 2014-09-28
Not quarantined.

The message WAS NOT relayed to:
<info@******.hu>:
   250 2.7.0 Ok, discarded, id=15354-01 - BANNED: .exe,report.exe

Any help is highly appreciated!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Disabling Banned Contents alert

Does it work if you add below line in front of the last line in 50-user?

$banned_admin = undef;

Don't forget to restart Amavisd service.

Note: if you just don't want to ban email with '.exe' attachment, you can disable 'exe' in file 20-defaults, parameter "banned_filename_re".

3

Re: Disabling Banned Contents alert

ZhangHuangbin wrote:

Does it work if you add below line in front of the last line in 50-user?

$banned_admin = undef;

Don't forget to restart Amavisd service.

Note: if you just don't want to ban email with '.exe' attachment, you can disable 'exe' in file 20-defaults, parameter "banned_filename_re".

Hi,

I have added the line to my conf, we'll see in a few days.

BTW, I don'w want to allow those attachments, I just wouldn't like to be notified about those.

Thanks for your tip, I hope it helps

4

Re: Disabling Banned Contents alert

Looks like the emails are still coming sad

The other interesting thing is, that the alert emails are coming to root@mail.***.hu
And this email is then forwarded to three email addresses, but I can't find where this forward is configured. It's not in the aliases table.

5

Re: Disabling Banned Contents alert

*) Do you have alias entry for root user in /etc/postfix/aliases?
*) Also, check any '_maps' which has root as notification recipient in Amavisd config file.

6

Re: Disabling Banned Contents alert

In the end what helped was to reconfigure amavis completely. I copied the sample config file and modified it as needed. Then deleted all other configs and now it looks good.