2014-09-26 03:02:55 -05:00
|
|
|
# Quarantining
|
|
|
|
|
2014-09-26 10:31:30 -05:00
|
|
|
[TOC]
|
|
|
|
|
2019-05-16 09:43:12 -05:00
|
|
|
Amavisd is configured to query policy from SQL database, global policy is
|
|
|
|
created during iRedMail installation, quarantining related settings are
|
|
|
|
disabled by default, you can easily enable quarantining with this tutorial.
|
2014-12-18 06:40:50 -06:00
|
|
|
|
2019-05-16 09:43:12 -05:00
|
|
|
## Update Amavisd policy settings
|
|
|
|
With OpenLDAP, MySQL and MariaDB backends, Amavisd queries MySQL/MariaDB
|
|
|
|
database `amavisd` to get policy, so we use MySQL commands for example in this
|
|
|
|
tutorial. Most commands work for PostgreSQL.
|
2014-09-26 03:02:55 -05:00
|
|
|
|
|
|
|
```
|
2019-05-16 09:43:12 -05:00
|
|
|
USE amavisd;
|
|
|
|
|
|
|
|
-- quarantine spam
|
|
|
|
UPDATE policy set spam_lover='N', bypass_spam_checks='N' WHERE policy_name='@.';
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2019-05-16 09:43:12 -05:00
|
|
|
-- quarantine virus
|
|
|
|
UPDATE policy set virus_lover='N', bypass_virus_checks='N' WHERE policy_name='@.';
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2019-05-16 09:43:12 -05:00
|
|
|
-- quarantine email which contains banned file types
|
|
|
|
UPDATE policy set banned_files_lover='N', bypass_banned_checks='N' WHERE policy_name='@.';
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2019-05-16 09:43:12 -05:00
|
|
|
-- quarantine email which has bad headers.
|
|
|
|
UPDATE policy set bad_header_lover='N', bypass_header_checks='N' WHERE policy_name='@.';
|
2014-09-26 03:02:55 -05:00
|
|
|
```
|
|
|
|
|
2019-05-16 09:43:12 -05:00
|
|
|
Restarting amavisd service is __NOT__ required.
|
2014-09-26 03:02:55 -05:00
|
|
|
|
|
|
|
## Configure iRedAdmin-Pro to manage quarantined mails
|
|
|
|
|
|
|
|
Update iRedAdmin-Pro config file, make sure you have correct settings for Amavisd:
|
2014-09-26 10:31:30 -05:00
|
|
|
|
2014-09-26 03:02:55 -05:00
|
|
|
* on Red Hat Enterprise Linux, CentOS, Scientific Linux, it's `/var/www/iredadmin/settings.py`.
|
2015-06-09 09:30:50 -05:00
|
|
|
* on Debian, Ubuntu, it's `/opt/www/iredadmin/settings.py` or `/usr/share/apache2/iredadmin/settings.py`.
|
2014-09-26 03:02:55 -05:00
|
|
|
* on FreeBSD, it's `/usr/local/www/iredadmin/settings.py`.
|
|
|
|
* on OpenBSD, it's `/var/www/iredadmin/settings.py`.
|
|
|
|
|
|
|
|
```python
|
|
|
|
# File: settings.py
|
|
|
|
|
|
|
|
amavisd_db_host = '127.0.0.1'
|
|
|
|
amavisd_db_port = 3306
|
|
|
|
amavisd_db_name = 'amavisd'
|
|
|
|
amavisd_db_user = 'amavisd'
|
|
|
|
amavisd_db_password = 'password'
|
|
|
|
|
2014-10-10 10:51:42 -05:00
|
|
|
# Log basic info of inbound/outbound, no mail body stored.
|
2014-09-26 03:02:55 -05:00
|
|
|
amavisd_enable_logging = True
|
|
|
|
|
2014-10-10 10:51:42 -05:00
|
|
|
# Quarantining management
|
2014-09-26 03:02:55 -05:00
|
|
|
amavisd_enable_quarantine = True
|
|
|
|
amavisd_quarantine_port = 9998
|
|
|
|
|
2014-10-10 10:51:42 -05:00
|
|
|
# Per-recipient policy lookup
|
2014-09-26 03:02:55 -05:00
|
|
|
amavisd_enable_policy_lookup = True
|
|
|
|
```
|
|
|
|
|
2014-12-18 06:40:50 -06:00
|
|
|
Restarting Apache web server or `uwsgi` service (if you're running Nginx as
|
|
|
|
web server) is required.
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2014-12-18 06:40:50 -06:00
|
|
|
You can now login to iRedAdmin-Pro, and manage quarantined messages via menu
|
2014-09-26 03:02:55 -05:00
|
|
|
`System -> Quarantined Mails`. Choose action in drop-down menu list to release
|
|
|
|
or delete them.
|
|
|
|
|
2014-09-26 10:25:47 -05:00
|
|
|
Screenshots attached at the bottom.
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2016-04-03 08:20:59 -05:00
|
|
|
### Notify users about quarantined mails
|
|
|
|
|
2017-02-14 08:04:26 -06:00
|
|
|
iRedAdmin-Pro ships script `tools/notify_quarantined_recipients.py` to notify
|
|
|
|
users which have email quarantined in SQL database.
|
2016-04-03 08:20:59 -05:00
|
|
|
|
2017-02-14 08:04:26 -06:00
|
|
|
Default notification email contains basic info of each quarantined email:
|
2016-04-03 08:20:59 -05:00
|
|
|
|
2017-02-14 08:04:26 -06:00
|
|
|
* mail subject
|
|
|
|
* sender
|
|
|
|
* recipient
|
|
|
|
* spam level (score)
|
|
|
|
* mail arrived time
|
2016-04-03 08:20:59 -05:00
|
|
|
|
2017-02-14 08:04:26 -06:00
|
|
|
The notification email message is read from (HTML) template file
|
|
|
|
`tools/notify_quarantined_recipients.html`, if you want to modify it, please
|
2017-02-16 04:39:26 -06:00
|
|
|
copy it to `tools/notify_quarantined_recipients.html.custom` then modify it.
|
2017-02-14 08:04:26 -06:00
|
|
|
During upgrading iRedAdmin-Pro, this custom file will be copied to
|
|
|
|
new iRedAdmin-Pro directory, so you won't lose your customization.
|
|
|
|
|
|
|
|
Several parameters are required by this script in iRedAdmin-Pro config file:
|
2016-04-03 08:20:59 -05:00
|
|
|
|
|
|
|
```
|
2017-02-14 08:04:26 -06:00
|
|
|
# SMTP server address, port, username, password used to send notification mail.
|
|
|
|
NOTIFICATION_SMTP_SERVER = 'localhost'
|
|
|
|
NOTIFICATION_SMTP_PORT = 587
|
|
|
|
NOTIFICATION_SMTP_STARTTLS = True
|
|
|
|
NOTIFICATION_SMTP_USER = 'no-reply@localhost.local'
|
|
|
|
NOTIFICATION_SMTP_PASSWORD = ''
|
|
|
|
NOTIFICATION_SMTP_DEBUG_LEVEL = 0
|
|
|
|
|
|
|
|
# URL of your iRedAdmin-Pro login page which will be shown in notification
|
|
|
|
# email, so that user can login to manage quarantined emails.
|
|
|
|
# Sample: 'https://your_server.com/iredadmin/'
|
2017-02-14 08:23:57 -06:00
|
|
|
#
|
|
|
|
# Note: mail domain must have self-service enabled, otherwise normal
|
|
|
|
# mail user cannot login to iRedAdmin-Pro for self-service.
|
2017-02-14 08:04:26 -06:00
|
|
|
NOTIFICATION_URL_SELF_SERVICE = 'https://[your_server]/iredadmin/'
|
|
|
|
|
|
|
|
# Subject of notification email. Available placeholders:
|
|
|
|
# - %(total)d -- number of quarantined mails in total
|
|
|
|
NOTIFICATION_QUARANTINE_MAIL_SUBJECT = '[Attention] You have %(total)d emails quarantined and not delivered to mailbox'
|
2016-04-03 08:20:59 -05:00
|
|
|
```
|
|
|
|
|
2017-02-14 08:04:26 -06:00
|
|
|
To notify user periodly, please add a cron job for root user to run
|
|
|
|
`tools/notify_quarantined_recipients.py`. For example, every 6 hours ('6 hours'
|
|
|
|
is just an example, the period is totally up to you):
|
2016-04-03 08:20:59 -05:00
|
|
|
|
|
|
|
```
|
2017-02-14 08:04:26 -06:00
|
|
|
1 */6 * * * /usr/bin/python /var/www/iredadmin/tools/notify_quarantined_recipients.py --force-all >/dev/null
|
2016-04-03 08:20:59 -05:00
|
|
|
```
|
|
|
|
|
|
|
|
Don't forget to use the correct path to `notify_quarantined_recipients.py` on your server.
|
|
|
|
|
2017-02-14 08:04:26 -06:00
|
|
|
You can also run this script manually to notify users. for example,
|
|
|
|
on RHEL/CentOS:
|
2016-04-03 08:20:59 -05:00
|
|
|
|
|
|
|
```
|
|
|
|
cd /var/www/iredadmin/tools/
|
2017-02-14 08:04:26 -06:00
|
|
|
python notify_quarantined_recipients.py --force-all
|
2016-04-03 08:20:59 -05:00
|
|
|
```
|
|
|
|
|
2017-02-14 08:04:26 -06:00
|
|
|
`notify_quarantined_recipients.py` supports few arguments:
|
|
|
|
|
|
|
|
Argument | Comment
|
|
|
|
---|---
|
|
|
|
`--force-all` | Send notification to all users which have email quarantined
|
|
|
|
`--force-all-time` | Notify users for their all quarantined emails instead of just new ones since last notification.
|
|
|
|
`--notify-backupmx` | Send notification to all recipients under backup mx domain
|
|
|
|
|
2014-09-26 10:25:47 -05:00
|
|
|
## Quarantine clean emails
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2015-06-09 09:55:45 -05:00
|
|
|
Note: If you just want to quarantine clean emails sent from/to certain local
|
|
|
|
user, please refer to this document instead:
|
|
|
|
[Quarantine clean emails sent from/to certain local user](./quarantine.clean.mails.per-user.html)
|
|
|
|
|
2014-09-26 10:25:47 -05:00
|
|
|
If you want to quarantine clean emails into SQL database for further approval
|
2014-10-10 10:51:42 -05:00
|
|
|
or whatever reason, please follow below steps:
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2014-10-10 10:56:19 -05:00
|
|
|
* Update below parameters in Amavisd config file `amavisd.conf`:
|
2014-09-26 10:25:47 -05:00
|
|
|
|
|
|
|
```perl
|
|
|
|
$clean_quarantine_method = 'sql:';
|
|
|
|
$clean_quarantine_to = 'clean-quarantine';
|
|
|
|
```
|
|
|
|
|
2016-01-12 01:48:10 -06:00
|
|
|
* Find policy bank `ORIGINATING`, append two lines in this policy bank:
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2014-09-26 10:25:47 -05:00
|
|
|
```perl
|
2016-01-12 01:48:10 -06:00
|
|
|
$policy_bank{'ORIGINATING'} = {
|
2014-09-26 10:25:47 -05:00
|
|
|
...
|
|
|
|
clean_quarantine_method => 'sql:',
|
|
|
|
final_destiny_by_ccat => {CC_CLEAN, D_DISCARD},
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
2014-10-10 10:56:19 -05:00
|
|
|
* Restart Amavisd service.
|
2014-09-26 10:25:47 -05:00
|
|
|
|
|
|
|
Now all clean emails sent by your mail users will be quarantined into SQL
|
|
|
|
database.
|
|
|
|
|
|
|
|
## Screenshots
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2014-09-26 10:25:47 -05:00
|
|
|
* View quarantined mails:
|
2014-09-26 10:31:30 -05:00
|
|
|
|
2017-10-28 00:38:13 -05:00
|
|
|
![](./images/iredadmin/system_maillog_quarantined.png)
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2014-09-26 10:25:47 -05:00
|
|
|
* Expand quarantined mail to view mail body and headers.
|
2014-09-26 03:02:55 -05:00
|
|
|
|
2017-10-28 00:38:13 -05:00
|
|
|
![](./images/iredadmin/system_maillog_quarantined_expanded.png)
|