Since iRedMail-0.7.0
, quarantining related settings in Amavisd are configured
by iRedMail but disabled by default, you can easily enable quarantining with
this tutorial.
With below steps, Virus/Spam/Banned emails will be quarantined into SQL database. You can then manage quarantined emails with iRedAdmin-Pro.
Edit Amavisd config file, find below settings and update them. If it doesn't exist, please add them.
/etc/amavisd/amavisd.conf
or /etc/amavisd.conf
./etc/amavis/conf.d/50-user
./usr/local/etc/amavisd.conf
./etc/amavisd.conf
.# Part of file: /etc/amavisd/amavisd.conf
# Change values of below parameters to D_DISCARD.
# Detected spams/virus/banned messages will not be delivered to user's mailbox.
$final_virus_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_bad_header_destiny = D_DISCARD;
# Quarantine SPAM into SQL server.
$spam_quarantine_to = 'spam-quarantine';
$spam_quarantine_method = 'sql:';
# Quarantine VIRUS into SQL server.
$virus_quarantine_to = 'virus-quarantine';
$virus_quarantine_method = 'sql:';
# Quarantine BANNED message into SQL server.
$banned_quarantine_to = 'banned-quarantine';
$banned_files_quarantine_method = 'sql:';
# Quarantine Bad Header message into SQL server.
$bad_header_quarantine_method = 'sql:';
$bad_header_quarantine_to = 'bad-header-quarantine';
Also, make sure you have below lines configured in same config file:
# For MySQL/MariaDB/OpenLDAP backends
@storage_sql_dsn = (
['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'password'],
);
# For PostgreSQL
#@storage_sql_dsn = (
# ['DBI:Pg:database=amavisd;host=127.0.0.1;port=5432', 'amavisd', 'password'],
#);
Restarting amavisd service is required.
Update iRedAdmin-Pro config file, make sure you have correct settings for Amavisd:
/var/www/iredadmin/settings.py
./opt/www/iredadmin/settings.py
or /usr/share/apache2/iredadmin/settings.py
./usr/local/www/iredadmin/settings.py
./var/www/iredadmin/settings.py
.# File: settings.py
amavisd_db_host = '127.0.0.1'
amavisd_db_port = 3306
amavisd_db_name = 'amavisd'
amavisd_db_user = 'amavisd'
amavisd_db_password = 'password'
# Log basic info of inbound/outbound, no mail body stored.
amavisd_enable_logging = True
# Quarantining management
amavisd_enable_quarantine = True
amavisd_quarantine_port = 9998
# Per-recipient policy lookup
amavisd_enable_policy_lookup = True
Restarting Apache web server or uwsgi
service (if you're running Nginx as
web server) is required.
You can now login to iRedAdmin-Pro, and manage quarantined messages via menu
System -> Quarantined Mails
. Choose action in drop-down menu list to release
or delete them.
Screenshots attached at the bottom.
Note
This feature requires you to enable self-service for mail domain -- you can enable it in domain profile page.
iRedAdmin-Pro ships a script you can run to notify users about quarantined
mails: tools/notify_quarantined_recipients.py
.
The notification email is read from template file
tools/notify_quarantined_recipients.html
, you're free to modify it to match
your needs. (don't forget to backup it before upgrading iRedAdmin-Pro.)
The notification email will show the link of iRedAdmin-Pro so that users can click it and login to manage quarantined mails. You must change the URL by adding below parameter with proper URL in iRedAdmin-Pro config file:
NOTIFICATION_IREDADMIN_URL = 'https://[your_server]/iredadmin/'
To notify user, please add a cron job to run
tools/notify_quarantined_recipients.py
. for example, every 6 hours:
1 */12 * * * python /path/to/tools/notify_quarantined_recipients.py >/dev/null
Don't forget to use the correct path to notify_quarantined_recipients.py
on your server.
You can also run this script manually to notify users. for example, on RHEL/CentOS:
cd /var/www/iredadmin/tools/
python notify_quarantined_recipients.py
Note: If you just want to quarantine clean emails sent from/to certain local user, please refer to this document instead: Quarantine clean emails sent from/to certain local user
If you want to quarantine clean emails into SQL database for further approval or whatever reason, please follow below steps:
amavisd.conf
:$clean_quarantine_method = 'sql:';
$clean_quarantine_to = 'clean-quarantine';
ORIGINATING
, append two lines in this policy bank:$policy_bank{'ORIGINATING'} = {
...
clean_quarantine_method => 'sql:',
final_destiny_by_ccat => {CC_CLEAN, D_DISCARD},
}
Now all clean emails sent by your mail users will be quarantined into SQL database.
All documents are available in BitBucket repository, and published under Creative Commons license. If you found something wrong, please do contact us to fix it.