This tutorial is available in other languages. Help translate more
Italiano /
Since iRedMail-0.7.0
, quarantining related settings in Amavisd are configured
by iRedMail but disabled by default, you can easily enable quarantining with
this tutorial.
With below steps, Virus/Spam/Banned emails will be quarantined into SQL database. You can then manage quarantined emails with iRedAdmin-Pro.
Edit Amavisd config file, find below settings and update them. If it doesn't exist, please add them.
/etc/amavisd/amavisd.conf
or /etc/amavisd.conf
./etc/amavis/conf.d/50-user
./usr/local/etc/amavisd.conf
./etc/amavisd.conf
.# Part of file: /etc/amavisd/amavisd.conf
# Change values of below parameters to D_DISCARD.
# Detected spams/virus/banned messages will not be delivered to user's mailbox.
$final_virus_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_bad_header_destiny = D_DISCARD;
# Quarantine SPAM into SQL server.
$spam_quarantine_to = 'spam-quarantine';
$spam_quarantine_method = 'sql:';
# Quarantine VIRUS into SQL server.
$virus_quarantine_to = 'virus-quarantine';
$virus_quarantine_method = 'sql:';
# Quarantine BANNED message into SQL server.
$banned_quarantine_to = 'banned-quarantine';
$banned_files_quarantine_method = 'sql:';
# Quarantine Bad Header message into SQL server.
$bad_header_quarantine_method = 'sql:';
$bad_header_quarantine_to = 'bad-header-quarantine';
Also, make sure you have below lines configured in same config file:
# For MySQL/MariaDB/OpenLDAP backends
@storage_sql_dsn = (
['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'password'],
);
# For PostgreSQL
#@storage_sql_dsn = (
# ['DBI:Pg:database=amavisd;host=127.0.0.1;port=5432', 'amavisd', 'password'],
#);
Restarting amavisd service is required.
Update iRedAdmin-Pro config file, make sure you have correct settings for Amavisd:
/var/www/iredadmin/settings.py
./opt/www/iredadmin/settings.py
or /usr/share/apache2/iredadmin/settings.py
./usr/local/www/iredadmin/settings.py
./var/www/iredadmin/settings.py
.# File: settings.py
amavisd_db_host = '127.0.0.1'
amavisd_db_port = 3306
amavisd_db_name = 'amavisd'
amavisd_db_user = 'amavisd'
amavisd_db_password = 'password'
# Log basic info of inbound/outbound, no mail body stored.
amavisd_enable_logging = True
# Quarantining management
amavisd_enable_quarantine = True
amavisd_quarantine_port = 9998
# Per-recipient policy lookup
amavisd_enable_policy_lookup = True
Restarting Apache web server or uwsgi
service (if you're running Nginx as
web server) is required.
You can now login to iRedAdmin-Pro, and manage quarantined messages via menu
System -> Quarantined Mails
. Choose action in drop-down menu list to release
or delete them.
Screenshots attached at the bottom.
Note
This feature requires you to enable self-service for mail domain -- you can enable it in domain profile page.
iRedAdmin-Pro ships a script you can run to notify users about quarantined
mails: tools/notify_quarantined_recipients.py
.
The notification email is read from template file
tools/notify_quarantined_recipients.html
, you're free to modify it to match
your needs. (don't forget to backup it before upgrading iRedAdmin-Pro.)
The notification email will show the link of iRedAdmin-Pro so that users can click it and login to manage quarantined mails. You must change the URL by adding below parameter with proper URL in iRedAdmin-Pro config file:
NOTIFICATION_IREDADMIN_URL = 'https://[your_server]/iredadmin/'
To notify user, please add a cron job to run
tools/notify_quarantined_recipients.py
. for example, every 6 hours:
1 */12 * * * python /path/to/tools/notify_quarantined_recipients.py >/dev/null
Don't forget to use the correct path to notify_quarantined_recipients.py
on your server.
You can also run this script manually to notify users. for example, on RHEL/CentOS:
cd /var/www/iredadmin/tools/
python notify_quarantined_recipients.py
Note: If you just want to quarantine clean emails sent from/to certain local user, please refer to this document instead: Quarantine clean emails sent from/to certain local user
If you want to quarantine clean emails into SQL database for further approval or whatever reason, please follow below steps:
amavisd.conf
:$clean_quarantine_method = 'sql:';
$clean_quarantine_to = 'clean-quarantine';
ORIGINATING
, append two lines in this policy bank:$policy_bank{'ORIGINATING'} = {
...
clean_quarantine_method => 'sql:',
final_destiny_by_ccat => {CC_CLEAN, D_DISCARD},
}
Now all clean emails sent by your mail users will be quarantined into SQL database.