From aefbd9552cf5fd9f72844b15975632475a89d919 Mon Sep 17 00:00:00 2001 From: Florent Daigniere Date: Fri, 10 Nov 2023 12:00:29 +0100 Subject: [PATCH] fix clamav handling --- core/admin/mailu/internal/templates/default.sieve | 5 ----- core/rspamd/conf/force_actions.conf | 10 ++++++++++ towncrier/newsfragments/3048.bugfix | 1 + 3 files changed, 11 insertions(+), 5 deletions(-) create mode 100644 towncrier/newsfragments/3048.bugfix diff --git a/core/admin/mailu/internal/templates/default.sieve b/core/admin/mailu/internal/templates/default.sieve index c1772c2e..0e97c067 100644 --- a/core/admin/mailu/internal/templates/default.sieve +++ b/core/admin/mailu/internal/templates/default.sieve @@ -29,11 +29,6 @@ if spamtest :percent :value "gt" :comparator "i;ascii-numeric" "{{ user.spam_thr } {% endif %} -if exists "X-Virus" { - discard; - stop; -} - {% if user.reply_active %} if not address :localpart :contains ["From","Reply-To"] ["noreply","no-reply"]{ vacation :days 1 {% if user.displayed_name != "" %}:from "{{ user.displayed_name }} <{{ user.email }}>"{% endif %} :subject "{{ user.reply_subject }}" "{{ user.reply_body }}"; diff --git a/core/rspamd/conf/force_actions.conf b/core/rspamd/conf/force_actions.conf index b72a8a0c..b322b8bd 100644 --- a/core/rspamd/conf/force_actions.conf +++ b/core/rspamd/conf/force_actions.conf @@ -14,5 +14,15 @@ rules { expression = "!IS_LOCALLY_GENERATED & !MAILLIST & BLACKLIST_ANTISPOOF"; message = "Rejected (anti-spoofing: auth-failed)"; } + ANTIVIRUS_FLAGGED { + action = "reject"; + expression = "CLAM_VIRUS"; + message = "Rejected (anti-virus)"; + } + ANTIVIRUS_FAILED { + action = "soft-reject"; + expression = "CLAM_VIRUS_FAIL | OLETOOLS_FAIL"; + message = "Please retry later (anti-virus/oletools)"; + } } .include(try=true,priority=1,duplicate=merge) "/overrides/force_actions.conf" diff --git a/towncrier/newsfragments/3048.bugfix b/towncrier/newsfragments/3048.bugfix new file mode 100644 index 00000000..0bc83bbb --- /dev/null +++ b/towncrier/newsfragments/3048.bugfix @@ -0,0 +1 @@ +Ensure that we do not silently discard PUAs flagged by clamav. Instead we will reject emails.