Problem med Maia Mailguard

use strict;

$max_servers = 4;             # number of pre-forked children (2..15 is common)
$daemon_user  = 'vscan';     # (no default;  customary: vscan or amavis)
$daemon_group = 'vscan';     # (no default;  customary: vscan or amavis)

$sa_timeout = 60;             # give SpamAssassin time (in seconds) to do its work

$mydomain = 'exempel.se'; # a convenient default for other settings

$MYHOME   = '/var/amavis';   # a convenient default for other settings
$TEMPBASE = "$MYHOME/tmp";    # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE;     # environment variable TMPDIR
$QUARANTINEDIR = '/var/virusmails';

# Blowfish encryption key file (optional)
# NOTE: leave this commented out to disable encryption features
# $key_file = "$MYHOME/maia.key";

# $daemon_chroot_dir = $MYHOME;   # chroot directory or undef

$db_home   = "$MYHOME/db";
$helpers_home = "$MYHOME/var";  # prefer $MYHOME clean and owned by root?
$pid_file  = "/var/amavis/amavisd.pid";
$lock_file = "/var/amavis/amavisd.lock";
#NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually

# NOTE:  most _maps variables are depreciated in Maia, and may not work, since this
# should be defined in the web interface
#@local_domains_maps = ( [".$mydomain"] );
# @mynetworks = qw( 127.0.0.0/8 );

# Access control list - restricts the hosts allowed to connect to amavisd-maia
# NOTE: this setting is unnecessary for most installations, as amavisd-maia's
#       defaults are usually adequate.
# @inet_acl = qw( 127.0.0.1 );

$log_level = 0;              # verbosity 0..5
$log_recip_templ = undef;    # disable by-recipient level-0 log entries
$LOGFILE = "$MYHOME/amavis.log";
$DO_SYSLOG = 1;              # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';

$enable_db = 0;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1

$inet_socket_port = 10024;   # listen on this local TCP port(s) (see $protocol)

$sa_tag_level_deflt  = 0.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.0;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 8.0;  # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent

$sa_mail_body_size_limit = 256*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?
$sa_auto_whitelist = 0;      # turn on AWL in SA 2.63 or older (irrelevant
                             # for SA 3.0, cf option is 'use_auto_whitelist')

$sa_spam_subject_tag = '[SPAM] ';

# Database connection string
@lookup_sql_dsn = ( ['DBI:mysql:maia:localhost', 'maia', '************'] );

$virus_admin               = undef;  # notifications recip.
$mailfrom_notify_admin     = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_recip     = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

@addr_extension_virus_maps      = ('virus');
@addr_extension_spam_maps       = ('spam');
@addr_extension_banned_maps     = ('banned');
@addr_extension_bad_header_maps = ('badh');
# $recipient_delimiter = '+';  # undef disables address extensions altogether
# when enabling addr extensions do also Postfix/main.cf: recipient_delimiter=+
$recipient_delimiter = undef;

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file        = '/usr/bin/file';   # file(1) utility; use recent versions
$gzip        = 'gzip';
$bzip2       = 'bzip2';
$lzop        = 'lzop';
$rpm2cpio    = ['rpm2cpio.pl','rpm2cpio'];
$cabextract  = 'cabextract';
$uncompress  = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze    = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc         = ['nomarch', 'arc'];
$unarj       = ['arj', 'unarj'];
#$unrar      = ['rar', 'unrar'];
$zoo         = 'zoo';
$lha         = 'lha';
$cpio        = ['gcpio','cpio'];
$ar          = 'ar';
$dspam       = 'dspam';

$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)

$sa_spam_subject_tag = '[SPAM] ';
$defang_virus  = 1;  # MIME-wrap passed infected mail
$defang_banned = 1;  # MIME-wrap passed mail containing banned name

$myhostname = 'skxawng.lu';  # must be a fully-qualified domain name!

$notify_method  = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';

$final_virus_destiny      = D_DISCARD;
$final_banned_destiny     = D_DISCARD;
$final_spam_destiny       = D_DISCARD;
$final_bad_header_destiny = D_DISCARD;

$X_HEADER_TAG = 'X-Virus-Scanned';
$X_HEADER_LINE = "Maia Mailguard 1.0.2a";

@viruses_that_fake_sender_maps = (new_RE(
  [qr'\bEICAR\b'i => 0],            # av test pattern name
  [qr'^(WM97|OF97|Joke\.)'i => 0],  # adjust names to match your AV scanner
  [qr/.*/ => 1],  # true for everything else
));

@keep_decoded_original_maps = (new_RE(
# qr'^MAIL$',   # retain full original message for virus checking (can be slow)
  qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
# qr'^Zip archive data',     # don't trust Archive::Zip
));

$banned_filename_re = new_RE(
# qr'^UNDECIPHERABLE$',  # is or contains any undecipherable components

  # block certain double extensions anywhere in the base name
  qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,

# qr'[{}]',      # curly braces in names (serve as Class ID extensions - CLSID)

  qr'^application/x-msdownload$'i,                  # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,
  qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME types

# [ qr'^\.(Z|gz|bz2)$'           => 0 ],  # allow any type in Unix-compressed
# [ qr'^\.(rpm|cpio|tar)$'       => 0 ],  # allow any type in Unix archives
# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ],  # allow any type within such archives

# qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
  qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|exe|fxp|hlp|hta|inf|ins|isp|
         js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|ops|pcd|pif|prg|
         reg|scr|sct|shb|shs|vb|vbe|vbs|wsc|wsf|wsh)$'ix,  # banned ext - long

# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i,  # banned extension - WinZip vulnerab.

  qr'^\.(exe-ms)$',                       # banned file(1) types
  qr'^\.(exe|lha|cab|dll)$',              # banned file(1) types
);

@score_sender_maps = ({});  # should be empty if using Maia Mailguard

# See https://secure.renaissoft.com/maia/wiki/VirusScannerConfig
# for more virus scanner definitions.
@av_scanners = (

### http://www.clamav.net/
['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/amavisd/clamd.sock"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# NOTE: run clamd under the same user as amavisd;  match the socket
# name (LocalSocket) in clamav.conf to the socket name in this entry
# When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"],

);

# See http://www.maiamailguard.com/maia/wiki/VirusScannerConfig
# for more virus scanner definitions.
@av_scanners_backup = (

### http://www.clamav.net/   - backs up clamd or Mail::ClamAV
['ClamAV-clamscan', 'clamscan',
    "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

);

1;  # insure a defined return

###################################################################
#           Maia Mailguard Script Configuration File              #
#                                                                 #
# This file (/usr/local/etc/maia.conf) contains configuration information   #
# used by Maia Mailguard's Perl maintenance scripts.              #
###################################################################

# Configure your Maia database DSN here
$dsn = "dbi:mysql:maia:localhost:3306";

# Your Maia database user's login name
$username = "maia";

# Your Maia database user's password
$password = "*************";

# The directory where Maia's Perl scripts can be found.
$script_dir = "/var/amavis/maia/scripts";


### load-sa-rules.pl

# The load-sa-rules script tries to find certain important rules
# directories on its own, and usually it does a pretty good job,
# but if it fails to find your rules directories, you can tell it
# explicitly where to look by overriding the search here.  Setting
# these to "undef" tells load-sa-rules to find the directories
# on its own (recommended).

# The directory where SpamAssassin's local.cf file can be found.
#$local_cf_dir = "/etc/mail/spamassassin";
$local_cf_dir = "/usr/local/etc/mail/spamassassin";  # default: let the script find it

# The directory where SpamAssassin's core rules can be found.
# If you wish to specify the directory yourself, you can use the
# %%VERSION%% macro to replace the actual SpamAssassin version number.
#$system_rules_dir = "/usr/share/spamassassin";
#$system_rules_dir = "/var/lib/spamassassin/%%VERSION%%";  # sa-update
$system_rules_dir = "/usr/local/share/spamassassin";  # default: let the script find it

# The directory where your amavis user's user_prefs file can be found.
#$user_rules_dir = "/var/amavisd/.spamassassin";
#$user_rules_dur = "~/.spamassassin";
$user_rules_dir = "/var/amavis/.spamassassin";  # default: let the script find it


### process-quarantine.pl

# Location to write the lock/PID file (must be writeable by your
# amavis user)
$pid_file = "/var/amavis/.process-quarantine.pid";

# Maximum number of spam/non-spam items to process at a time (1-127).
$default_limit = 20;

# Location of your encryption key file, or undef to disable
#$key_file = "/var/amavisd/blowfish.key";
#$key_file = "/var/amavisd/maia.key";
$key_file = undef;

# Items larger than this size (in bytes) will not be learned/reported.
$default_max_size = 256*1024;

# Train the Bayes database?
#    0 = no
#    1 = yes (same as --learn)
$learning_options = 1;

# Reporting options (add values together as desired):
#    0 = none (don't report spam)
#    1 = report to Razor
#    2 = report to Pyzor
#    4 = report to DCC
#    8 = report to SpamCop
#$report_options = 0;
$report_options = 1 + 2 + 4 + 8;


### expire-quarantine-cache.pl

# Mail types to expire (add values together as desired):
#    0 = none (don't expire anything)
#    1 = expire Suspected Non-Spam
#    2 = expire Suspected Spam
#    4 = expire Viruses/Malware
#    8 = expire items with Invalid Mail Headers
#   16 = expire items with Banned File Attachments
#   32 = expire Confirmed Non-Spam
#   64 = expire Confirmed Spam
$mail_types = 1 + 2 + 4 + 8 + 16;


### send-quarantine-digests.pl

# Base URL to Maia's PHP scripts
$base_url = "https://exempel.se/maia/";

# Template directory
$template_dir = "/var/amavis/maia/templates/";

# How you want the sorted (choose one per cache type)
# (note: non spam/ham caches don't have score to sort by)
# options are:
# %sort = "score DIRECTION"
#       = "received_date DIRECTION"
#       = "recipient_id DIRECTION"
# Where DIRECTION is ASC or DESC
%sort = (
            'ham'   => "score DESC",  # puts the high scores at the top
            'spam'  => "score ASC",   # puts the low scroes at the top
            'virus' => "received_date DESC",
            'banned_file' => "received_date DESC",
            'bad_header'  => "received_date DESC",
);

# Heading titles for each section of the digest report
$titles = { 'spam'        =>  "Spam Quarantine",
            'virus'       =>  "Virus Quarantine",
            'banned_file' =>  "Banned File Attachments",
            'bad_header'  =>  "Invalid Email Headers",
            'ham'         =>  "Delivered Email"
};

# The order of the sections of the digest report
# Valid elements are 'spam', 'ham', 'virus', banned_file', and 'bad_header'
# Omit any of these elements to leave them out of the report

@report_order = ('spam','ham','virus','banned_file','bad_header');

# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
###########################################################################

loadplugin     Mail::SpamAssassin::Plugin::AWL

#   Add *****SPAM***** to the Subject header of spam e-mails
#
rewrite_header Subject [SPAM]

always_add_headers 1
always_add_report 1
spam_level_stars 1
spam_level_char *

#   Save spam messages as a message/rfc822 MIME attachment instead of
#   modifying the original message (0: off, 2: use text/plain instead)
#
# report_safe 1


#   Set which networks or hosts are considered 'trusted' by your mail
#   server (i.e. not spammers)
#
# trusted_networks 212.17.35.


#   Set file-locking method (flock is not safe over NFS, but is faster)
#
# lock_method flock


#   Set the threshold at which a message is considered spam (default: 5.0)
#
required_score 5.0


#   Use Bayesian classifier (default: 1)
#
use_bayes 1


#   Bayesian classifier auto-learning (default: 1)
#
bayes_auto_learn 1


use_auto_whitelist 1

#   Set headers which may provide inappropriate cues to the Bayesian
#   classifier
#
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status


#   Some shortcircuiting, if the plugin is enabled
#
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
#   default: strongly-whitelisted mails are *really* whitelisted now, if the
#   shortcircuiting plugin is active, causing early exit to save CPU load.
#   Uncomment to turn this on
#
# shortcircuit USER_IN_WHITELIST       on
# shortcircuit USER_IN_DEF_WHITELIST   on
# shortcircuit USER_IN_ALL_SPAM_TO     on
# shortcircuit SUBJECT_IN_WHITELIST    on

#   the opposite; blacklisted mails can also save CPU
#
# shortcircuit USER_IN_BLACKLIST       on
# shortcircuit USER_IN_BLACKLIST_TO    on
# shortcircuit SUBJECT_IN_BLACKLIST    on

#   if you have taken the time to correctly specify your "trusted_networks",
#   this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED             on

#   and a well-trained bayes DB can save running rules, too
#
#shortcircuit BAYES_99                spam
#shortcircuit BAYES_00                ham

endif # Mail::SpamAssassin::Plugin::Shortcircuit

user_scores_dsn                 DBI:mysql:maia:localhost
user_scores_sql_username        maia
user_scores_sql_password        *************
user_scores_sql_custom_query    SELECT preference, value FROM userpref WHERE username = _USERNAME_ OR username = '$GLOBAL' OR username = CONCAT('%',_DOMAIN_) ORDER BY username ASC

auto_whitelist_factory          Mail::SpamAssassin::SQLBasedAddrList
user_awl_dsn                    DBI:mysql:maia:localhost
user_awl_sql_username           maia
user_awl_sql_password           *************
user_awl_sql_table              awl

bayes_store_module              Mail::SpamAssassin::BayesStore::MySQL
bayes_sql_dsn                   DBI:mysql:maia:localhost
bayes_sql_username              maia
bayes_sql_password              *************