Mail 2.0 bombing
I have a new G5 iMac w/ iSight and last night when I downloaded my emails Mail 2.0 hung up part way through the download. Since then I have been able to download my mail on my iBook but on my G5 iMac it still hangs, most but not always at the same place, and shows multiple downloads of the same email, displaying it maybe 8 times and marking one as unread. About half the time when I go to delete these spurious emails, they will delete only to reappear when I go back to the Inbox. Mail will not close without using Force Quit either. Am I looking at a reinstall and is it easy to save all my mail if I have to?
I am pretty lost at this point.
I saw this from previous post, maybe it will help: (I think what he means by "those that remain on server will be downloaded again" means any messages there will finally download for last time, and not keep downloading to IN box.)
The following was posted on Apple Discussions.
On Tue Dec 20 13:12:37 PST 2005, Allan Sampson wrote:
Subject: Re: Messages not deleted from server
For POP type accounts, there is a MessageUidsAlreadyDownloaded file within each POP account named folder which may have some corruption in this case.
Quit Mail first and using the Finder, go to Home > Library > Mail > this account named folder (named by the user name and incoming mail server for the account) > MessageUidsAlreadyDownloaded. Delete this file and empty the Trash.Launch Mail and if successful, any previously downloaded messages that remain on the server will be downloaded again.
iMac G4 Mac OS X (10.4.3)
Similar Messages
-
Re: Bluetooth missing | HP ENVY 15-j026tx | Windows 8.1
Poof! No Bluetooth! Here yesterday, gone today!
I'm having the same problem with an Envy 17 T J 100 laptop ...
Bluetooth hardware just disappeared after (I think?) a certain Windows update. Have gone on-line with support chat, they instructed to un-install then re-install networking and bluetooth drivers, tried them ALL and didn't get any benefit. The BIOS does not recognize that the Bluetooth radio-transmitter EXISTS in this computer. It's as though a gnome came over to my house in the middle of the night, unscrewed the bottom of the thing, crawled around on the inside, removed the bluetooth-transmitting hardware, and replaced it with a wad of styrofoam.
I KNOW there's Bluetooth inside the thing -- the specs say so; the order sheet confirms that I paid for it; I have used it before. I don't know when it went out, but when I tried to use it yesterday, it wasn't there. My local area had a problem with internet because of a rainstorm, so I thought I would tether my cell-phone and its data (via cellular tower) to my laptop for a bit, see how that goes, but when I got the phone and the laptop near each other I noticed, WHAT?!! NO BLUETOOTH ANY MORE? BUT WHY?
And I'm pretty sure it is a Windows update, and HP incompatibilities, that are the culprit. Nothing yet from the HP programmers or from Windows. It has something to do with power-management, maybe. But because I can't get ANY of the software to ADMIT that the hardware EXISTS, there's no way to force-on the power to the hardware.
BLUETOOTH IS GONE. FIX PLEASE. thanks.
This question was solved.
View Solution.Rules
To ensure a safe and productive forum, we ask that you observe these rules:
1. Be respectful. Respect your fellow users by keeping your tone positive and your comments constructive. Good or bad, your experiences are always welcome as long as they are offered in a courteous way. Respect people's time and attention by providing complete information about your question or problem, including product name and model number. People like helping those who ask good questions
2. Be relevant. Make sure your contributions are relevant to this forum and to the specific category or board where you post. If you have a new question, start a new thread rather than interrupting a conversation. Solicitations inviting members to join, participate in, or buy something are never relevant.
3. Obey the law and keep your word. Don't post anything that would violate any law, or any contractual agreement that you have made.
4. Protect privacy - yours and others'. Don't share anything about yourself that you would not want to see on a road-side billboard. Don't post contact or other personal information-your own or anyone else's-or any content that you receive in one-to-one communications without the author's consent. For example, don’t post your computer’s serial # or contact information publically, and do not allow someone you don’t know to remotely take control of your computer.
5. Remember this is user-generated content. You'll find plenty of good advice here, but remember that your situation, configuration, or use may vary from that of the individual sharing a solution. Some advice you find here may even be wrong. Apply the same good judgment here that you would apply to information anywhere on the Internet.
6. Think before you post: You may not use, or allow others to use, your registration membership to post or transmit the following:
a. "Rants", "slams", or legal threats against HP, another company or any person.
b. Political statements or commentary.
c. Off-topic comments not related to a technical or usage issue regarding an HP product.
d. Language that promotes illegal activity or discusses illegal activities with the intent to commit them.
e. Duplicate posts.
f. Hyperlinks that lead to sites that violate any of the forum guidelines.
g. Any message that solicits or promotes the use of an illegal substance.
h. If you are an HP employee you must identify yourself as one. You must always be clear that you speak for yourself only and not for HP, and follow HP policy.
7. Do no harm. You may not interfere in any way with the operations in the forum or with a fellow user's message box, including, but not limited to, mail or "post" bombing, news bombing, other flooding techniques, deliberate attempts to overload a system, broadcast attacks, or attempts to avoid messaging blocking.
8. Do not artificially inflate forum statistics. There are several statistics in place in the forum that are used to measure performance and overall health of the community. You may not purposely attempt to inflate a particular statistic in order to promote yourself in the community. For example, creating a duplicate account in order to acquire more kudos.
9. Cooperate with site moderators and administrators. You may not evade bans or suspensions or otherwise disregard directions from HP Support Forum moderators or administrators.
Thanks.
Please click “Accept as Solution ” if you feel my post solved your issue, it will help others find the solution.
Click the “Kudos, Thumbs Up" on the bottom to say “Thanks” for helping! -
Mail sent via other apps sits in Outbox and eventually bombs
Mail sent from other ipad apps sits in Outbox and eventually bombs after trying to send for some minutes - Mail app works fine by itself, problem just for the multiple apps that send links etc using Mail
After switching my Gmail account from IMAP to the Exchange setting the problem has disappeared. Was not how I had it set up in iOS 3
-
Brand new to the mac world (well after a 13 year break) and I am hoping that someone can help. I have recently purchased a mac mini for the (otherwise 100% windows) office and it is being blamed for bringing down our mail servers.
Long story short I have plugged it in and set up an account and installed xcode. I have not gone to any non-apple websites and did not connect to our domain.
Starting pretty much the same time as that setting up was going on, our network admin said that somewhere on our network a mail bomber virus started shooting off emails and then proceded to overwhelm our exchange server (taking advantage of some open relays on the network which should not be there...)
Since them, I have installed ClamAV and it found nothing.
My first question is, is there that will create an smtp server on a mac and then start spamming the heck out of the world that I may have turned on by mistake? I cannot think of anything that I may have done which even kind of points in that direction.
And, is ClamAV a good AV tool?
I can provide any more info that might be necessary, I am not sure what would be useful though other than it is a stock OSX 10.6 with nothing but xcode and now clam AV installed on it.There are no virus' that will run on a stock Mac running OS X. There have been a couple of trojan's reported over the years, but they are pretty obscur and mostly patched by just using the Software updates from Apple.
Not quite correct. Some of the trojans are not recognized by quarantine in Mac OS X and it's quite possible to download stuff via quarantine-unaware apps, thereby bypassing the protection built into the system. Those engaged in the kind of risky behavior that is most likely to lead to malware are also probably using apps that bypass quarantine.
The ClamAV tool can only find PC virus's on a Mac
Again, not true. ClamXav recognizes Mac malware in addition to Windows malware. I have not only had correspondence with people who have found Mac malware using ClamXav, but I have actually used it myself to detect an old bit of Mac malware.
All this is spelled out in my Mac Virus Guide. -
Mail bombs out within 30 secs of launching - how can I recover?
Get following report soon after launching mail - what can I do to recover? I can't access my past mail (I do have a back up from a week ago, but would prefer not to have to recover from that.
Fraser
Process: Mail [344]
Path: /Applications/Mail.app/Contents/MacOS/Mail
Identifier: com.apple.mail
Version: 4.4 (1082)
Build Info: Mail-10820000~1
Code Type: X86-64 (Native)
Parent Process: launchd [130]
Date/Time: 2011-02-27 15:22:16.282 +0000
OS Version: Mac OS X 10.6.6 (10J567)
Report Version: 6
Interval Since Last Report: 187012 sec
Crashes Since Last Report: 11
Per-App Interval Since Last Report: 181391 sec
Per-App Crashes Since Last Report: 6
Anonymous UUID: E9EA9559-C1AD-4E4E-91F5-EF38A418BF74Unfortunately, that did not solve the problem. I moved my com.apple.mail.plist file. Started mail and manually configured one of my mail accounts and within a minute or so of starting to download mail, it crashed with exactly the same error. I then repeated the procedure with another mail account incase it was due to a bad message in the first account - same error. I have a hunch that it might be a corruption in my addressbook - On Saturday night my mobile phone OS had an over the air upgrade. When I sync'd on Sunday (using standard apple sync) there were a lot of conflicts to be resolved and addressbook bombed out. Address book appears to be fine now but it is the only thing I can think of. Is there a way of launching mail without it attaching to the addressbook so I can try this theory out?
Any other ideas?
thanks, Fraser -
Not much more to add, other than this current and very interesting thread elsewhere:
http://www.google.co.uk/support/forum/p/gmail/thread?tid=3ed94668bd00125f&hl=en
I first picked out Firefox as being a common feature to the words "Error! Filename not specified." being added to e-mails (the thread talks about gmail, but I am finding it with Hotmail too) and other contributors note FF has suddenly started locking up unusually frequently. FF has always been stable for me with Hotmail until now - other (non-email) web sites are okay. I have McAfee Internet Security and Ad-Aware installed, both up-to-date and both show the PC to be clean. I've also updated all plugins etc - again, the problem persists.Okay, it's McAfee Site Advisor clashing with Firefox (I'm running FF v3.6.13). Disable McAfee Site Advisor by:
Firefox > Tools > Add-ons > Extensions > McAfee Site Advisor > Disable and re-start Firefox.
Stability returns to Firefox, Hotmail no longer locks up and no longer adds "Error! Filename not specified." and a bunch of grey squares to the end of sent e-mails.
Thanks to those at:
http://www.google.com/support/forum/p/gmail/thread?tid=7c144d837db89ac6 -
Mail bombing after updating mac
Getting the following message.
Mail quit unexpectedly
Click reopen to open the application again. Click Report to see more detailed information and send a report to Apple.
If I click ignore or reopen I get the same message.
Any suggestions on how to fixWhat did you do? I started having this same problem.
Process: Mail [1678]
Path: /Applications/Mail.app/Contents/MacOS/Mail
Identifier: com.apple.mail
Version: 4.4 (1082)
Build Info: Mail-10820000~1
Code Type: X86-64 (Native)
Parent Process: launchd [91]
Date/Time: 2010-11-13 00:56:25.454 -0800
OS Version: Mac OS X 10.6.5 (10H574)
Report Version: 6
Interval Since Last Report: 19252 sec
Crashes Since Last Report: 13
Per-App Interval Since Last Report: 122 sec
Per-App Crashes Since Last Report: 13
Anonymous UUID: 46684909-A657-40F5-B141-9871E357E0F2
Exception Type: EXCBADACCESS (SIGSEGV)
Exception Codes: KERNINVALIDADDRESS at 0x0000000000000000
Crashed Thread: 10 Dispatch queue: com.apple.root.default-priority
Application Specific Information:
-[IMAPAccount _fetchUnreadCountsCheckForNewMessages:]
-[IMAPMailboxSyncEngine _goWithMessagesIfNeeded:]
Thread 0: Dispatch queue: com.apple.main-thread
0 libSystem.B.dylib 0x00007fff805af2da machmsgtrap + 10
1 libSystem.B.dylib 0x00007fff805af94d mach_msg + 59
2 com.apple.CoreFoundation 0x00007fff83164932 __CFRunLoopRun + 1698
3 com.apple.CoreFoundation 0x00007fff83163dbf CFRunLoopRunSpecific + 575
4 com.apple.HIToolbox 0x00007fff8838091a RunCurrentEventLoopInMode + 333
5 com.apple.HIToolbox 0x00007fff8838071f ReceiveNextEventCommon + 310
6 com.apple.HIToolbox 0x00007fff883805d8 BlockUntilNextEventMatchingListInMode + 59
7 com.apple.AppKit 0x00007fff84bdee64 _DPSNextEvent + 718
8 com.apple.AppKit 0x00007fff84bde7a9 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 155
9 com.apple.AppKit 0x00007fff84ba448b -[NSApplication run] + 395
10 com.apple.AppKit 0x00007fff84b9d1a8 NSApplicationMain + 364
11 com.apple.mail 0x0000000100002598 0x100000000 + 9624
Thread 1: Dispatch queue: com.apple.libdispatch-manager
0 libSystem.B.dylib 0x00007fff805c816a kevent + 10
1 libSystem.B.dylib 0x00007fff805ca03d dispatch_mgrinvoke + 154
2 libSystem.B.dylib 0x00007fff805c9d14 dispatch_queueinvoke + 185
3 libSystem.B.dylib 0x00007fff805c983e dispatch_workerthread2 + 252
4 libSystem.B.dylib 0x00007fff805c9168 pthreadwqthread + 353
5 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 2:
0 libSystem.B.dylib 0x00007fff805af2da machmsgtrap + 10
1 libSystem.B.dylib 0x00007fff805af94d mach_msg + 59
2 com.apple.CoreFoundation 0x00007fff83164932 __CFRunLoopRun + 1698
3 com.apple.CoreFoundation 0x00007fff83163dbf CFRunLoopRunSpecific + 575
4 com.apple.Foundation 0x00007fff85c788e4 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 270
5 com.apple.Foundation 0x00007fff85c787c3 -[NSRunLoop(NSRunLoop) run] + 77
6 com.apple.MessageFramework 0x00007fff80fcf265 -[RSSInterchange _runManager] + 1445
7 com.apple.Foundation 0x00007fff85c3e0a5 _NSThread__main_ + 1429
8 libSystem.B.dylib 0x00007fff805e8536 pthreadstart + 331
9 libSystem.B.dylib 0x00007fff805e83e9 thread_start + 13
Thread 3:
0 libSystem.B.dylib 0x00007fff805c8f8a _workqkernreturn + 10
1 libSystem.B.dylib 0x00007fff805c939c pthreadwqthread + 917
2 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 4:
0 libSystem.B.dylib 0x00007fff805c8f8a _workqkernreturn + 10
1 libSystem.B.dylib 0x00007fff805c939c pthreadwqthread + 917
2 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 5:
0 libSystem.B.dylib 0x00007fff805af2da machmsgtrap + 10
1 libSystem.B.dylib 0x00007fff805af94d mach_msg + 59
2 com.apple.CoreFoundation 0x00007fff83164932 __CFRunLoopRun + 1698
3 com.apple.CoreFoundation 0x00007fff83163dbf CFRunLoopRunSpecific + 575
4 com.apple.Foundation 0x00007fff85c788e4 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 270
5 com.apple.Foundation 0x00007fff85c787c3 -[NSRunLoop(NSRunLoop) run] + 77
6 com.apple.MessageFramework 0x00007fff81001ef8 +[_NSSocket _runIOThread] + 78
7 com.apple.Foundation 0x00007fff85c3e0a5 _NSThread__main_ + 1429
8 libSystem.B.dylib 0x00007fff805e8536 pthreadstart + 331
9 libSystem.B.dylib 0x00007fff805e83e9 thread_start + 13
Thread 6:
0 libSystem.B.dylib 0x00007fff805c8f8a _workqkernreturn + 10
1 libSystem.B.dylib 0x00007fff805c939c pthreadwqthread + 917
2 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 7:
0 libSystem.B.dylib 0x00007fff805c8f8a _workqkernreturn + 10
1 libSystem.B.dylib 0x00007fff805c939c pthreadwqthread + 917
2 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 8:
0 libSystem.B.dylib 0x00007fff805c8f8a _workqkernreturn + 10
1 libSystem.B.dylib 0x00007fff805c939c pthreadwqthread + 917
2 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 9: com.apple.CFSocket.private
0 libSystem.B.dylib 0x00007fff805f2e92 select$DARWIN_EXTSN + 10
1 com.apple.CoreFoundation 0x00007fff83186498 __CFSocketManager + 824
2 libSystem.B.dylib 0x00007fff805e8536 pthreadstart + 331
3 libSystem.B.dylib 0x00007fff805e83e9 thread_start + 13
Thread 10 Crashed: Dispatch queue: com.apple.root.default-priority
0 libicucore.A.dylib 0x00007fff87f68591 ucnv_countAliases + 973
1 libicucore.A.dylib 0x00007fff87f6350d ucnv_flushCache + 1342
2 libicucore.A.dylib 0x00007fff87f5f889 ucnv_setSubstString + 1380
3 libicucore.A.dylib 0x00007fff87f64051 ucnv_swap + 2491
4 libicucore.A.dylib 0x00007fff87f642d1 ucnv_swap + 3131
5 ...apple.textencoding.japanese 0x00000001006f7722 ConverterPluginGetPluginDispatchTable + 590
6 ...ple.CoreServices.CarbonCore 0x00007fff824c5cb1 TECCreateConverter + 468
7 com.apple.MessageFramework 0x00007fff8102dc83 MFCreateStringWithData + 448
8 com.apple.MessageFramework 0x00007fff8102ccee _MFCreateStringFromHeaderBytes + 1027
9 com.apple.MessageFramework 0x00007fff8102c4e2 -[MessageHeaders _createHeaderValueForKey:offset:] + 367
10 com.apple.MessageFramework 0x00007fff8102c361 -[MessageHeaders firstHeaderForKey:] + 32
11 com.apple.MessageFramework 0x00007fff80ff6263 -[Message loadCachedHeaderValuesFromHeaders:type:] + 208
12 com.apple.MessageFramework 0x00007fff81020d89 _lockedHandleFetchResponse + 2874
13 com.apple.MessageFramework 0x00007fff8101b533 -[IMAPMailboxSyncEngine _unlockIfProcessedResponsesWithMonitor:] + 371
14 com.apple.MessageFramework 0x00007fff8101a3d3 -[IMAPMailboxSyncEngine _goWithMessages:] + 694
15 com.apple.MessageFramework 0x00007fff80fed8af -[LibraryIMAPStore openSynchronouslyUpdatingMetadata:withOptions:] + 343
16 com.apple.MessageFramework 0x00007fff80ffb884 -[LibraryIMAPStore _fetchForCheckingNewMail:] + 69
17 com.apple.MessageFramework 0x00007fff81054398 -[RemoteStoreAccount _synchronizeMailboxesSynchronously] + 512
18 com.apple.MessageFramework 0x00007fff81025a96 -[IMAPAccount _fetchUnreadCountsCheckForNewMessages:] + 947
19 com.apple.CoreFoundation 0x00007fff8319e96c _invoking__ + 140
20 com.apple.CoreFoundation 0x00007fff8319e83d -[NSInvocation invoke] + 141
21 com.apple.MessageFramework 0x00007fff80fd0bcd -[MonitoredInvocation invoke] + 214
22 com.apple.MessageFramework 0x00007fff80fb7bd5 -[ThrowingInvocationOperation main] + 31
23 com.apple.MessageFramework 0x00007fff80fb7515 -[_MFInvocationOperation main] + 275
24 com.apple.Foundation 0x00007fff85c66de4 -[__NSOperationInternal start] + 681
25 com.apple.Foundation 0x00007fff85d45beb __doStart2 + 97
26 libSystem.B.dylib 0x00007fff805eb2c4 dispatch_call_block_andrelease + 15
27 libSystem.B.dylib 0x00007fff805c9831 dispatch_workerthread2 + 239
28 libSystem.B.dylib 0x00007fff805c9168 pthreadwqthread + 353
29 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 11:
0 libSystem.B.dylib 0x00007fff805af33a semaphoretimedwait_signaltrap + 10
1 libSystem.B.dylib 0x00007fff805edcd2 pthread_condwait + 1015
2 ...apple.AddressBook.framework 0x00007fff82cdea5f -[ABRemoteImageLoader workLoop] + 304
3 com.apple.Foundation 0x00007fff85c3e0a5 _NSThread__main_ + 1429
4 libSystem.B.dylib 0x00007fff805e8536 pthreadstart + 331
5 libSystem.B.dylib 0x00007fff805e83e9 thread_start + 13
Thread 12:
0 libSystem.B.dylib 0x00007fff805c8f8a _workqkernreturn + 10
1 libSystem.B.dylib 0x00007fff805c939c pthreadwqthread + 917
2 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 13: Dispatch queue: com.apple.root.default-priority
0 libSystem.B.dylib 0x00007fff805af322 semaphorewait_signaltrap + 10
1 libSystem.B.dylib 0x00007fff805b496d pthreadmutexlock + 469
2 com.apple.MessageFramework 0x00007fff8101a7d5 -[IMAPMailboxSyncEngine _copyLibraryIMAPStore] + 38
3 com.apple.MessageFramework 0x00007fff8101a152 -[IMAPMailboxSyncEngine _goWithMessages:] + 53
4 com.apple.CoreFoundation 0x00007fff8319e96c _invoking__ + 140
5 com.apple.CoreFoundation 0x00007fff8319e83d -[NSInvocation invoke] + 141
6 com.apple.MessageFramework 0x00007fff80fd0bcd -[MonitoredInvocation invoke] + 214
7 com.apple.MessageFramework 0x00007fff80fb7bd5 -[ThrowingInvocationOperation main] + 31
8 com.apple.MessageFramework 0x00007fff80fb7515 -[_MFInvocationOperation main] + 275
9 com.apple.Foundation 0x00007fff85c66de4 -[__NSOperationInternal start] + 681
10 com.apple.Foundation 0x00007fff85d45beb __doStart2 + 97
11 libSystem.B.dylib 0x00007fff805eb2c4 dispatch_call_block_andrelease + 15
12 libSystem.B.dylib 0x00007fff805c9831 dispatch_workerthread2 + 239
13 libSystem.B.dylib 0x00007fff805c9168 pthreadwqthread + 353
14 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 14:
0 libSystem.B.dylib 0x00007fff805c8f8a _workqkernreturn + 10
1 libSystem.B.dylib 0x00007fff805c939c pthreadwqthread + 917
2 libSystem.B.dylib 0x00007fff805c9005 start_wqthread + 13
Thread 10 crashed with X86 Thread State (64-bit):
rax: 0x00000001021503ca rbx: 0x00000000000004c0 rcx: 0x0000000000000980 rdx: 0x0000000000000000
rdi: 0x0000000115fc2f40 rsi: 0x00000001021597ca rbp: 0x0000000115fc2fc0 rsp: 0x0000000115fc2f20
r8: 0x00007fff8805c260 r9: 0x0000000115fc2f40 r10: 0x000000000000000e r11: 0x0000000115fc30d3
r12: 0x00000000000004c0 r13: 0x0000000115fc2f40 r14: 0x00000000000004c2 r15: 0x00000000000004bf
rip: 0x00007fff87f68591 rfl: 0x0000000000010282 cr2: 0x0000000000000000
Binary Images:
0x100000000 - 0x100339fe7 com.apple.mail 4.4 (1082) <763137B8-964F-85F2-6C45-D084EFA66F7C> /Applications/Mail.app/Contents/MacOS/Mail
0x1006f6000 - 0x1006f9ff7 com.apple.textencoding.japanese 2.3 (2.3) <699BF592-00B6-74B3-4B8B-849D71573F75> /System/Library/TextEncodings/Japanese Encodings.bundle/Contents/MacOS/Japanese Encodings
0x114af4000 - 0x114af7fff com.apple.yahoo.syncframework 1.3 (51) <AEBB9A2D-B787-0C74-7C40-64E6F0BBF43C> /System/Library/PrivateFrameworks/YahooSync.framework/Versions/A/YahooSync
0x116230000 - 0x116243ff7 com.apple.AddressBook.LocalSourceBundle 1.0.3 (875) <45684043-4271-4EA2-4A8F-098CA3B4E4E1> /System/Library/Address Book Plug-Ins/LocalSource.sourcebundle/Contents/MacOS/LocalSource
0x116255000 - 0x11625bfff com.apple.AddressBook.LDAPSource 1.0.3 (875) <68B124CE-0F32-8398-939D-ABEBCAE6F505> /System/Library/Address Book Plug-Ins/LDAP.sourcebundle/Contents/MacOS/LDAP
0x1165c0000 - 0x1165e3fff com.apple.Mail.Syncer 4.4 (1082) <3F2655ED-A2A3-8497-F8B7-DF496D5650E6> /System/Library/Frameworks/Message.framework/Versions/B/Resources/Syncer.syncsc hema/Contents/MacOS/Syncer
0x116882000 - 0x1168d2fff com.apple.datadetectors.actions 2.1 (102.2) <975C840D-7290-67B9-F2D0-AB6982AD4A36> /System/Library/PrivateFrameworks/DataDetectors.framework/Versions/A/Resources/ Actions.datadetectors/Contents/MacOS/Actions
0x7fff5fc00000 - 0x7fff5fc3bdef dyld 132.1 (???) <B536F2F1-9DF1-3B6C-1C2C-9075EA219A06> /usr/lib/dyld
0x7fff80003000 - 0x7fff80026ff7 com.apple.iChat.IMFoundation 5.0.5 (747) <B4C34872-5157-27C0-37F2-77D11137BD8A> /System/Library/Frameworks/IMCore.framework/Frameworks/IMFoundation.framework/V ersions/A/IMFoundation
0x7fff80027000 - 0x7fff800b7fff com.apple.SearchKit 1.3.0 (1.3.0) <4175DC31-1506-228A-08FD-C704AC9DF642> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchK it.framework/Versions/A/SearchKit
0x7fff800b8000 - 0x7fff800e9fff libGLImage.dylib ??? (???) <57DA0064-4581-62B8-37A8-A07ADEF46EE2> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dyl ib
0x7fff800fc000 - 0x7fff80145fef libGLU.dylib ??? (???) <EB4255DD-A9E5-FAD0-52A4-CCB4E792B86F> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
0x7fff80146000 - 0x7fff802b5fe7 com.apple.QTKit 7.6.6 (1756) <250AB242-816D-9F5D-94FB-18BF2AE9AAE7> /System/Library/Frameworks/QTKit.framework/Versions/A/QTKit
0x7fff8037b000 - 0x7fff803b8fff com.apple.LDAPFramework 2.0 (120.1) <16383FF5-0537-6298-73C9-473AEC9C149C> /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
0x7fff80409000 - 0x7fff80447fef com.apple.DebugSymbols 1.1 (70) <C3D11461-E118-09DB-D9D7-8972B3FD160F> /System/Library/PrivateFrameworks/DebugSymbols.framework/Versions/A/DebugSymbol s
0x7fff8044d000 - 0x7fff805adff7 com.apple.syncservices 5.2 (578.3) <67BCFAAD-C723-A8AA-B040-2E6E7771A7A3> /System/Library/Frameworks/SyncServices.framework/Versions/A/SyncServices
0x7fff805ae000 - 0x7fff8076ffff libSystem.B.dylib 125.2.1 (compatibility 1.0.0) <71E6D4C9-F945-6EC2-998C-D61AD590DAB6> /usr/lib/libSystem.B.dylib
0x7fff80770000 - 0x7fff807d8fff com.apple.MeshKitRuntime 1.1 (49.2) <1F4C9AB5-9D3F-F91D-DB91-B78610562ECC> /System/Library/PrivateFrameworks/MeshKit.framework/Versions/A/Frameworks/MeshK itRuntime.framework/Versions/A/MeshKitRuntime
0x7fff8084e000 - 0x7fff80856fff com.apple.iChat.IMUtils 5.0.5 (747) <8A019B06-52FB-0B23-8A8B-7C2DA5465934> /System/Library/Frameworks/IMCore.framework/Frameworks/IMUtils.framework/Versio ns/A/IMUtils
0x7fff80857000 - 0x7fff808d9fff com.apple.QuickLookUIFramework 2.3 (327.6) <9093682A-0E2D-7D27-5F22-C96FD00AE970> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.f ramework/Versions/A/QuickLookUI
0x7fff808da000 - 0x7fff808dbfff com.apple.MonitorPanelFramework 1.3.0 (1.3.0) <5062DACE-FCE7-8E41-F5F6-58821778629C> /System/Library/PrivateFrameworks/MonitorPanel.framework/Versions/A/MonitorPane l
0x7fff808dc000 - 0x7fff808fffff com.apple.opencl 12.3 (12.3) <D30A45FC-4520-45AF-3CA5-092313DB5D54> /System/Library/Frameworks/OpenCL.framework/Versions/A/OpenCL
0x7fff80900000 - 0x7fff80972fef com.apple.CoreSymbolication 2.0 (23) <06F8561E-4B36-7BF6-31BA-64091B3D8058> /System/Library/PrivateFrameworks/CoreSymbolication.framework/Versions/A/CoreSy mbolication
0x7fff80a36000 - 0x7fff80a41ff7 com.apple.NSServerNotificationCenter 2.2 (2.2) <429097EC-ED66-1EF0-EDE5-14798117BF95> /System/Library/Frameworks/ServerNotification.framework/Versions/A/ServerNotifi cation
0x7fff80a42000 - 0x7fff80a63fff libresolv.9.dylib 41.0.0 (compatibility 1.0.0) <6993F348-428F-C97E-7A84-7BD2EDC46A62> /usr/lib/libresolv.9.dylib
0x7fff80a64000 - 0x7fff80aaefef com.apple.IMCore 5.0.5 (747) <EA34457E-1946-C6E6-304D-B18233FF68BA> /System/Library/Frameworks/IMCore.framework/Versions/A/IMCore
0x7fff80aaf000 - 0x7fff80abefff com.apple.NetFS 3.2.1 (3.2.1) <0357C371-2E2D-069C-08FB-1180512B8516> /System/Library/Frameworks/NetFS.framework/Versions/A/NetFS
0x7fff80abf000 - 0x7fff80ac0fff liblangid.dylib ??? (???) <EA4D1607-2BD5-2EE2-2A3B-632EEE5A444D> /usr/lib/liblangid.dylib
0x7fff80ac1000 - 0x7fff80ac4fff com.apple.help 1.3.1 (41) <54B79BA2-B71B-268E-8752-5C8EE00E49E4> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framewor k/Versions/A/Help
0x7fff80ac5000 - 0x7fff80ae0fff com.apple.datadetectors 2.1 (102.2) <69DC4391-62F4-9168-A9EF-8EA36F49D77A> /System/Library/PrivateFrameworks/DataDetectors.framework/Versions/A/DataDetect ors
0x7fff80ae1000 - 0x7fff80d67fef com.apple.security 6.1.1 (37594) <17CF7858-52D9-9665-3AE8-23F07CC8BEA1> /System/Library/Frameworks/Security.framework/Versions/A/Security
0x7fff80d98000 - 0x7fff80e04ff7 com.apple.CorePDF 1.3 (1.3) <6770FFB0-DEA0-61E0-3520-4B95CCF5D1CF> /System/Library/PrivateFrameworks/CorePDF.framework/Versions/A/CorePDF
0x7fff80f77000 - 0x7fff80fb0ff7 com.apple.MeshKit 1.1 (49.2) <3795F201-4A5F-3D40-57E0-87AD6B714239> /System/Library/PrivateFrameworks/MeshKit.framework/Versions/A/MeshKit
0x7fff80fb1000 - 0x7fff812f4ff7 com.apple.MessageFramework 4.4 (1082) <7314B194-6FC8-7CEE-81AE-2AF4ADE34AAA> /System/Library/Frameworks/Message.framework/Versions/B/Message
0x7fff812f5000 - 0x7fff8138ffff com.apple.ApplicationServices.ATS 4.4 (???) <395849EE-244A-7323-6CBA-E71E3B722984> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ATS.framework/Versions/A/ATS
0x7fff81390000 - 0x7fff813b8fff com.apple.DictionaryServices 1.1.2 (1.1.2) <E9269069-93FA-2B71-F9BA-FDDD23C4A65E> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Diction aryServices.framework/Versions/A/DictionaryServices
0x7fff813b9000 - 0x7fff813caff7 libz.1.dylib 1.2.3 (compatibility 1.0.0) <FB5EE53A-0534-0FFA-B2ED-486609433717> /usr/lib/libz.1.dylib
0x7fff813fb000 - 0x7fff8149bfff com.apple.LaunchServices 362.1 (362.1) <2740103A-6C71-D99F-8C6F-FA264546AD8F> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchS ervices.framework/Versions/A/LaunchServices
0x7fff8149c000 - 0x7fff814f3fff com.apple.Symbolication 1.1 (67) <73B6FC15-9E05-69E2-2955-14F82F9BC337> /System/Library/PrivateFrameworks/Symbolication.framework/Versions/A/Symbolicat ion
0x7fff814f4000 - 0x7fff814f4ff7 com.apple.Accelerate 1.6 (Accelerate 1.6) <15DF8B4A-96B2-CB4E-368D-DEC7DF6B62BB> /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x7fff814f5000 - 0x7fff81515fef com.apple.DotMacSyncManager 2.0.3 (446.9) <F02D77B4-540E-04C4-A4B7-C7710155AD5E> /System/Library/PrivateFrameworks/DotMacSyncManager.framework/Versions/A/DotMac SyncManager
0x7fff81516000 - 0x7fff816cdfef com.apple.ImageIO.framework 3.0.4 (3.0.4) <2CB9997A-A28D-80BC-5921-E7D50BBCACA7> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/ImageIO
0x7fff816ce000 - 0x7fff81783fe7 com.apple.ColorSync 4.6.3 (4.6.3) <AA93AD96-6974-9104-BF55-AF7A813C8A1B> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ColorSync.framework/Versions/A/ColorSync
0x7fff8179f000 - 0x7fff81ca3fe7 com.apple.VideoToolbox 0.484.20 (484.20) <8B6B82D2-350B-E9D3-5433-51453CDA65B4> /System/Library/PrivateFrameworks/VideoToolbox.framework/Versions/A/VideoToolbo x
0x7fff81ca4000 - 0x7fff81ca9fff libGIF.dylib ??? (???) <9A2723D8-61F9-6D65-D254-4F9273CDA54A> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x7fff81caa000 - 0x7fff81cf1ff7 com.apple.coreui 2 (114) <D7645B59-0431-6283-7322-957D944DAB21> /System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI
0x7fff81deb000 - 0x7fff81df7fff libbz2.1.0.dylib 1.0.5 (compatibility 1.0.0) <5FFC8295-2DF7-B54C-3766-756842C53731> /usr/lib/libbz2.1.0.dylib
0x7fff81df8000 - 0x7fff81dfafff libRadiance.dylib ??? (???) <76438F90-DD4B-9941-9367-F2DFDF927876> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libRadiance.dylib
0x7fff81dfb000 - 0x7fff81e6cff7 com.apple.AppleVAFramework 4.10.12 (4.10.12) <1B68BE43-4C54-87F5-0723-0B0A14CD21E8> /System/Library/PrivateFrameworks/AppleVA.framework/Versions/A/AppleVA
0x7fff81e6d000 - 0x7fff81f23fff libobjc.A.dylib 227.0.0 (compatibility 1.0.0) <F206BE6D-8777-AE6C-B367-7BEA76C14241> /usr/lib/libobjc.A.dylib
0x7fff8200c000 - 0x7fff82012fff libCGXCoreImage.A.dylib 545.0.0 (compatibility 64.0.0) <4EE16374-A094-D542-5BC5-7E846D0CE56E> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCGXCoreImage.A.dylib
0x7fff82013000 - 0x7fff8212cfef libGLProgrammability.dylib ??? (???) <13E8114C-6E07-A66E-35E6-C185E54840AE> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgramma bility.dylib
0x7fff8212d000 - 0x7fff821a9ff7 com.apple.ISSupport 1.9.4 (52) <93A57F16-3BD5-25AD-5CFF-00007A141129> /System/Library/PrivateFrameworks/ISSupport.framework/Versions/A/ISSupport
0x7fff821aa000 - 0x7fff821edff7 libRIP.A.dylib 545.0.0 (compatibility 64.0.0) <7E30B5F6-99FD-C716-8670-5DD4B4BAED72> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
0x7fff821ee000 - 0x7fff821f2ff7 libmathCommon.A.dylib 315.0.0 (compatibility 1.0.0) <95718673-FEEE-B6ED-B127-BCDBDB60D4E5> /usr/lib/system/libmathCommon.A.dylib
0x7fff821f3000 - 0x7fff8230afef libxml2.2.dylib 10.3.0 (compatibility 10.0.0) <EE067D7E-15B3-F043-6FBD-10BA31FE76C7> /usr/lib/libxml2.2.dylib
0x7fff8230b000 - 0x7fff82345fff libssl.0.9.8.dylib 0.9.8 (compatibility 0.9.8) <C7153747-50E3-32DA-426F-CC4C505D1D6C> /usr/lib/libssl.0.9.8.dylib
0x7fff82346000 - 0x7fff82387fff com.apple.SystemConfiguration 1.10.5 (1.10.2) <FB39F09C-57BB-D8CC-348D-93E00C602F7D> /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfi guration
0x7fff82388000 - 0x7fff8246dfef com.apple.DesktopServices 1.5.9 (1.5.9) <27890B2C-0CD2-7C27-9D0C-D5952C5E8438> /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/Desk topServicesPriv
0x7fff8246e000 - 0x7fff8247ffff com.apple.DSObjCWrappers.Framework 10.6 (134) <3C08225D-517E-2822-6152-F6EB13A4ADF9> /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWra ppers
0x7fff82480000 - 0x7fff82483ff7 libCoreVMClient.dylib ??? (???) <B1F41E5B-8B59-DB81-1654-C1F9B11E885F> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libCoreVMClien t.dylib
0x7fff824ba000 - 0x7fff824bbff7 com.apple.TrustEvaluationAgent 1.1 (1) <74800EE8-C14C-18C9-C208-20BBDB982D40> /System/Library/PrivateFrameworks/TrustEvaluationAgent.framework/Versions/A/Tru stEvaluationAgent
0x7fff824bc000 - 0x7fff824c1fff libGFXShared.dylib ??? (???) <A94DE483-A586-A172-104F-1CFC5F0BFD57> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGFXShared.d ylib
0x7fff824c2000 - 0x7fff827f6fff com.apple.CoreServices.CarbonCore 861.23 (861.23) <08F360FA-1771-4F0B-F356-BEF68BB9D421> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonC ore.framework/Versions/A/CarbonCore
0x7fff827f7000 - 0x7fff82834ff7 libFontRegistry.dylib ??? (???) <8C69F685-3507-1B8F-51AD-6183D5E88979> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ATS.framework/Versions/A/Resources/libFontRegistry.dylib
0x7fff8284d000 - 0x7fff8284ffef com.apple.ExceptionHandling 1.5 (10) <F2867B93-A56A-974F-9556-266BCE394057> /System/Library/Frameworks/ExceptionHandling.framework/Versions/A/ExceptionHand ling
0x7fff82906000 - 0x7fff8292bff7 com.apple.CoreVideo 1.6.2 (45.6) <E138C8E7-3CB6-55A9-0A2C-B73FE63EA288> /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo
0x7fff8292c000 - 0x7fff82b14ff7 com.apple.JavaScriptCore 6533.18 (6533.18.1) <C6F7B4E1-1DF6-414A-5A17-B334A814B2A0> /System/Library/Frameworks/JavaScriptCore.framework/Versions/A/JavaScriptCore
0x7fff82b38000 - 0x7fff82b79ff7 com.apple.CoreMedia 0.484.20 (484.20) <42F3B74A-F886-33A0-40EE-8399B12BD32A> /System/Library/PrivateFrameworks/CoreMedia.framework/Versions/A/CoreMedia
0x7fff82b7a000 - 0x7fff82c4cfe7 com.apple.CFNetwork 454.11.5 (454.11.5) <B3E2BE12-D7AA-5940-632A-1E5E7BF8E6E3> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwo rk.framework/Versions/A/CFNetwork
0x7fff82c4f000 - 0x7fff82c7eff7 com.apple.quartzfilters 1.6.0 (1.6.0) <9CECB4FC-1CCF-B8A2-B935-5888B21CBEEF> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuartzFilters .framework/Versions/A/QuartzFilters
0x7fff82c7f000 - 0x7fff82c9cff7 libPng.dylib ??? (???) <14043CBC-329F-4009-299E-DEE411E16134> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libPng.dylib
0x7fff82c9d000 - 0x7fff82cc8ff7 libxslt.1.dylib 3.24.0 (compatibility 3.0.0) <87A0B228-B24A-C426-C3FB-B40D7258DD49> /usr/lib/libxslt.1.dylib
0x7fff82cc9000 - 0x7fff82f0bfef com.apple.AddressBook.framework 5.0.3 (875) <78FDBCC6-8F4C-C4DF-4A60-BB038572B870> /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
0x7fff82f31000 - 0x7fff82f31ff7 com.apple.vecLib 3.6 (vecLib 3.6) <96FB6BAD-5568-C4E0-6FA7-02791A58B584> /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib
0x7fff82f32000 - 0x7fff82f3dfff com.apple.dotMacLegacy 3.2 (266) <80F00DE2-4C50-0FD9-5C6E-3EAA1599277B> /System/Library/PrivateFrameworks/DotMacLegacy.framework/Versions/A/DotMacLegac y
0x7fff82f3e000 - 0x7fff82fedfff edu.mit.Kerberos 6.5.10 (6.5.10) <F3F76EDF-5660-78F0-FE6E-33B6174F55A4> /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos
0x7fff82fee000 - 0x7fff83017ff7 com.apple.speech.LatentSemanticMappingFramework 2.7.2 (2.7.2) <2D3B7CF8-DA92-F25D-F2E2-D17C7D7F46E5> /System/Library/Frameworks/LatentSemanticMapping.framework/Versions/A/LatentSem anticMapping
0x7fff830f1000 - 0x7fff83109fff com.apple.iChat.InstantMessage 5.0.5 (747) <D9784E28-7614-1BAD-8B22-EC12079BCC40> /System/Library/Frameworks/InstantMessage.framework/Versions/A/InstantMessage
0x7fff8310a000 - 0x7fff83117ff7 com.apple.AppleFSCompression 24.4 (1.0) <57D6F613-CB5E-75BC-E351-3272D62227F5> /System/Library/PrivateFrameworks/AppleFSCompression.framework/Versions/A/Apple FSCompression
0x7fff83118000 - 0x7fff8328ffe7 com.apple.CoreFoundation 6.6.4 (550.42) <770C572A-CF70-168F-F43C-242B9114FCB5> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x7fff832d4000 - 0x7fff83348ff7 com.apple.WhitePagesFramework 10.6.0 (140.0) <546E204C-AC7A-030C-DC32-125A3E422FB5> /System/Library/PrivateFrameworks/WhitePages.framework/Versions/A/WhitePages
0x7fff83349000 - 0x7fff83349ff7 com.apple.ApplicationServices 38 (38) <10A0B9E9-4988-03D4-FC56-DDE231A02C63> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Application Services
0x7fff8334a000 - 0x7fff83fbdff7 com.apple.WebCore 6533.18 (6533.18.1) <E98598FB-8C73-1334-7C30-216CC49B889E> /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/WebCore.frame work/Versions/A/WebCore
0x7fff83fbe000 - 0x7fff83fd3ff7 com.apple.LangAnalysis 1.6.6 (1.6.6) <DC999B32-BF41-94C8-0583-27D9AB463E8B> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LangAnalysis.framework/Versions/A/LangAnalysis
0x7fff8400a000 - 0x7fff8400dff7 com.apple.securityhi 4.0 (36638) <38935851-09E4-DDAB-DB1D-30ADC39F7ED0> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.fr amework/Versions/A/SecurityHI
0x7fff8400e000 - 0x7fff84052fe7 com.apple.ImageCaptureCore 1.0.3 (1.0.3) <913FFA89-0AC8-0A8D-CC2A-364CB0F303BA> /System/Library/Frameworks/ImageCaptureCore.framework/Versions/A/ImageCaptureCo re
0x7fff84053000 - 0x7fff840e2fff com.apple.PDFKit 2.5.1 (2.5.1) <7B8A187A-F0BB-44E7-FBD4-9E1C5F9D5E85> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/PDFKit.framew ork/Versions/A/PDFKit
0x7fff840e3000 - 0x7fff840e5fff com.apple.print.framework.Print 6.1 (237.1) <CA8564FB-B366-7413-B12E-9892DA3C6157> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framewo rk/Versions/A/Print
0x7fff840e6000 - 0x7fff84137fef com.apple.HIServices 1.8.1 (???) <BE479ABF-3D27-A5C7-800E-3FFC1731767A> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ HIServices.framework/Versions/A/HIServices
0x7fff84138000 - 0x7fff8417dfff com.apple.CoreMediaIOServices 133.0 (1158) <53F7A2A6-78CA-6C34-0BB6-471388019799> /System/Library/PrivateFrameworks/CoreMediaIOServices.framework/Versions/A/Core MediaIOServices
0x7fff84180000 - 0x7fff841c9ff7 com.apple.securityinterface 4.0.1 (37214) <F8F2D8F4-861F-6694-58F6-3DC55C9DBF50> /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInter face
0x7fff842cb000 - 0x7fff84348fef libstdc++.6.dylib 7.9.0 (compatibility 7.0.0) <35ECA411-2C08-FD7D-11B1-1B7A04921A5C> /usr/lib/libstdc++.6.dylib
0x7fff84349000 - 0x7fff8434ffff com.apple.AOSNotification 1.1.0 (123.3) <9436ED02-186A-E6CC-E594-31E3942A5898> /System/Library/PrivateFrameworks/AOSNotification.framework/Versions/A/AOSNotif ication
0x7fff84350000 - 0x7fff8436bff7 com.apple.openscripting 1.3.1 (???) <FD46A0FE-AC79-3EF7-AB4F-396D376DDE71> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting .framework/Versions/A/OpenScripting
0x7fff8436c000 - 0x7fff8436cff7 com.apple.quartzframework 1.5 (1.5) <B182B579-BCCE-81BF-8DA2-9E0B7BDF8516> /System/Library/Frameworks/Quartz.framework/Versions/A/Quartz
0x7fff8436d000 - 0x7fff8470afe7 com.apple.QuartzCore 1.6.3 (227.34) <215222AF-B30A-7CE5-C46C-1A766C1D1D2E> /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
0x7fff8470b000 - 0x7fff8470bff7 com.apple.Carbon 150 (152) <19B37B7B-1594-AD0A-7F14-FA2F85AD7241> /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
0x7fff8470c000 - 0x7fff84720ff7 com.apple.speech.synthesis.framework 3.10.35 (3.10.35) <621B7415-A0B9-07A7-F313-36BEEDD7B132> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x7fff84730000 - 0x7fff8496bfef com.apple.imageKit 2.0.3 (1.0) <5D18C246-303A-6580-9DC9-79BE79467C95> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/ImageKit.fram ework/Versions/A/ImageKit
0x7fff8496c000 - 0x7fff849bbfe7 com.apple.iCalendar 1.0.3 (54) <9009851F-9218-BF81-6083-299AD56CE90F> /System/Library/PrivateFrameworks/iCalendar.framework/Versions/A/iCalendar
0x7fff849bc000 - 0x7fff84a79ff7 com.apple.CoreServices.OSServices 357 (357) <718F0719-DC9F-E392-7C64-9D7DFE3D02E2> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServi ces.framework/Versions/A/OSServices
0x7fff84a7a000 - 0x7fff84a89fff com.apple.opengl 1.6.11 (1.6.11) <43D5BE71-E1F6-6974-210C-17C68919AE08> /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
0x7fff84a8a000 - 0x7fff84b8efff com.apple.PubSub 1.0.5 (65.20) <DA852327-4B80-B49A-666C-835410273DE3> /System/Library/Frameworks/PubSub.framework/Versions/A/PubSub
0x7fff84b9b000 - 0x7fff85591fff com.apple.AppKit 6.6.7 (1038.35) <9F4DF818-9DB9-98DA-490C-EF29EA757A97> /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x7fff85592000 - 0x7fff856b8fff com.apple.audio.toolbox.AudioToolbox 1.6.5 (1.6.5) <B51023BB-A5C9-3C65-268B-6B86B901BB2C> /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x7fff8572b000 - 0x7fff85730ff7 com.apple.CommonPanels 1.2.4 (91) <4D84803B-BD06-D80E-15AE-EFBE43F93605> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels. framework/Versions/A/CommonPanels
0x7fff85747000 - 0x7fff8575aff7 com.apple.syncservices.syncservicesui 5.2 (578.3) <811B95F2-5349-3800-1822-45D43CF54899> /System/Library/PrivateFrameworks/SyncServicesUI.framework/Versions/A/SyncServi cesUI
0x7fff8575b000 - 0x7fff85883ff7 com.apple.MediaToolbox 0.484.20 (484.20) <628A7245-7ADE-AD47-3368-CF8EDCA6CC1C> /System/Library/PrivateFrameworks/MediaToolbox.framework/Versions/A/MediaToolbo x
0x7fff85884000 - 0x7fff8593dfff libsqlite3.dylib 9.6.0 (compatibility 9.0.0) <2C5ED312-E646-9ADE-73A9-6199A2A43150> /usr/lib/libsqlite3.dylib
0x7fff85b22000 - 0x7fff85c2cff7 com.apple.MeshKitIO 1.1 (49.2) <F296E151-80AE-7764-B969-C2050DF26BFE> /System/Library/PrivateFrameworks/MeshKit.framework/Versions/A/Frameworks/MeshK itIO.framework/Versions/A/MeshKitIO
0x7fff85c2d000 - 0x7fff85eb0ff7 com.apple.Foundation 6.6.4 (751.42) <9A99D378-E97A-8C0F-3857-D0FAA30FCDD5> /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x7fff85eb1000 - 0x7fff85ee3fff libTrueTypeScaler.dylib ??? (???) <B9ECE1BD-A716-9F65-6466-4444D641F584> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ATS.framework/Versions/A/Resources/libTrueTypeScaler.dylib
0x7fff85ee4000 - 0x7fff85f63fe7 com.apple.audio.CoreAudio 3.2.6 (3.2.6) <1DD64A62-0DE4-223F-F781-B272FECF80F0> /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
0x7fff85f64000 - 0x7fff85f7dfff com.apple.CFOpenDirectory 10.6 (10.6) <CCF79716-7CC6-2520-C6EB-A4F56AD0A207> /System/Library/Frameworks/OpenDirectory.framework/Versions/A/Frameworks/CFOpen Directory.framework/Versions/A/CFOpenDirectory
0x7fff85f7e000 - 0x7fff85fc6ff7 libvDSP.dylib 268.0.1 (compatibility 1.0.0) <98FC4457-F405-0262-00F7-56119CA107B6> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvDSP.dylib
0x7fff85fc7000 - 0x7fff86027ff7 com.apple.ExchangeWebServices 1.3 (61) <7DB2989C-1362-8688-C73E-8405734A6566> /System/Library/PrivateFrameworks/ExchangeWebServices.framework/Versions/A/Exch angeWebServices
0x7fff8602e000 - 0x7fff86068fff com.apple.bom 10.0 (164) <E5C9AFBD-68C1-197E-72B0-B43295DC87DC> /System/Library/PrivateFrameworks/Bom.framework/Versions/A/Bom
0x7fff86069000 - 0x7fff860d3fe7 libvMisc.dylib 268.0.1 (compatibility 1.0.0) <514D400C-50A5-C196-83AA-1035DDC8FBBE> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvMisc.dylib
0x7fff860d4000 - 0x7fff868defe7 libBLAS.dylib 219.0.0 (compatibility 1.0.0) <FC941ECB-71D0-FAE3-DCBF-C5A619E594B8> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libBLAS.dylib
0x7fff868df000 - 0x7fff868f5fe7 com.apple.MultitouchSupport.framework 207.10 (207.10) <1828C264-A54A-7FDD-FE1B-49DDE3F50779> /System/Library/PrivateFrameworks/MultitouchSupport.framework/Versions/A/Multit ouchSupport
0x7fff868f6000 - 0x7fff86a17fe7 libcrypto.0.9.8.dylib 0.9.8 (compatibility 0.9.8) <48AEAFE1-21F4-B3C8-4199-35AD5E8D0613> /usr/lib/libcrypto.0.9.8.dylib
0x7fff86a18000 - 0x7fff86a2afe7 libsasl2.2.dylib 3.15.0 (compatibility 3.0.0) <76B83C8D-8EFE-4467-0F75-275648AFED97> /usr/lib/libsasl2.2.dylib
0x7fff86a2b000 - 0x7fff86ab1ff3 com.apple.iLifeMediaBrowser 2.1.5 (368) <BC6090D5-47FD-882D-1123-BA40CB821481> /System/Library/PrivateFrameworks/iLifeMediaBrowser.framework/Versions/A/iLifeM ediaBrowser
0x7fff86ab2000 - 0x7fff86af3fef com.apple.QD 3.36 (???) <5DC41E81-32C9-65B2-5528-B33E934D5BB4> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ QD.framework/Versions/A/QD
0x7fff86af4000 - 0x7fff86ecefff com.apple.RawCamera.bundle 3.4.1 (546) <F7865FD2-4869-AB19-10AA-EFF1B3BC4178> /System/Library/CoreServices/RawCamera.bundle/Contents/MacOS/RawCamera
0x7fff86ecf000 - 0x7fff86f1eff7 com.apple.DirectoryService.PasswordServerFramework 6.0 (6.0) <14FD0978-4BE0-336B-A19E-F388694583EB> /System/Library/PrivateFrameworks/PasswordServer.framework/Versions/A/PasswordS erver
0x7fff86f1f000 - 0x7fff86fe0fe7 libFontParser.dylib ??? (???) <8B12D37E-3A95-5A73-509C-3AA991E0C546> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ATS.framework/Versions/A/Resources/libFontParser.dylib
0x7fff86fe1000 - 0x7fff87030fef libTIFF.dylib ??? (???) <AE9DC484-1382-F7AD-FE25-C28082FCB5D9> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x7fff87031000 - 0x7fff87078fff com.apple.QuickLookFramework 2.3 (327.6) <11DFB135-24A6-C0BC-5B97-ECE352A4B488> /System/Library/Frameworks/QuickLook.framework/Versions/A/QuickLook
0x7fff87079000 - 0x7fff87079ff7 com.apple.Accelerate.vecLib 3.6 (vecLib 3.6) <4CCE5D69-F1B3-8FD3-1483-E0271DB2CCF3> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/vecLib
0x7fff8707a000 - 0x7fff8707eff7 libCGXType.A.dylib 545.0.0 (compatibility 64.0.0) <63F77AC8-84CB-0C2F-8D2B-190EE5CCDB45> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCGXType.A.dylib
0x7fff8707f000 - 0x7fff8709fff7 com.apple.DirectoryService.Framework 3.6 (621.9) <FF6567B5-56BD-F3EC-E59D-1EC583C3CF73> /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryServi ce
0x7fff870a0000 - 0x7fff8721dff7 com.apple.WebKit 6533.18 (6533.18.1) <6B55A3A4-CE83-BB0B-9EDE-B6AC8B2907AB> /System/Library/Frameworks/WebKit.framework/Versions/A/WebKit
0x7fff8721e000 - 0x7fff8729bfef com.apple.backup.framework 1.2.2 (1.2.2) <13A0D34C-28B7-2140-ECC9-B08D10CD4AB5> /System/Library/PrivateFrameworks/Backup.framework/Versions/A/Backup
0x7fff8729c000 - 0x7fff872aaff7 libkxld.dylib ??? (???) <4016E9E6-0645-5384-A697-2775B5228113> /usr/lib/system/libkxld.dylib
0x7fff872e8000 - 0x7fff874e6fe7 com.apple.CalendarStore 4.0.4 (997) <E5AEEEDC-40F7-B118-107A-B4E735DD4C03> /System/Library/Frameworks/CalendarStore.framework/Versions/A/CalendarStore
0x7fff874e7000 - 0x7fff874f2fff com.apple.CrashReporterSupport 10.6.5 (252) <0895BE37-CC7E-1939-8020-489BFCB3E2C6> /System/Library/PrivateFrameworks/CrashReporterSupport.framework/Versions/A/Cra shReporterSupport
0x7fff874f3000 - 0x7fff87555fe7 com.apple.datadetectorscore 2.0 (80.7) <F9D2332D-0890-2ED2-1AC8-F85CB89D8BD4> /System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDe tectorsCore
0x7fff87556000 - 0x7fff8755cff7 com.apple.DiskArbitration 2.3 (2.3) <857F6E43-1EF4-7D53-351B-10DE0A8F992A> /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x7fff8755d000 - 0x7fff87583fe7 libJPEG.dylib ??? (???) <6690F15D-E970-2678-430E-590A94F5C8E9> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x7fff87584000 - 0x7fff875bdfef libcups.2.dylib 2.8.0 (compatibility 2.0.0) <97F968EB-80ED-36FB-7819-D438B489E46E> /usr/lib/libcups.2.dylib
0x7fff875c9000 - 0x7fff875dffff com.apple.ImageCapture 6.0.1 (6.0.1) <09ABF2E9-D110-71A9-4A6F-8A61B683E936> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture. framework/Versions/A/ImageCapture
0x7fff875e0000 - 0x7fff875edfe7 libCSync.A.dylib 545.0.0 (compatibility 64.0.0) <397B9057-5CDF-3B19-4E61-9DFD49369375> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
0x7fff875ee000 - 0x7fff87604fef libbsm.0.dylib ??? (???) <42D3023A-A1F7-4121-6417-FCC6B51B3E90> /usr/lib/libbsm.0.dylib
0x7fff87605000 - 0x7fff87691fef SecurityFoundation ??? (???) <6860DE26-0D42-D1E8-CD7C-5B42D78C1E1D> /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoun dation
0x7fff87692000 - 0x7fff8776cff7 com.apple.vImage 4.0 (4.0) <354F34BF-B221-A3C9-2CA7-9BE5E14AD5AD> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.fr amework/Versions/A/vImage
0x7fff8776d000 - 0x7fff87822fe7 com.apple.ink.framework 1.3.3 (107) <FFC46EE0-3544-A459-2AB9-94778A75E3D4> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework /Versions/A/Ink
0x7fff87823000 - 0x7fff87c66fef libLAPACK.dylib 219.0.0 (compatibility 1.0.0) <0CC61C98-FF51-67B3-F3D8-C5E430C201A9> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libLAPACK.dylib
0x7fff87c67000 - 0x7fff87c72ff7 com.apple.speech.recognition.framework 3.11.1 (3.11.1) <F0DDF27E-DB55-07CE-E548-C62095BE8167> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecogni tion.framework/Versions/A/SpeechRecognition
0x7fff87c73000 - 0x7fff87caefff com.apple.AE 496.4 (496.4) <CBEDB6A1-FD85-F842-4EB8-CC289FAE0F24> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.fram ework/Versions/A/AE
0x7fff87e2f000 - 0x7fff87e35ff7 IOSurface ??? (???) <04EDCEDE-E36F-15F8-DC67-E61E149D2C9A> /System/Library/Frameworks/IOSurface.framework/Versions/A/IOSurface
0x7fff87e36000 - 0x7fff87e80ff7 com.apple.Metadata 10.6.3 (507.12) <9231045A-E2E3-B0C2-C81A-92C9EA98A4DF> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadat a.framework/Versions/A/Metadata
0x7fff87e81000 - 0x7fff87e81ff7 com.apple.CoreServices 44 (44) <DC7400FB-851E-7B8A-5BF6-6F50094302FB> /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x7fff87e82000 - 0x7fff87ee2fe7 com.apple.framework.IOKit 2.0 (???) <D107CB8A-5182-3AC4-35D0-07068A695C05> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x7fff87f14000 - 0x7fff880d2fff libicucore.A.dylib 40.0.0 (compatibility 1.0.0) <781E7B63-2AD0-E9BA-927C-4521DB616D02> /usr/lib/libicucore.A.dylib
0x7fff880d3000 - 0x7fff880d4ff7 com.apple.audio.units.AudioUnit 1.6.5 (1.6.5) <14F14B5E-9287-BC36-0C3F-6592E6696CD4> /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x7fff880d5000 - 0x7fff880e9fff libGL.dylib ??? (???) <1EB1BD0F-C17F-55DF-B8B4-8E9CF99359D4> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
0x7fff880ea000 - 0x7fff880f1ff7 com.apple.KerberosHelper 2.1 (1.0) <CAE238A0-1DEC-421D-EE11-36AE9E67C8DC> /System/Library/PrivateFrameworks/KerberosHelper.framework/Versions/A/KerberosH elper
0x7fff880f2000 - 0x7fff88170fff com.apple.CoreText 3.5.0 (???) <4D5C7932-293B-17FF-7309-B580BB1953EA> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreText.framework/Versions/A/CoreText
0x7fff88171000 - 0x7fff88171ff7 com.apple.Cocoa 6.6 (???) <68B0BE46-6E24-C96F-B341-054CF9E8F3B6> /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
0x7fff88172000 - 0x7fff882b0fff com.apple.CoreData 102.1 (251) <32233D4D-00B7-CE14-C881-6BF19FD05A03> /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x7fff882fb000 - 0x7fff88304ff7 com.apple.DisplayServicesFW 2.3.0 (283) <3D05929C-AB17-B8A4-DC81-87C27C59E664> /System/Library/PrivateFrameworks/DisplayServices.framework/Versions/A/DisplayS ervices
0x7fff88305000 - 0x7fff88351fff libauto.dylib ??? (???) <F7221B46-DC4F-3153-CE61-7F52C8C293CF> /usr/lib/libauto.dylib
0x7fff88352000 - 0x7fff88650fe7 com.apple.HIToolbox 1.6.3 (???) <CF0C8524-FA82-3908-ACD0-A9176C704AED> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.fra mework/Versions/A/HIToolbox
0x7fff88651000 - 0x7fff88d4e06f com.apple.CoreGraphics 1.545.0 (???) <356D59D6-1DD1-8BFF-F9B3-1CE51D2F1EC7> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/CoreGraphics
0x7fff88d4f000 - 0x7fff88d92fef libtidy.A.dylib ??? (???) <2F4273D3-418B-668C-F488-7E659D3A8C23> /usr/lib/libtidy.A.dylib
0x7fff88d93000 - 0x7fff88d9afff com.apple.OpenDirectory 10.6 (10.6) <4200CFB0-DBA1-62B8-7C7C-91446D89551F> /System/Library/Frameworks/OpenDirectory.framework/Versions/A/OpenDirectory
0x7fff88d9b000 - 0x7fff88e20ff7 com.apple.print.framework.PrintCore 6.3 (312.7) <CDFE82DD-D811-A091-179F-6E76069B432D> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ PrintCore.framework/Versions/A/PrintCore
0x7fff88e49000 - 0x7fff88e9efef com.apple.framework.familycontrols 2.0.1 (2010) <239940AC-2427-44C6-9E29-998D0ABECDF3> /System/Library/PrivateFrameworks/FamilyControls.framework/Versions/A/FamilyCon trols
0x7fff88e9f000 - 0x7fff89109fef com.apple.QuartzComposer 4.2 ({156.28}) <7586E7BD-D3BD-0EAC-5AC9-0BFA3679017C> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuartzCompose r.framework/Versions/A/QuartzComposer
0x7fff8910a000 - 0x7fff89154ff7 com.apple.DAVKit 4.0.3 (732) <446FCDF1-E33E-52D3-ABAC-5DBE68322DF0> /System/Library/PrivateFrameworks/DAVKit.framework/Versions/A/DAVKit
0x7fffffe00000 - 0x7fffffe01fff libSystem.B.dylib ??? (???) <71E6D4C9-F945-6EC2-998C-D61AD590DAB6> /usr/lib/libSystem.B.dylib
Model: MacBookPro5,5, BootROM MBP55.00AC.B03, 2 processors, Intel Core 2 Duo, 2.26 GHz, 4 GB, SMC 1.47f2
Graphics: NVIDIA GeForce 9400M, NVIDIA GeForce 9400M, PCI, 256 MB
Memory Module: global_name
AirPort: spairportwireless_card_type_airportextreme (0x14E4, 0x8D), Broadcom BCM43xx 1.0 (5.10.131.36.1)
Bluetooth: Version 2.3.8f7, 2 service, 12 devices, 1 incoming serial ports
Network Service: AirPort, AirPort, en1
Serial ATA Device: C300-CTFDDAC256MAG, 238.47 GB
Serial ATA Device: HL-DT-ST DVDRW GS23N, 74.4 MB
USB Device: Internal Memory Card Reader, 0x05ac (Apple Inc.), 0x8403, 0x26500000
USB Device: Built-in iSight, 0x05ac (Apple Inc.), 0x8507, 0x24400000
USB Device: Apple Internal Keyboard / Trackpad, 0x05ac (Apple Inc.), 0x0236, 0x04600000
USB Device: IR Receiver, 0x05ac (Apple Inc.), 0x8242, 0x04500000
USB Device: BRCM2046 Hub, 0x0a5c (Broadcom Corp.), 0x4500, 0x06100000
USB Device: Bluetooth USB Host Controller, 0x05ac (Apple Inc.), 0x8213, 0x06110000
Message was edited by: THolland64 -
ClamAV fails to scan for viruses in emails [CLAWS MAIL]
I've recently switched from Thunderbird to Claws Mail and ran into one small, but annoying, problem.
I want to use ClamAV + the clamav extension for claws mail to scan for viruses, however it does seem to have permission problems.
clamd is running, user and group clamav all have the relevant permissions as far as I can tell, however upon scanning my mail, I always end up with the following error:
Scanning error:
/home/username/.claws-mail/mimetmp/0000000e.mimetmp: lstat() failed: Permission denied. ERROR
Here's my clamd.conf:
## Please read the clamd.conf(5) manual before editing this file.
# Comment or remove the line below.
#Example
# Uncomment this option to enable logging.
# LogFile must be writable for the user running daemon.
# A full path is required.
# Default: disabled
LogFile /var/log/clamav/clamd.log
# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option).
# This option disables log file locking.
# Default: no
#LogFileUnlock yes
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers.
# Default: 1M
#LogFileMaxSize 2M
# Log time with each message.
# Default: no
LogTime yes
# Also log clean files. Useful in debugging but drastically increases the
# log size.
# Default: no
#LogClean yes
# Use system logger (can work together with LogFile).
# Default: no
#LogSyslog yes
# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
# Default: LOG_LOCAL6
#LogFacility LOG_MAIL
# Enable verbose logging.
# Default: no
#LogVerbose yes
# Log additional information about the infected file, such as its
# size and hash, together with the virus name.
#ExtendedDetectionInfo yes
# This option allows you to save a process identifier of the listening
# daemon (main thread).
# Default: disabled
PidFile /run/clamav/clamd.pid
# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
TemporaryDirectory /tmp
# Path to the database directory.
# Default: hardcoded (depends on installation options)
DatabaseDirectory /var/lib/clamav
# Only load the official signatures published by the ClamAV project.
# Default: no
OfficialDatabaseOnly yes
# The daemon can work in local mode, network mode or both.
# Due to security reasons we recommend the local mode.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
LocalSocket /var/lib/clamav/clamd.sock
# Sets the group ownership on the unix socket.
# Default: disabled (the primary group of the user running clamd)
LocalSocketGroup clamav
# Sets the permissions on the unix socket to the specified mode.
# Default: disabled (socket is world accessible)
#LocalSocketMode 660
# Remove stale socket after unclean shutdown.
# Default: yes
#FixStaleSocket yes
# TCP port address.
# Default: no
#TCPSocket 3310
# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world.
# Default: no
#TCPAddr 127.0.0.1
# Maximum length the queue of pending connections may grow to.
# Default: 200
#MaxConnectionQueueLength 30
# Clamd uses FTP-like protocol to receive data from remote clients.
# If you are using clamav-milter to balance load between remote clamd daemons
# on firewall servers you may need to tune the options below.
# Close the connection when the data size limit is exceeded.
# The value should match your MTA's limit for a maximum attachment size.
# Default: 25M
#StreamMaxLength 10M
# Limit port range.
# Default: 1024
#StreamMinPort 30000
# Default: 2048
#StreamMaxPort 32000
# Maximum number of threads running at the same time.
# Default: 10
#MaxThreads 20
# Waiting for data from a client socket will timeout after this time (seconds).
# Default: 120
#ReadTimeout 300
# This option specifies the time (in seconds) after which clamd should
# timeout if a client doesn't provide any initial command after connecting.
# Default: 5
#CommandReadTimeout 5
# This option specifies how long to wait (in miliseconds) if the send buffer is full.
# Keep this value low to prevent clamd hanging
# Default: 500
#SendBufTimeout 200
# Maximum number of queued items (including those being processed by MaxThreads threads)
# It is recommended to have this value at least twice MaxThreads if possible.
# WARNING: you shouldn't increase this too much to avoid running out of file descriptors,
# the following condition should hold:
# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024)
# Default: 100
#MaxQueue 200
# Waiting for a new job will timeout after this time (seconds).
# Default: 30
#IdleTimeout 60
# Don't scan files and directories matching regex
# This directive can be used multiple times
# Default: scan all
#ExcludePath ^/proc/
#ExcludePath ^/sys/
# Maximum depth directories are scanned at.
# Default: 15
#MaxDirectoryRecursion 20
# Follow directory symlinks.
# Default: no
#FollowDirectorySymlinks yes
# Follow regular file symlinks.
# Default: no
#FollowFileSymlinks yes
# Scan files and directories on other filesystems.
# Default: yes
#CrossFilesystems yes
# Perform a database check.
# Default: 600 (10 min)
#SelfCheck 600
# Execute a command when virus is found. In the command string %v will
# be replaced with the virus name.
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
User clamav
# Initialize supplementary group access (clamd must be started by root).
# Default: no
#AllowSupplementaryGroups no
# Stop daemon when libclamav reports out of memory condition.
#ExitOnOOM yes
# Don't fork into background.
# Default: no
#Foreground yes
# Enable debug messages in libclamav.
# Default: no
#Debug yes
# Do not remove temporary files (for debug purposes).
# Default: no
#LeaveTemporaryFiles yes
# Detect Possibly Unwanted Applications.
# Default: no
#DetectPUA yes
# Exclude a specific PUA category. This directive can be used multiple times.
# See http://www.clamav.net/support/pua for the complete list of PUA
# categories.
# Default: Load all categories (if DetectPUA is activated)
#ExcludePUA NetTool
#ExcludePUA PWTool
# Only include a specific PUA category. This directive can be used multiple
# times.
# Default: Load all categories (if DetectPUA is activated)
#IncludePUA Spy
#IncludePUA Scanner
#IncludePUA RAT
# In some cases (eg. complex malware, exploits in graphic files, and others),
# ClamAV uses special algorithms to provide accurate detection. This option
# controls the algorithmic detection.
# Default: yes
#AlgorithmicDetection yes
## Executable files
# PE stands for Portable Executable - it's an executable file format used
# in all 32 and 64-bit versions of Windows operating systems. This option allows
# ClamAV to perform a deeper analysis of executable files and it's also
# required for decompression of popular executable packers such as UPX, FSG,
# and Petite. If you turn off this option, the original files will still be
# scanned, but without additional processing.
# Default: yes
#ScanPE yes
# Executable and Linking Format is a standard format for UN*X executables.
# This option allows you to control the scanning of ELF files.
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
# Default: yes
#ScanELF yes
# With this option clamav will try to detect broken executables (both PE and
# ELF) and mark them as Broken.Executable.
# Default: no
#DetectBrokenExecutables yes
## Documents
# This option enables scanning of OLE2 files, such as Microsoft Office
# documents and .msi files.
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
# Default: yes
#ScanOLE2 yes
# With this option enabled OLE2 files with VBA macros, which were not
# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros".
# Default: no
#OLE2BlockMacros no
# This option enables scanning within PDF files.
# If you turn off this option, the original files will still be scanned, but
# without decoding and additional processing.
# Default: yes
#ScanPDF yes
## Mail files
# Enable internal e-mail scanner.
# If you turn off this option, the original files will still be scanned, but
# without parsing individual messages/attachments.
# Default: yes
#ScanMail yes
# Scan RFC1341 messages split over many emails.
# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory.
# WARNING: This option may open your system to a DoS attack.
# Never use it on loaded servers.
# Default: no
#ScanPartialMessages yes
# With this option enabled ClamAV will try to detect phishing attempts by using
# signatures.
# Default: yes
#PhishingSignatures yes
# Scan URLs found in mails for phishing attempts using heuristics.
# Default: yes
#PhishingScanURLs yes
# Always block SSL mismatches in URLs, even if the URL isn't in the database.
# This can lead to false positives.
# Default: no
#PhishingAlwaysBlockSSLMismatch no
# Always block cloaked URLs, even if URL isn't in database.
# This can lead to false positives.
# Default: no
#PhishingAlwaysBlockCloak no
# Allow heuristic match to take precedence.
# When enabled, if a heuristic scan (such as phishingScan) detects
# a possible virus/phish it will stop scan immediately. Recommended, saves CPU
# scan-time.
# When disabled, virus/phish detected by heuristic scans will be reported only at
# the end of a scan. If an archive contains both a heuristically detected
# virus/phish, and a real malware, the real malware will be reported
# Keep this disabled if you intend to handle "*.Heuristics.*" viruses
# differently from "real" malware.
# If a non-heuristically-detected virus (signature-based) is found first,
# the scan is interrupted immediately, regardless of this config option.
# Default: no
#HeuristicScanPrecedence yes
## Data Loss Prevention (DLP)
# Enable the DLP module
# Default: No
#StructuredDataDetection yes
# This option sets the lowest number of Credit Card numbers found in a file
# to generate a detect.
# Default: 3
#StructuredMinCreditCardCount 5
# This option sets the lowest number of Social Security Numbers found
# in a file to generate a detect.
# Default: 3
#StructuredMinSSNCount 5
# With this option enabled the DLP module will search for valid
# SSNs formatted as xxx-yy-zzzz
# Default: yes
#StructuredSSNFormatNormal yes
# With this option enabled the DLP module will search for valid
# SSNs formatted as xxxyyzzzz
# Default: no
#StructuredSSNFormatStripped yes
## HTML
# Perform HTML normalisation and decryption of MS Script Encoder code.
# Default: yes
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
#ScanHTML yes
## Archives
# ClamAV can scan within archives and compressed files.
# If you turn off this option, the original files will still be scanned, but
# without unpacking and additional processing.
# Default: yes
#ScanArchive yes
# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
# Default: no
#ArchiveBlockEncrypted no
## Limits
# The options below protect your system against Denial of Service attacks
# using archive bombs.
# This option sets the maximum amount of data to be scanned for each input file.
# Archives and other containers are recursively extracted and scanned up to this
# value.
# Value of 0 disables the limit
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 100M
#MaxScanSize 150M
# Files larger than this limit won't be scanned. Affects the input file itself
# as well as files contained inside it (when the input file is an archive, a
# document or some other kind of container).
# Value of 0 disables the limit.
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 25M
#MaxFileSize 30M
# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
# file, all files within it will also be scanned. This options specifies how
# deeply the process should be continued.
# Note: setting this limit too high may result in severe damage to the system.
# Default: 16
#MaxRecursion 10
# Number of files to be scanned within an archive, a document, or any other
# container file.
# Value of 0 disables the limit.
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 10000
#MaxFiles 15000
## Clamuko settings
# Enable Clamuko. Dazuko must be configured and running. Clamuko supports
# both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS
# is the preferred option. For more information please visit www.dazuko.org
# Default: no
#ClamukoScanOnAccess yes
# The number of scanner threads that will be started (DazukoFS only).
# Having multiple scanner threads allows Clamuko to serve multiple
# processes simultaneously. This is particularly beneficial on SMP machines.
# Default: 3
#ClamukoScannerCount 3
# Don't scan files larger than ClamukoMaxFileSize
# Value of 0 disables the limit.
# Default: 5M
#ClamukoMaxFileSize 10M
# Set access mask for Clamuko (Dazuko only).
# Default: no
#ClamukoScanOnOpen yes
#ClamukoScanOnClose yes
#ClamukoScanOnExec yes
# Set the include paths (all files inside them will be scanned). You can have
# multiple ClamukoIncludePath directives but each directory must be added
# in a seperate line. (Dazuko only)
# Default: disabled
#ClamukoIncludePath /home
#ClamukoIncludePath /students
# Set the exclude paths. All subdirectories are also excluded. (Dazuko only)
# Default: disabled
#ClamukoExcludePath /home/bofh
# With this option you can whitelist specific UIDs. Processes with these UIDs
# will be able to access all files.
# This option can be used multiple times (one per line).
# Default: disabled
#ClamukoExcludeUID 0
# With this option enabled ClamAV will load bytecode from the database.
# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses.
# Default: yes
#Bytecode yes
# Set bytecode security level.
# Possible values:
# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS
# This value is only available if clamav was built with --enable-debug!
# TrustSigned - trust bytecode loaded from signed .c[lv]d files,
# insert runtime safety checks for bytecode loaded from other sources
# Paranoid - don't trust any bytecode, insert runtime checks for all
# Recommended: TrustSigned, because bytecode in .cvd files already has these checks
# Note that by default only signed bytecode is loaded, currently you can only
# load unsigned bytecode in --enable-debug mode.
# Default: TrustSigned
#BytecodeSecurity TrustSigned
# Set bytecode timeout in miliseconds.
# Default: 5000
# BytecodeTimeout 1000
My freshclam.conf:
## Please read the freshclam.conf(5) manual before editing this file.
# Comment or remove the line below.
#Example
# Path to the database directory.
# WARNING: It must match clamd.conf's directive!
# Default: hardcoded (depends on installation options)
#DatabaseDirectory /var/lib/clamav
# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/clamav/freshclam.log
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes).
# in bytes just don't use modifiers.
# Default: 1M
#LogFileMaxSize 2M
# Log time with each message.
# Default: no
#LogTime yes
# Enable verbose logging.
# Default: no
#LogVerbose yes
# Use system logger (can work together with UpdateLogFile).
# Default: no
#LogSyslog yes
# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
# Default: LOG_LOCAL6
#LogFacility LOG_MAIL
# This option allows you to save the process identifier of the daemon
# Default: disabled
#PidFile /var/run/freshclam.pid
# By default when started freshclam drops privileges and switches to the
# "clamav" user. This directive allows you to change the database owner.
# Default: clamav (may depend on installation options)
#DatabaseOwner clamav
# Initialize supplementary group access (freshclam must be started by root).
# Default: no
#AllowSupplementaryGroups yes
# Use DNS to verify virus database version. Freshclam uses DNS TXT records
# to verify database and software versions. With this directive you can change
# the database verification domain.
# WARNING: Do not touch it unless you're configuring freshclam to use your
# own database verification domain.
# Default: current.cvd.clamav.net
#DNSDatabaseInfo current.cvd.clamav.net
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# You can use db.XY.ipv6.clamav.net for IPv6 connections.
#DatabaseMirror db.XY.clamav.net
# database.clamav.net is a round-robin record which points to our most
# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
# not working. DO NOT TOUCH the following line unless you know what you
# are doing.
DatabaseMirror database.clamav.net
# How many attempts to make before giving up.
# Default: 3 (per mirror)
#MaxAttempts 5
# With this option you can control scripted updates. It's highly recommended
# to keep it enabled.
# Default: yes
#ScriptedUpdates yes
# By default freshclam will keep the local databases (.cld) uncompressed to
# make their handling faster. With this option you can enable the compression;
# the change will take effect with the next database update.
# Default: no
#CompressLocalDatabase no
# With this option you can provide custom sources (http:// or file://) for
# database files. This option can be used multiple times.
# Default: no custom URLs
#DatabaseCustomURL http://myserver.com/mysigs.ndb
#DatabaseCustomURL file:///mnt/nfs/local.hdb
# Number of database checks per day.
# Default: 12 (every two hours)
#Checks 24
# Proxy settings
# Default: disabled
#HTTPProxyServer myproxy.com
#HTTPProxyPort 1234
#HTTPProxyUsername myusername
#HTTPProxyPassword mypass
# If your servers are behind a firewall/proxy which applies User-Agent
# filtering you can use this option to force the use of a different
# User-Agent header.
# Default: clamav/version_number
#HTTPUserAgent SomeUserAgentIdString
# Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for
# multi-homed systems.
# Default: Use OS'es default outgoing IP address.
#LocalIPAddress aaa.bbb.ccc.ddd
# Send the RELOAD command to clamd.
# Default: no
NotifyClamd /etc/clamav/clamd.conf
# Run command after successful database update.
# Default: disabled
#OnUpdateExecute command
# Run command when database update process fails.
# Default: disabled
#OnErrorExecute command
# Run command when freshclam reports outdated version.
# In the command string %v will be replaced by the new version number.
# Default: disabled
#OnOutdatedExecute command
# Don't fork into background.
# Default: no
#Foreground yes
# Enable debug messages in libclamav.
# Default: no
#Debug yes
# Timeout in seconds when connecting to database server.
# Default: 30
#ConnectTimeout 60
# Timeout in seconds when reading from database server.
# Default: 30
#ReceiveTimeout 60
# With this option enabled, freshclam will attempt to load new
# databases into memory to make sure they are properly handled
# by libclamav before replacing the old ones.
# Default: yes
#TestDatabases yes
# When enabled freshclam will submit statistics to the ClamAV Project about
# the latest virus detections in your environment. The ClamAV maintainers
# will then use this data to determine what types of malware are the most
# detected in the field and in what geographic area they are.
# Freshclam will connect to clamd in order to get recent statistics.
# Default: no
#SubmitDetectionStats /path/to/clamd.conf
# Country of origin of malware/detection statistics (for statistical
# purposes only). The statistics collector at ClamAV.net will look up
# your IP address to determine the geographical origin of the malware
# reported by your installation. If this installation is mainly used to
# scan data which comes from a different location, please enable this
# option and enter a two-letter code (see http://www.iana.org/domains/root/db/)
# of the country of origin.
# Default: disabled
#DetectionStatsCountry country-code
# This option enables support for our "Personal Statistics" service.
# When this option is enabled, the information on malware detected by
# your clamd installation is made available to you through our website.
# To get your HostID, log on http://www.stats.clamav.net and add a new
# host to your host list. Once you have the HostID, uncomment this option
# and paste the HostID here. As soon as your freshclam starts submitting
# information to our stats collecting service, you will be able to view
# the statistics of this clamd installation by logging into
# http://www.stats.clamav.net with the same credentials you used to
# generate the HostID. For more information refer to:
# http://www.clamav.net/support/faq/faq-cctts/
# This feature requires SubmitDetectionStats to be enabled.
# Default: disabled
#DetectionStatsHostID unique-id
# This option enables support for Google Safe Browsing. When activated for
# the first time, freshclam will download a new database file (safebrowsing.cvd)
# which will be automatically loaded by clamd and clamscan during the next
# reload, provided that the heuristic phishing detection is turned on. This
# database includes information about websites that may be phishing sites or
# possible sources of malware. When using this option, it's mandatory to run
# freshclam at least every 30 minutes.
# Freshclam uses the ClamAV's mirror infrastructure to distribute the
# database and its updates but all the contents are provided under Google's
# terms of use. See http://code.google.com/support/bin/answer.py?answer=70015
# and http://safebrowsing.clamav.net for more information.
# Default: disabled
#SafeBrowsing yes
# This option enables downloading of bytecode.cvd, which includes additional
# detection mechanisms and improvements to the ClamAV engine.
# Default: enabled
#Bytecode yes
# Download an additional 3rd party signature database distributed through
# the ClamAV mirrors. Here you can find a list of available databases:
# http://www.clamav.net/download/cvd/3rdparty
# This option can be used multiple times.
#ExtraDatabase dbname1
#ExtraDatabase dbname2
Any help is much appreciated.MatejLach wrote:
clamd is running, user and group clamav all have the relevant permissions as far as I can tell, however upon scanning my mail, I always end up with the following error:
Scanning error:
/home/username/.claws-mail/mimetmp/0000000e.mimetmp: lstat() failed: Permission denied. ERROR
Seems like a permissions error to me... maybe check the actual file it is attempting to scan... I know it is in your home folder, but just to be sure, you might want to check that everything is sane. -
Issue with spamassassin, now mail not working
Hi ! I installed spamtrainer almost two months ago. Been feeding the [email protected] for several weeks now , 700 emails each day at least .
There was very little improvement if none at all. Tried to add "@local_domains_maps = (1)" to amavisd.conf last night thinking it might be the problem , though no virtual domain exist. This was one of the issue on the default Amavisd config. The other one is adding the symbolic link which I already done.
Computer froze while adding the parameter "@local_domains_maps = (1)", so I manually turn off the Power Mac, then mail stopped altogether. The mails are filing up but the clients couldn't send or receive since this incidence .
FF is the maincf. and amavis.conf
All help are greatly appreciated.
mail:/Users/sysadmin root# postconf -n
alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
always_bcc =
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
enable_server_options = yes
html_directory = no
inet_interfaces = all
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
luser_relay =
mail_owner = postfix
mailbox_size_limit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maps_rbl_domains =
message_size_limit = 31457280
mydestination = $myhostname,localhost.$mydomain,localhost,mail.cpplaw.com,cpplaw.com
mydomain = cpplaw.com
mydomain_fallback = localhost
myhostname = mail.cpplaw.com
mynetworks = 127.0.0.1/32,192.168.1.0/24,127.0.0.1
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
owner_request_special = no
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_client_restrictions = permit_mynetworks permit
smtpd_tls_key_file =
unknown_local_recipient_reject_code = 550
virtual_mailbox_domains =
virtual_transport = virtual
mail:/Users/sysadmin root# postconf -n
alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
always_bcc =
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
enable_server_options = yes
html_directory = no
inet_interfaces = all
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
luser_relay =
mail_owner = postfix
mailbox_size_limit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maps_rbl_domains =
message_size_limit = 31457280
mydestination = $myhostname,localhost.$mydomain,localhost,mail.cpplaw.com,cpplaw.com
mydomain = cpplaw.com
mydomain_fallback = localhost
myhostname = mail.cpplaw.com
mynetworks = 127.0.0.1/32,192.168.1.0/24,127.0.0.1
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
owner_request_special = no
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_client_restrictions = permit_mynetworks permit
smtpd_tls_key_file =
unknown_local_recipient_reject_code = 550
virtual_mailbox_domains =
virtual_transport = virtual
mail:/Users/sysadmin root#
_______________________Amavisd.cof_________________________
use strict;
# Configuration file for amavisd-new
# This software is licensed under the GNU General Public License (GPL).
# See comments at the start of amavisd-new for the whole license text.
#Sections:
# Section I - Essential daemon and MTA settings
# Section II - MTA specific
# Section III - Logging
# Section IV - Notifications/DSN, BOUNCE/REJECT/DROP/PASS destiny, quarantine
# Section V - Per-recipient and per-sender handling, whitelisting, etc.
# Section VI - Resource limits
# Section VII - External programs, virus scanners, SpamAssassin
# Section VIII - Debugging
#GENERAL NOTES:
# This file is a normal Perl code, interpreted by Perl itself.
# - make sure this file (or directory where it resides) is NOT WRITABLE
# by mere mortals, otherwise it represents a severe security risk!
# - for values which are interpreted as booleans, it is recommended
# to use 1 for true, and 0 or undef or '' for false.
# THIS IS DIFFERENT FROM OLDER AMAVIS VERSIONS where "no" also meant false,
# now it means true, like any nonempty string does!
# - Perl syntax applies. Most notably: strings in "" may include variables
# (which start with $ or @); to include characters @ and $ in double
# quoted strings, precede them by a backslash; in single-quoted strings
# the $ and @ lose their special meaning, so it is usually easier to use
# single quoted strings. Still, in both cases a backslash need to be doubled
# - variables with names starting with a '@' are lists, the values assigned
# to them should be lists as well, e.g. ('one@foo', $mydomain, "three");
# note the comma-separation and parenthesis. If strings in the list
# do not contain spaces nor variables, a Perl operator qw() may be used
# as a shorthand to split its argument on whitespace and produce a list
# of strings, e.g. qw( one@foo example.com three ); Note that the argument
# to qw is quoted implicitly and no variable interpretation is done within
# (no '$' variable evaluations). The #-initiated comments can not be used
# within the string. In other words, $ and # lose their special meaning
# withing a qw argument, just like within '...' strings.
# - all e-mail addresses in this file and as used internally by the daemon
# are in their raw (rfc2821-unquoted and nonbracketed) form, i.e.
# Bob "Funny" [email protected], not: "Bob \"Funny\" Dude"@example.com
# and not <"@example.com>; also: '' and not ''.
# Section I - Essential daemon and MTA settings
# $MYHOME serves as a quick default for some other configuration settings.
# More refined control is available with each individual setting further down.
# $MYHOME is not used directly by the program. No trailing slash!
#$MYHOME = '/var/lib/amavis'; # (default is '/var/amavis')
# : $mydomain serves as a quick default for some other configuration settings.
# : More refined control is available with each individual setting further down.
# : $mydomain is never used directly by the program.
$mydomain = 'cpplaw.com'; aol.com'; # (no useful default)
# Set the user and group to which the daemon will change if started as root
# (otherwise just keep the UID unchanged, and these settings have no effect):
$daemon_user = 'clamav'; # (no default; customary: vscan or amavis)
$daemon_group = 'clamav'; # (no default; customary: vscan or amavis)
# Runtime working directory (cwd), and a place where
# temporary directories for unpacking mail are created.
# (no trailing slash, may be a scratch file system)
$TEMPBASE = $MYHOME; # (must be set if other config vars use is)
#$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean?
# $helpers_home sets environment variable HOME, and is passed as option
# 'home_dir_for_helpers' to Mail::SpamAssassin::new. It should be a directory
# on a normal persistent file system, not a scratch or temporary file system
#$helpers_home = $MYHOME; # (defaults to $MYHOME)
#$daemon_chroot_dir = $MYHOME; # (default is undef, meaning: do not chroot)
#$pid_file = "$MYHOME/amavisd.pid"; # (default is "$MYHOME/amavisd.pid")
#$lock_file = "$MYHOME/amavisd.lock"; # (default is "$MYHOME/amavisd.lock")
# set environment variables if you want (no defaults):
$ENV{TMPDIR} = $TEMPBASE; # wise, but usually not necessary
# MTA SETTINGS, UNCOMMENT AS APPROPRIATE,
# both $forward_method and $notify_method default to 'smtp:127.0.0.1:10025'
# POSTFIX, or SENDMAIL in dual-MTA setup, or EXIM V4
# (set host and port number as required; host can be specified
# as IP address or DNS name (A or CNAME, but MX is ignored)
#$forward_method = 'smtp:127.0.0.1:10025'; # where to forward checked mail
#$notify_method = $forward_method; # where to submit notifications
# NOTE: The defaults (above) are good for Postfix or dual-sendmail. You MUST
# uncomment the approprate settings below if using other setups!
# SENDMAIL MILTER, using amavis-milter.c helper program:
#$forward_method = undef; # no explicit forwarding, sendmail does it by itself
# milter; option -odd is needed to avoid deadlocks
#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -odd -f ${sender} -- ${recipient}';
# just a thought: can we use use -Am instead of -odd ?
# SENDMAIL (old non-milter setup, as relay):
#$forward_method = 'pipe:flags=q argv=/usr/sbin/sendmail -C/etc/sendmail.orig.cf -i -f ${sender} -- ${recipient}';
#$notify_method = $forward_method;
# SENDMAIL (old non-milter setup, amavis.c calls local delivery agent):
#$forward_method = undef; # no explicit forwarding, amavis.c will call LDA
#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -f ${sender} -- ${recipient}';
# EXIM v3 (not recommended with v4 or later, which can use SMTP setup instead):
#$forward_method = 'pipe:flags=q argv=/usr/sbin/exim -oMr scanned-ok -i -f ${sender} -- ${recipient}';
#$notify_method = $forward_method;
# prefer to collect mail for forwarding as BSMTP files?
#$forward_method = "bsmtp:$MYHOME/out-%i-%n.bsmtp";
#$notify_method = $forward_method;
# Net::Server pre-forking settings
# You may want $max_servers to match the width of your MTA pipe
# feeding amavisd, e.g. with Postfix the 'Max procs' field in the
# master.cf file, like the '2' in the: smtp-amavis unix - - n - 2 smtp
$max_servers = 2; # number of pre-forked children (default 2)
$max_requests = 10; # retire a child after that many accepts (default 10)
$child_timeout=5*60; # abort child if it does not complete each task in n sec
# (default: 8*60 seconds)
# Check also the settings of @av_scanners at the end if you want to use
# virus scanners. If not, you may want to delete the whole long assignment
# to the variable @av_scanners, which will also remove the virus checking
# code (e.g. if you only want to do spam scanning).
# Here is a QUICK WAY to completely DISABLE some sections of code
# that WE DO NOT WANT (it won't even be compiled-in).
# For more refined controls leave the following two lines commented out,
# and see further down what these two lookup lists really mean.
#@bypass_virus_checks_acl = qw( . ); # uncomment to DISABLE anti-virus code
#@bypass_spam_checks_acl = qw( . ); # uncomment to DISABLE anti-spam code
# Any setting can be changed with a new assignment, so make sure
# you do not unintentionally override these settings further down!
# Lookup list of local domains (see README.lookups for syntax details)
# NOTE:
# For backwards compatibility the variable names @local_domains (old) and
# @local_domains_acl (new) are synonyms. For consistency with other lookups
# the name @local_domains_acl is now preferred. It also makes it more
# obviously distinct from the new %local_domains hash lookup table.
# local_domains* lookup tables are used in deciding whether a recipient
# is local or not, or in other words, if the message is outgoing or not.
# This affects inserting spam-related headers for local recipients,
# limiting recipient virus notifications (if enabled) to local recipients,
# in deciding if address extension may be appended, and in SQL lookups
# for non-fqdn addresses. Set it up correctly if you need features
# that rely on this setting (or just leave empty otherwise).
# With Postfix (2.0) a quick reminder on what local domains normally are:
# a union of domains spacified in: $mydestination, $virtual_alias_domains,
# $virtual_mailbox_domains, and $relay_domains.
@local_domains_acl = ( ".$mydomain" ); # $mydomain and its subdomains
# @local_domains_acl = qw(); # default is empty, no recipient treated as local
# @local_domains_acl = qw( .example.com );
# @local_domains_acl = qw( .example.com !host.sub.example.net .sub.example.net );
# @local_domains_acl = ( ".$mydomain", '.example.com', 'sub.example.net' );
# or alternatively(A), using a Perl hash lookup table, which may be assigned
# directly, or read from a file, one domain per line; comments and empty lines
# are ignored, a dot before a domain name implies its subdomains:
#read_hash(\%local_domains, '/var/amavis/local_domains');
#or alternatively(B), using a list of regular expressions:
# $local_domains_re = new_RE( qr'[@.]example\.com$'i );
# see README.lookups for syntax and semantics
# Section II - MTA specific (defaults should be ok)
# if $relayhost_is_client is true, IP address in $notify_method and
# $forward_method is dynamically overridden with SMTP client peer address
# if available, which makes possible for several hosts to share one daemon
#$relayhost_is_client = 1; # (defaults to false)
#$insert_received_line = 1; # behave like MTA: insert 'Received:' header
# (does not apply to sendmail/milter)
# (default is true)
# AMAVIS-CLIENT PROTOCOL INPUT SETTINGS (e.g. with sendmail milter)
# (used with amavis helper clients like amavis-milter.c and amavis.c,
# NOT needed for Postfix and Exim)
$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
#$unix_socketname = undef; # disable listening on a unix socket
# (default is undef, i.e. disabled)
# (usual setting is $MYHOME/amavisd.sock)
# Do we receive quoted or raw addresses from the helper program?
# (does not apply to SMTP; defaults to true)
#$gets_addr_in_quoted_form = 1; # "Bob \"Funny\" Dude"@example.com
#$gets_addr_in_quoted_form = 0; # Bob "Funny" [email protected]
# SMTP SERVER (INPUT) PROTOCOL SETTINGS (e.g. with Postfix, Exim v4, ...)
# (used when MTA is configured to pass mail to amavisd via SMTP or LMTP)
$inet_socket_port = 10024; # accept SMTP on this local TCP port
# (default is undef, i.e. disabled)
# multiple ports may be provided: $inet_socket_port = [10024, 10026, 10028];
# SMTP SERVER (INPUT) access control
# - do not allow free access to the amavisd SMTP port !!!
# when MTA is at the same host, use the following (one or the other or both):
#$inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface
# (default is '127.0.0.1')
@inet_acl = qw( 127.0.0.1 ); # allow SMTP access only from localhost IP
# (default is qw( 127.0.0.1 ) )
# when MTA (one or more) is on a different host, use the following:
#@inet_acl = qw(127/8 10.1.0.1 10.1.0.2); # adjust the list as appropriate
#$inet_socket_bind = undef; # bind to all IP interfaces
# Example1:
# @inet_acl = qw( 127/8 10/8 172.16/12 192.168/16 );
# permit only SMTP access from loopback and rfc1918 private address space
# Example2:
# @inet_acl = qw( !192.168.1.12 172.16.3.3 !172.16.3/255.255.255.0
# 127.0.0.1 10/8 172.16/12 192.168/16 );
# matches loopback and rfc1918 private address space except host 192.168.1.12
# and net 172.16.3/24 (but host 172.16.3.3 within 172.16.3/24 still matches)
# Example3:
# @inet_acl = qw( 127/8
# !172.16.3.0 !172.16.3.127 172.16.3.0/25
# !172.16.3.128 !172.16.3.255 172.16.3.128/25 );
# matches loopback and both halves of the 172.16.3/24 C-class,
# split into two subnets, except all four broadcast addresses
# for these subnets
# See README.lookups for details on specifying access control lists.
# Section III - Logging
# true (e.g. 1) => syslog; false (e.g. 0) => logging to file
$DO_SYSLOG = 0; # (defaults to false)
#$SYSLOG_LEVEL = 'user.info'; # (defaults to 'mail.info')
# Log file (if not using syslog)
$LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
#NOTE: levels are not strictly observed and are somewhat arbitrary
# 0: startup/exit/failure messages, viruses detected
# 1: args passed from client, some more interesting messages
# 2: virus scanner output, timing
# 3: server, client
# 4: decompose parts
# 5: more debug details
$log_level = 4; # (defaults to 0)
# Customizeable template for the most interesting log file entry (e.g. with
# $log_level=0) (take care to properly quote Perl special characters like '\')
# For a list of available macros see README.customize .
# only log infected messages (useful with log level 0):
# $log_templ = '[? %#V |[? %#F ||banned filename ([%F|,])]|infected ([%V|,])]#
# [? %#V |[? %#F ||, from=<%o>, to=[<%R>|,][? %i ||, quarantine %i]]#
# |, from=<%o>, to=[<%R>|,][? %i ||, quarantine %i]]';
# log both infected and noninfected messages (default):
$log_templ = '[? %#V |[? %#F |[?%#D|Not-Delivered|Passed]|BANNED name/type (%F)]|INFECTED (%V)], #
<%o> -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c';
# Section IV - Notifications/DSN, BOUNCE/REJECT/DROP/PASS destiny, quarantine
# Select notifications text encoding when Unicode-aware Perl is converting
# text from internal character representation to external encoding (charset
# in MIME terminology)
# to be used in RFC 2047-encoded header field bodies, e.g. in Subject:
#$hdr_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
# to be used in notification body text: its encoding and Content-type.charset
#$bdy_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
# Default template texts for notifications may be overruled by directly
# assigning new text to template variables, or by reading template text
# from files. A second argument may be specified in a call to read_text(),
# specifying character encoding layer to be used when reading from the
# external file, e.g. 'utf8', 'iso-8859-1', or often just $bdy_encoding.
# Text will be converted to internal character representation by Perl 5.8.0
# or later; second argument is ignored otherwise. See PerlIO::encoding,
# Encode::PerlIO and perluniintro man pages.
# $notify_sender_templ = read_text('/var/amavis/notify_sender.txt');
# $notify_virus_sender_templ= read_text('/var/amavis/notify_virus_sender.txt');
# $notify_virus_admin_templ = read_text('/var/amavis/notify_virus_admin.txt');
# $notify_virus_recips_templ= read_text('/var/amavis/notify_virus_recips.txt');
# $notify_spam_sender_templ = read_text('/var/amavis/notify_spam_sender.txt');
# $notify_spam_admin_templ = read_text('/var/amavis/notify_spam_admin.txt');
# If notification template files are collectively available in some directory,
# use read_l10n_templates which calls read_text for each known template.
# read_l10n_templates('/etc/amavis/en_US');
# Here is an overall picture (sequence of events) of how pieces fit together
# (only virus controls are shown, spam controls work the same way):
# bypass_virus_checks set for all recipients? ==> PASS
# no viruses? ==> PASS
# log virus if $log_templ is nonempty
# quarantine if $virus_quarantine_to is nonempty
# notify admin if $virus_admin (lookup) nonempty
# notify recips if $warnvirusrecip and (recipient is local or $warn_offsite)
# add address extensions for local recipients (when enabled)
# send (non-)delivery notifications
# to sender if DSN needed (BOUNCE) or ($warnvirussender and D_PASS)
# virus_lovers or final_destiny==D_PASS ==> PASS
# DISCARD (2xx) or REJECT (5xx) (depending on final_*_destiny)
# Equivalent flow diagram applies for spam checks.
# If a virus is detected, spam checking is skipped entirely.
# The following symbolic constants can be used in *destiny settings:
# D_PASS mail will pass to recipients, regardless of bad contents;
# D_DISCARD mail will not be delivered to its recipients, sender will NOT be
# notified. Effectively we lose mail (but will be quarantined
# unless disabled). Not a decent thing to do for a mailer.
# D_BOUNCE mail will not be delivered to its recipients, a non-delivery
# notification (bounce) will be sent to the sender by amavisd-new;
# Exception: bounce (DSN) will not be sent if a virus name matches
# $viruses_that_fake_sender_re, or to messages from mailing lists
# (Precedence: bulk|list|junk);
# D_REJECT mail will not be delivered to its recipients, sender should
# preferably get a reject, e.g. SMTP permanent reject response
# (e.g. with milter), or non-delivery notification from MTA
# (e.g. Postfix). If this is not possible (e.g. different recipients
# have different tolerances to bad mail contents and not using LMTP)
# amavisd-new sends a bounce by itself (same as D_BOUNCE).
# Notes:
# D_REJECT and D_BOUNCE are similar, the difference is in who is responsible
# for informing the sender about non-delivery, and how informative
# the notification can be (amavisd-new knows more than MTA);
# With D_REJECT, MTA may reject original SMTP, or send DSN (delivery status
# notification, colloquially called 'bounce') - depending on MTA;
# Best suited for sendmail milter, especially for spam.
# With D_BOUNCE, amavisd-new (not MTA) sends DSN (can better explain the
# reason for mail non-delivery, but unable to reject the original
# SMTP session). Best suited to reporting viruses, and for Postfix
# and other dual-MTA setups, which can't reject original client SMTP
# session, as the mail has already been enqueued.
$final_virus_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_spam_destiny = D_PASS; # (defaults to D_REJECT)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
# Alternatives to consider for spam:
# - use D_PASS if clients will do filtering based on inserted mail headers;
# - use D_DISCARD, if kill_level is set safely high;
# - use D_BOUNCE instead of D_REJECT if not using milter;
# There are no sensible alternatives to D_BOUNCE for viruses, but consider:
# - use D_PASS (or virus_lovers) and $warnvirussender=1 to deliver viruses;
# - use D_REJECT instead of D_BOUNCE if using milter and under heavy
# virus storm;
# Don't bother to set both D_DISCARD and $warn*sender=1, it will get mapped
# to D_BOUNCE.
# The separation of *_destiny values into D_BOUNCE, D_REJECT, D_DISCARD
# and D_PASS made settings $warnvirussender and $warnspamsender only still
# useful with D_PASS.
# The following $warn*sender settings are ONLY used when mail is
# actually passed to recipients ($final_*_destiny=D_PASS, or *_lovers*).
# Bounces or rejects produce non-delivery status notification anyway.
# Notify virus sender?
#$warnvirussender = 1; # (defaults to false (undef))
# Notify spam sender?
#$warnspamsender = 1; # (defaults to false (undef))
# Notify sender of banned files?
#$warnbannedsender = 1; # (defaults to false (undef))
# Notify sender of syntactically invalid header containing non-ASCII characters?
#$warnbadhsender = 1; # (defaults to false (undef))
# Notify virus (or banned files) RECIPIENT?
# (not very useful, but some policies demand it)
#$warnvirusrecip = 1; # (defaults to false (undef))
#$warnbannedrecip = 1; # (defaults to false (undef))
# Notify also non-local virus/banned recipients if $warn*recip is true?
# (including those not matching local_domains*)
#$warn_offsite = 1; # (defaults to false (undef), i.e. only notify locals)
# Treat envelope sender address as unreliable and don't send sender
# notification / bounces if name(s) of detected virus(es) match the list.
# Note that virus names are supplied by external virus scanner(s) and are
# not standardized, so virus names may need to be adjusted.
# See README.lookups for syntax.
$viruses_that_fake_sender_re = new_RE(
qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i );
# where to send ADMIN VIRUS NOTIFICATIONS (should be a fully qualified address)
# - the administrator address may be a simple fixed e-mail address (a scalar),
# or may depend on the SENDER address (e.g. its domain), in which case
# a ref to a hash table can be specified (specify lower-cased keys,
# dot is a catchall, see README.lookups).
# Empty or undef lookup disables virus admin notifications.
$virus_admin = '[email protected]';
# $virus_admin = undef; # do not send virus admin notifications (default)
# $virus_admin = {'not.example.com' => '', '.' => '[email protected]'};
# $virus_admin = '[email protected]';
# equivalent to $virus_admin, but for spam admin notifications:
#$spam_admin = '[email protected]';# $spam_admin = undef; # do not send spam admin notifications (default)
# $spam_admin = {'not.example.com' => '', '.' => '[email protected]'};
#advanced example, using a hash lookup table:
# - $virus_admin = {
# '[email protected]' => '[email protected]',
# '.sub1.example.com' => '[email protected]',
# '.sub2.example.com' => '', # don't send admin notifications
# 'a.sub3.example.com' => '[email protected]',
# '.sub3.example.com' => '[email protected]',
# '.example.com' => '[email protected]', # catchall for our virus senders
# '.' => '[email protected]', # catchall for the rest
# whom notification reports are sent from (ENVELOPE SENDER);
# may be a null reverse path, or a fully qualified address:
# (admin and recip sender addresses default to $mailfrom
# for compatibility, which in turn defaults to undef (empty) )
# If using strings in double quotes, don't forget to quote @, i.e. \@
$mailfrom_notify_admin = "virusalert\@$mydomain";
$mailfrom_notify_recip = "virusalert\@$mydomain";
$mailfrom_notify_spamadmin = "spam.police\@$mydomain";
# 'From' HEADER FIELD for sender and admin notifications.
# This should be a replyable address, see rfc1894. Not to be confused
# with $mailfrom_notify_sender, which is the envelope address and
# should be empty (null reverse path) according to rfc2821.
# $hdrfrom_notify_sender = "amavisd-new <postmaster\@$mydomain>";
# $hdrfrom_notify_sender = 'amavisd-new <[email protected]>';
# (defaults to: "amavisd-new <postmaster\@$myhostname>")
# $hdrfrom_notify_admin = $mailfrom_notify_admin;
# (defaults to: $mailfrom_notify_admin)
# $hdrfrom_notify_spamadmin = $mailfrom_notify_spamadmin;
# (defaults to: $mailfrom_notify_spamadmin)
# whom quarantined messages appear to be sent from (envelope sender)
$mailfrom_to_quarantine = undef; # original sender if undef, or set explicitly
# (default is undef)
# Location to put infected mail into: (applies to 'local:' quarantine method)
# empty for not quarantining, may be a file (mailbox),
# or a directory (no trailing slash)
# (the default value is undef, meaning no quarantine)
$QUARANTINEDIR = '/var/virusmails';
#$virus_quarantine_method = "local:virus-%i-%n"; # default
#$spam_quarantine_method = "local:spam-%b-%i-%n"; # default
#use the new 'bsmtp:' method as an alternative to the default 'local:'
#$virus_quarantine_method = "bsmtp:$QUARANTINEDIR/virus-%i-%n.bsmtp";
#$spam_quarantine_method = "bsmtp:$QUARANTINEDIR/spam-%b-%i-%n.bsmtp";
# When using the 'local:' quarantine method (default), the following applies:
# A finer control of quarantining is available through variable
# $virus_quarantine_to/$spam_quarantine_to. It may be a simple scalar string,
# or a ref to a hash lookup table, or a regexp lookup table object,
# which makes possible to set up per-recipient quarantine addresses.
# The value of scalar $virus_quarantine_to/$spam_quarantine_to (or a
# per-recipient lookup result from the hash table %$virus_quarantine_to)
# is/are interpreted as follows:
# VARIANT 1:
# empty or undef disables quarantine;
# VARIANT 2:
# a string NOT containg an '@';
# amavisd will behave as a local delivery agent (LDA) and will quarantine
# viruses to local files according to hash %local_delivery_aliases (pseudo
# aliases map) - see subroutine mail_to_local_mailbox() for details.
# Some of the predefined aliases are 'virus-quarantine' and 'spam-quarantine'.
# Setting $virus_quarantine_to ($spam_quarantine_to) to this string will:
# * if $QUARANTINEDIR is a directory, each quarantined virus will go
# to a separate file in the $QUARANTINEDIR directory (traditional
# amavis style, similar to maildir mailbox format);
# * otherwise $QUARANTINEDIR is treated as a file name of a Unix-style
# mailbox. All quarantined messages will be appended to this file.
# Amavisd child process must obtain an exclusive lock on the file during
# delivery, so this may be less efficient than using individual files
# or forwarding to MTA, and it may not work across NFS or other non-local
# file systems (but may be handy for pickup of quarantined files via IMAP
# for example);
# VARIANT 3:
# any email address (must contain '@').
# The e-mail messages to be quarantined will be handed to MTA
# for delivery to the specified address. If a recipient address local to MTA
# is desired, you may leave the domain part empty, e.g. 'infected@', but the
# '@' character must nevertheless be included to distinguish it from variant 2.
# This method enables more refined delivery control made available by MTA
# (e.g. its aliases file, other local delivery agents, dealing with
# privileges and file locking when delivering to user's mailbox, nonlocal
# delivery and forwarding, fan-out lists). Make sure the mail-to-be-quarantined
# will not be handed back to amavisd for checking, as this will cause a loop
# (hopefully broken at some stage)! If this can be assured, notifications
# will benefit too from not being unecessarily virus-scanned.
# By default this is safe to do with Postfix and Exim v4 and dual-sendmail
# setup, but probably not safe with sendmail milter interface without
# precaution.
# (the default value is undef, meaning no quarantine)
#$virus_quarantine_to = '[email protected]'; # traditional local quarantine
#$virus_quarantine_to = 'infected@'; # forward to MTA for delivery
#$virus_quarantine_to = "virus-quarantine\@$mydomain"; # similar
#$virus_quarantine_to = '[email protected]'; # similar
#$virus_quarantine_to = undef; # no quarantine
#$virus_quarantine_to = new_RE( # per-recip multiple quarantines
# [qr'^user@example\.com$'i => 'infected@'],
# [qr'^(.*)@example\.com$'i => 'virus-${1}@example.com'],
# [qr'^(.*)(@[^@])?$'i => 'virus-${1}${2}'],
# [qr/.*/ => 'virus-quarantine'] );
# similar for spam
# (the default value is undef, meaning no quarantine)
#$spam_quarantine_to = '[email protected]';
#$spam_quarantine_to = "spam-quarantine\@$mydomain";
#$spam_quarantine_to = new_RE( # per-recip multiple quarantines
# [qr'^(.*)@example\.com$'i => 'spam-${1}@example.com'],
# [qr/.*/ => 'spam-quarantine'] );
# In addition to per-recip quarantine, a by-sender lookup is possible. It is
# similar to $spam_quarantine_to, but the lookup key is the sender address:
#$spam_quarantine_bysender_to = undef; # dflt: no by-sender spam quarantine
# Add X-Virus-Scanned header field to mail?
$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: undef)
# Leave empty to add no header field # (default: undef)
$X_HEADER_LINE = "by amavisd-new at $mydomain";
$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone
#$remove_existing_x_scanned_headers= 1; # remove existing headers
# (defaults to false)
$remove_existing_spam_headers = 0; # leave existing X-Spam* headers alone
#$remove_existing_spam_headers = 1; # remove existing spam headers if
# spam scanning is enabled (default)
# set $bypass_decode_parts to true if you only do spam scanning, or if you
# have a good virus scanner that can deal with compression and recursively
# unpacking archives by itself, and save amavisd the trouble.
# Disabling decoding also causes banned_files checking to only see
# MIME names and MIME content types, not the content classification types
# as provided by the file(1) utility.
# It is a double-edged sword, make sure you know what you are doing!
#$bypass_decode_parts = 1; # (defaults to false)
# don't trust this file type or corresponding unpacker for this file type,
# keep both the original and the unpacked file
# (lookup key is what file(1) utility returned):
$keep_decoded_original_re = new_RE(
qr'^(ASCII|text|uuencoded|xxencoded|binhex)'i,
# Checking for banned MIME types and names. If any mail part matches,
# the whole mail is rejected, much like the way viruses are handled.
# A list in object $banned_filename_re can be defined to provide a list
# of Perl regular expressions to be matched against each part's:
# * Content-Type value (both declared and effective mime-type),
# including the possible security risk content types
# message/partial and message/external-body, as specified by rfc2046;
# * declared (recommended) file names as specified by MIME subfields
# Content-Disposition.filename and Content-Type.name, both in their
# raw (encoded) form and in rfc2047-decoded form if applicable;
# * file content type as guessed by 'file(1)' utility, both the raw result
# from file(1), as well as short type name, classified into names such as
# .asc, .txt, .html, .doc, .jpg, .pdf, .zip, .exe, ..., which is always
# beginning with a dot - see subroutine determine_file_types().
# This step is done only if $bypass_decode_parts is not true.
# * leave $banned_filename_re undefined to disable these checks
# (giving an empty list to new_RE() will also always return false)
$banned_filename_re = new_RE(
qr'\.[a-zA-Z][a-zA-Z0-9]{0,3}\.(vbs|pif|scr|bat|com|exe|dll)$'i, # double extension
# qr'.\.(exe|vbs|pif|scr|bat|com)$'i, # banned extension - basic
# qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js|
# jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb|
# vbe|vbs|wsc|wsf|wsh)$'ix, # banned extension - long
# qr'^\.(exe|zip|lha|tnef)$'i, # banned file(1) types
# qr'^application/x-msdownload$'i, # banned MIME types
# qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046
# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
# and http://www.cknow.com/vtutor/vtextensions.htm
# A little trick: a pattern qr'\.exe$' matches both a short type name '.exe',
# as well as any file name which happens to end with .exe. If only matching
# a file name is desired, but not the short name, a pattern qr'.\.exe$'i
# or similar may be used, which requires that at least one character preceeds
# the '.exe', and so it will never match short file types, which always start
# with a dot.
# Section V - Per-recipient and per-sender handling, whitelisting, etc.
# %virus_lovers, @virus_lovers_acl and $virus_lovers_re lookup tables:
# (these should be considered policy options, they do not disable checks,
# see bypas*checks for that!)
# Exclude certain RECIPIENTS from virus filtering by adding their lower-cased
# envelope e-mail address (or domain only) to the hash %virus_lovers, or to
# the access list @virus_lovers_acl - see README.lookups and examples.
# Make sure the appropriate form (e.g. external/internal) of address
# is used in case of virtual domains, or when mapping external to internal
# addresses, etc. - this is MTA-specific.
# Notifications would still be generated however (see the overall
# picture above), and infected mail (if passed) gets additional header:
# X-AMaViS-Alert: INFECTED, message contains virus: ...
# (header not inserted with milter interface!)
# NOTE (milter interface only): in case of multiple recipients,
# it is only possible to drop or accept the message in its entirety - for all
# recipients. If all of them are virus lovers, we'll accept mail, but if
# at least one recipient is not a virus lover, we'll discard the message.
# %bypass_virus_checks, @bypass_virus_checks_acl and $bypass_virus_checks_re
# lookup tables:
# (this is mainly a time-saving option, unlike virus_lovers* !)
# Similar in concept to %virus_lovers, a hash %bypass_virus_checks,
# access list @bypass_virus_checks_acl and regexp list $bypass_virus_checks_re
# are used to skip entirely the decoding, unpacking and virus checking,
# but only if ALL recipients match the lookup.
# %bypass_virus_checks/@bypass_virus_checks_acl/$bypass_virus_checks_re
# do NOT GUARANTEE the message will NOT be checked for viruses - this may
# still happen when there is more than one recipient for a message, and
# not all of them match these lookup tables. To guarantee virus delivery,
# a recipient must also match %virus_lovers/@virus_lovers_acl lookups
# (but see milter limitations above),
# NOTE: it would not be clever to base virus checks on SENDER address,
# since there are no guarantees that it is genuine. Many viruses
# and spam messages fake sender address. To achieve selective filtering
# based on the source of the mail (e.g. IP address, MTA port number, ...),
# use mechanisms provided by MTA if available.
# Similar to lookup tables controlling virus checking, there exist
# spam scanning, banned names/types, and headers_checks control counterparts:
# %spam_lovers, @spam_lovers_acl, $spam_lovers_re
# %banned_files_lovers, @banned_files_lovers_acl, $banned_files_lovers_re
# %bad_header_lovers, @bad_header_lovers_acl, $bad_header_lovers_re
# and:
# %bypass_spam_checks/@bypass_spam_checks_acl/$bypass_spam_checks_re
# %bypass_banned_checks/@bypass_banned_checks_acl/$bypass_banned_checks_re
# %bypass_header_checks/@bypass_header_checks_acl/$bypass_header_checks_re
# See README.lookups for details about the syntax.
# The following example disables spam checking altogether,
# since it matches any recipient e-mail address (any address
# is a subdomain of the top-level root DNS domain):
# @bypass_spam_checks_acl = qw( . );
# @bypass_header_checks_acl = qw( [email protected] );
# @bad_header_lovers_acl = qw( [email protected] );
# See README.lookups for further detail, and examples below.
# $virus_lovers{lc("postmaster\@$mydomain")} = 1;
# $virus_lovers{lc('[email protected]')} = 1;
# $virus_lovers{lc('[email protected]')} = 1;
# $virus_lovers{lc('some.user@')} = 1; # this recipient, regardless of domain
# $virus_lovers{lc('[email protected]')} = 0; # never, even if domain matches
# $virus_lovers{lc('example.com')} = 1; # this domain, but not its subdomains
# $virus_lovers{lc('.example.com')}= 1; # this domain, including its subdomains
#or:
# @virus_lovers_acl = qw( [email protected] !lab.xxx.com .xxx.com yyy.org );
# $bypass_virus_checks{lc('[email protected]')} = 1;
# @bypass_virus_checks_acl = qw( some.ddd !butnot.example.com .example.com );
# @virus_lovers_acl = qw( [email protected] );
# $virus_lovers_re = new_RE( qr'(helpdesk|postmaster)@example\.com$'i );
# $spam_lovers{lc("postmaster\@$mydomain")} = 1;
# $spam_lovers{lc('[email protected]')} = 1;
# $spam_lovers{lc('[email protected]')} = 1;
# @spam_lovers_acl = qw( !.example.com );
# $spam_lovers_re = new_RE( qr'^user@example\.com$'i );
# don't run spam check for these RECIPIENT domains:
# @bypass_spam_checks_acl = qw( d1.com .d2.com a.d3.com );
# or the other way around (bypass check for all BUT these):
# @bypass_spam_checks_acl = qw( !d1.com !.d2.com !a.d3.com . );
# a practical application: don't check outgoing mail for spam:
# @bypass_spam_checks_acl = ( "!.$mydomain", "." );
# (a downside of which is that such mail will not count as ham in SA bayes db)
# Where to find SQL server(s) and database to support SQL lookups?
# A list of triples: (dsn,user,passw). (dsn = data source name)
# Specify more than one for multiple (backup) SQL servers.
# See 'man DBI', 'man DBD::mysql', 'DBD::Pg', ... for details.
# @lookup_sql_dsn =
# ( ['DBI:mysql:mail:host1', 'some-username1', 'some-password1'],
# ['DBI:mysql:mail:host2', 'some-username2', 'some-password2'] );
# ('mail' in the example is the database name, choose what you like)
# With PostgreSQL the dsn (first element of the triple) may look like:
# 'DBI:Pg:host=host1;dbname=mail'
# The SQL select clause to fetch per-recipient policy settings.
# The %k will be replaced by a comma-separated list of query addresses
# (e.g. full address, domain only, catchall). Use ORDER, if there
# is a chance that multiple records will match - the first match wins.
# If field names are not unique (e.g. 'id'), the later field overwrites the
# earlier in a hash returned by lookup, which is why we use '*,users.id'.
# No need to uncomment the following assignment if the default is ok.
# $sql_select_policy = 'SELECT *,users.id FROM users,policy'.
# ' WHERE (users.policy_id=policy.id) AND (users.email IN (%k))'.
# ' ORDER BY users.priority DESC';
# The SQL select clause to check sender in per-recipient whitelist/blacklist
# The first SELECT argument '?' will be users.id from recipient SQL lookup,
# the %k will be sender addresses (e.g. full address, domain only, catchall).
# The default value is:
# $sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr'.
# ' WHERE (rid=?) AND (sid=mailaddr.id) AND (mailaddr.email IN (%k))'.
# ' ORDER BY mailaddr.priority DESC';
# To disable SQL white/black list, set to undef (otherwise comment-out
# the following statement, leaving it at the default value):
$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting
# If you decide to pass viruses (or spam) to certain recipients using the
# above lookup tables or using $final_virus_destiny=1, you can set
# the variable $addr_extension_virus ($addr_extension_spam) to some
# string, and the recipient address will have this string appended
# as an address extension to the local-part of the address. This extension
# can be used by final local delivery agent to place such mail in different
# folders. Leave these two variables undefined or empty strings to prevent
# appending address extensions. Setting has no effect on recipient which will
# not be receiving viruses/spam. Recipients who do not match lookup tables
# local_domains* are not affected.
# LDAs usually default to stripping away address extension if no special
# handling is specified, so having this option enabled normally does no harm,
# provided the $recipients_delimiter matches the setting on the final
# MTA's LDA.
# $addr_extension_virus = 'virus'; # (default is undef, same as empty)
# $addr_extension_spam = 'spam'; # (default is undef, same as empty)
# $addr_extension_banned = 'banned'; # (default is undef, same as empty)
# Delimiter between local part of the recipient address and address extension
# (which can optionally be added, see variables $addr_extension_virus and
# $addr_extension_spam). E.g. recipient address <[email protected]> gets changed
# to <[email protected]>.
# Delimiter should match equivalent (final) MTA delimiter setting.
# (e.g. for Postfix add 'recipient_delimiter = +' to main.cf)
# Setting it to an empty string or to undef disables this feature
# regardless of $addr_extension_virus and $addr_extension_spam settings.
$recipient_delimiter = '+'; # (default is '+')
# true: replace extension; false: append extension
# $replace_existing_extension = 1; # (default is false)
# Affects matching of localpart of e-mail addresses (left of '@')
# in lookups: true = case sensitive, false = case insensitive
$localpart_is_case_sensitive = 0; # (default is false)
# ENVELOPE SENDER WHITELISTING / BLACKLISTING - GLOBAL (RECIPIENT-INDEPENDENT)
# WHITELISTING: use ENVELOPE SENDER lookups to ENSURE DELIVERY from whitelisted
# senders even if the message is recognized as spam. Effectively, for the
# specified senders, message RECIPIENTS temporarily become 'spam_lovers', with
# further processing being the same as otherwise specified for spam lovers.
# It does not turn off inserting spam-related headers, if they are enabled.
# BLACKLISTING: messages from specified SENDERS are DECLARED SPAM.
# Effectively, for messages from blacklisted senders, spam level
# is artificially pushed high, and the normal spam processing applies,
# resulting in 'X-Spam-Flag: YES', high 'X-Spam-Level' bar and other usual
# reactions to spam, including possible rejection. If the message nevertheless
# still passes (e.g. for spam loving recipients), it is tagged as BLACKLISTED
# in the 'X-Spam-Status' header field, but the reported spam value and
# set of tests in this report header field (if available from SpamAssassin,
# which may have not been called) is not adjusted.
# A sender may be both white- and blacklisted at the same time,
# settings are independent. For example, being both white- and blacklisted,
# message is delivered to recipients, but is tagged as spam.
# If ALL recipients of the message either white- or blacklist the sender,
# spam scanning (calling the SpamAssassin) is bypassed, saving on time.
# The following variables (lookup tables) are available, with the semantics
# and syntax as specified in README.lookups:
# %whitelist_sender, @whitelist_sender_acl, $whitelist_sender_re
# %blacklist_sender, @blacklist_sender_acl, $blacklist_sender_re
# SOME EXAMPLES:
#ACL:
# @whitelist_sender_acl = qw( .example.com );
# @whitelist_sender_acl = ( ".$mydomain" ); # $mydomain and its subdomains
# NOTE: This is not a reliable way of turning off spam checks for
# locally-originating mail, as sender address can easily be faked.
# To reliably avoid spam-scanning outgoing mail,
# use @bypass_spam_checks_acl .
#RE:
# $whitelist_sender_re = new_RE(
# qr'^postmaster@.*\bexample\.com$'i,
# qr'^owner-[^@]*@'i, qr'-request@'i,
# qr'\.example\.com$'i );
$blacklist_sender_re = new_RE(
qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
qr'^(investments|lose_weight_today|market.alert|money2you|MyGreenCard)@'i,
qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,
qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,
#HASH lookup variant:
# NOTE: Perl operator qw splits its argument string by whitespace
# and produces a list. This means that addresses can not contain
# whitespace, and there is no provision for comments within the string.
# You can use the normal Perl list syntax if you have special requirements,
# e.g. map {...} ('one user@bla', '.second.com'), or use read_hash to read
# addresses from a file.
# a hash lookup table can be read from a file,
# one address per line, comments and empty lines are permitted:
# read_hash(\%whitelist_sender, '/var/amavis/whitelist_sender');
# ... or set directly:
# $whitelist_sender{''} = 1; # don't spam-check MTA bounces
map { $whitelist_sender{lc($_)}=1 } (qw(
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
returns.groups.yahoo.com
# ENVELOPE SENDER WHITELISTING / BLACKLISTING - PER-RECIPIENT
# The same semantics as for global white/blacklisting applies, but this
# time each recipient (or its domain, or subdomain, ...) can be given
# an individual lookup table for matching senders. The per-recipient lookups
# override the global lookups, which serve as a fallback default.
# Specify a two-level lookup table: the key for the outer table is recipient,
# and the result should be an inner lookup table (hash or ACL or RE),
# where the key used will be the sender.
#$per_recip_blacklist_sender_lookup_tables = {
# '[email protected]'=>new_RE(qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i),
# '[email protected]'=>[qw( [email protected],org .d2.example,org )],
#$per_recip_whitelist_sender_lookup_tables = {
# '[email protected]' => [qw( [email protected] .other.example.org )],
# '.my1.example.com' => [qw( !foe.other.example,org .other.example,org )],
# '.my2.example.com' => read_hash('/var/amavis/my2-wl.dat'),
# 'abuse@' => { 'postmaster@'=>1,
# '[email protected]'=>1, '[email protected]'=>1 },
# Section VI - Resource limits
# Sanity limit to the number of allowed recipients per SMTP transaction
# $smtpd_recipient_limit = 1000; # (default is 1000)
# Resource limitations to protect against mail bombs (e.g. 42.zip)
# Maximum recursion level for extraction/decoding (0 or undef disables limit)
$MAXLEVELS = 14; # (default is undef, no limit)
# Maximum number of extracted files (0 or undef disables the limit)
$MAXFILES = 1500; # (default is undef, no limit)
# For the cumulative total of all decoded mail parts we set max storage size
# to defend against mail bombs. Even though parts may be deleted (replaced
# by decoded text) during decoding, the size they occupied is _not_ returned
# to the quota pool.
# Parameters to storage quota formula for unpacking/decoding/decompressing
# Formula:
# quota = max($MIN_EXPANSION_QUOTA,
# $mail_size*$MIN_EXPANSION_FACTOR,
# min($MAX_EXPANSION_QUOTA, $mail_size*$MAX_EXPANSION_FACTOR))
# In plain words (later condition overrules previous ones):
# allow MAX_EXPANSION_FACTOR times initial mail size,
# but not more than MAX_EXPANSION_QUOTA,
# but not less than MIN_EXPANSION_FACTOR times initial mail size,
# but never less than MIN_EXPANSION_QUOTA
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$MIN_EXPANSION_FACTOR = 5; # times original mail size (must be specified)
$MAX_EXPANSION_FACTOR = 500; # times original mail size (must be specified)
# Section VII - External programs, virus scanners
# Specify a path string, which is a colon-separated string of directories
# (no trailing slashes!) to be assigned to the environment variable PATH
# and to serve for locating external programs below.
# NOTE: if $daemon_chroot_dir is nonempty, the directories will be
# relative to the chroot directory specified;
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
# Specify one string or a search list of strings (first match wins).
# The string (or: each string in a list) may be an absolute path,
# or just a program name, to be located via $path;
# Empty string or undef (=default) disables the use of that external program.
# Optionally command arguments may be specified - only the first substring
# up to the whitespace is used for file searching.
$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj']; # both can extract, same options
$unrar = ['rar', 'unrar']; # both can extract, same options
$zoo = 'zoo';
$lha = 'lha';
$cpio = 'cpio';
# SpamAssassin settings
# $sa_local_tests_only is passed to Mail::SpamAssassin::new as a value
# of the option local_tests_only. See Mail::SpamAssassin man page.
# If set to 1, no tests that require internet access will be performed.
$sa_local_tests_only = 1; # (default: false)
#$sa_auto_whitelist = 1; # turn on AWL (default: false)
$sa_mail_body_size_limit = 64*1024; # don't waste time on SA if mail is larger
# (less than 1% of spam is > 64k)
# default: undef, no limitations
# default values, can be overridden by more specific lookups, e.g. SQL
$sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 3.0; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 22.0;
#$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
# at or above that level: bounce/reject/drop,
# quarantine, and adding mail address extension
# The $sa_tag_level_deflt, $sa_tag2_level_deflt and $sa_kill_level_deflt
# may also be hashrefs to hash lookup tables, to make static per-recipient
# settings possible without having to resort to SQL or LDAP lookups.
# a quick reference:
# tag_level controls adding the X-Spam-Status and X-Spam-Level headers,
# tag2_level controls adding 'X-Spam-Flag: YES', and editing Subject,
# kill_level controls 'evasive actions' (reject, quarantine, extensions);
# it only makes sense to maintain the relationship:
# tag_level <= tag2_level <= kill_level
# string to prepend to Subject header field when message exceeds tag2 level
$sa_spam_subject_tag = '*** JUNK MAIL ***'; # (defaults to undef, disables)
# (only seen when spam is not to be rejected
# and recipient is in local_domains*)
$sa_spam_modifies_subj = 1; # may be a ref to a lookup table, default is true
# Example: modify Subject for all local recipients except [email protected]
#$sa_spam_modifies_subj = [qw( [email protected] . )];
# @av_scanners is a list of n-tuples, where fields semantics is:
# 1. av scanner plain name, to be used in log and reports;
# 2. scanner program name; this string will be submitted to subroutine
# find_external_programs(), which will try to find the full program
# path name; if program is not found, this scanner is disabled.
# Besides a simple string (full program path name or just the basename
# to be looked for in PATH), this may be an array ref of alternative
# program names or full paths - the first match in the list will be used;
# As a special case for more complex scanners, this field may be
# a subroutine reference, and the whole n-tuple is passed to it as args.
# 3. command arguments to be given to the scanner program;
# a substring {} will be replaced by the directory name to be scanned,
# i.e. "$tempdir/parts"
# 4. an array ref of av scanner exit status values, or a regexp (to be
# matched against scanner output), indicating NO VIRUSES found;
# 5. an array ref of av scanner exit status values, or a regexp (to be
# matched against scanner output), indicating VIRUSES WERE FOUND;
# Note: the virus match prevails over a 'not found' match, so it is safe
# even if 4. matches for viruses too;
# 6. a regexp (to be matched against scanner output), returning a list
# of virus names found.
# 7. and 8.: (optional) subroutines to be executed before and after scanner
# (e.g. to set environment or current directory);
# see examples for these at KasperskyLab AVP and Sophos sweep.
# NOTES:
# - NOT DEFINING @av_scanners (e.g. setting it to empty list, or deleting the
# whole assignment) TURNS OFF LOADING AND COMPILING OF THE ANTIVIRUS CODE
# (which can be handy if all you want to do is spam scanning);
# - the order matters: although _all_ available entries from the list are
# always tried regardless of their verdict, scanners are run in the order
# specified: the report from the first one detecting a virus will be used
# (providing virus names and scanner output); REARRANGE THE ORDER TO WILL;
# - it doesn't hurt to keep an unused command line scanner entry in the list
# if the program can not be found; the path search is only performed once
# during the program startup;
# CORROLARY: to disable a scanner that _does_ exist on your system,
# comment out its entry or use undef or '' as its program name/path
# (second parameter). An example where this is almost a must: disable
# Sophos 'sweep' if you have its daemonized version Sophie or SAVI-Perl
# (same for Trophie/vscan, and clamd/clamscan), or if another unrelated
# program happens to have a name matching one of the entries ('sweep'
# again comes to mind);
# - it DOES HURT to keep unwanted entries which use INTERNAL SUBROUTINES
# for interfacing (where the second parameter starts with \&).
# Keeping such entry and not having a corresponding virus scanner daemon
# causes an unnecessary connection attempt (which eventually times out,
# but it wastes precious time). For this reason the daemonized entries
# are commented in the distribution - just remove the '#' where needed.
@av_scanners = (
# ### http://www.vanja.com/tools/sophie/
# ['Sophie',
# \&ask_daemon, ["{}/\n", '/var/run/sophie'],
# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/
# ['Sophos SAVI', \&sophos_savi ],
# ### http://clamav.elektrapro.com/
# ['Clam Antivirus-clamd',
# \&ask_daemon, ["CONTSCAN {}\n", '/var/amavis/clamd'],
# qr/\bOK$/, qr/\bFOUND$/,
# qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# # NOTE: run clamd under the same user as amavisd,
# # match the socket name in clamav.conf to the socket name in this entry
# ### http://www.openantivirus.org/
# ['OpenAntiVirus ScannerDaemon (OAV)',
# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'],
# qr/^OK/, qr/^FOUND: /, qr/^FOUND: (.+)/ ],
# ### http://www.vanja.com/tools/trophie/
# ['Trophie',
# \&ask_daemon, ["{}/\n", '/var/run/trophie'],
# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
# ### http://www.f-prot.com/
# ['FRISK F-Prot Daemon',
# \&ask_daemon,
# ["GET {}/*?-dumb%20-archive HTTP/1.0\r\n\r\n",
# ['127.0.0.1:10200','127.0.0.1:10201','127.0.0.1:10202',
# '127.0.0.1:10203','127.0.0.1:10204'] ],
# qr/(?i)<summary[^>]*>clean<\/summary>/,
# qr/(?i)<summary[^>]*>infected<\/summary>/,
# qr/(?i)<name>(.+)<\/name>/ ],
['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp','kavscanner'],
"-* -P -B -Y -O- {}", [0,3,8], [2,4], # any use for -A -K ?
qr/infected: (.+)/,
sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
['KasperskyLab AVPDaemonClient',
[ '/opt/AVP/kavdaemon', 'kavdaemon',
'/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
'/opt/AVP/AvpTeamDream', 'AvpTeamDream',
'/opt/AVP/avpdc', 'avpdc' ],
'{}', [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/ ],
# change the startup-script in /etc/init.d/kavd to:
# DPARMS="-I0 -Y -* /var/amavis"
# adjusting /var/amavis above to match your $TEMPBASE.
# NOTE: cd /opt/AVP/DaemonClients; configure; cd Sample; make
# cp AvpDaemonClient /opt/AVP/
### http://www.hbedv.com/ or http://www.centralcommand.com/
['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
['antivir','vexira'],
'--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
(?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
# NOTE: remove the -z if you only have a demo version
### http://www.commandsoftware.com/
['Command AntiVirus for Linux', 'csav',
'-all -archive -packed {}', [50], [51,52,53],
qr/Infection: (.+)/ ],
### http://www.symantec.com/
['Symantec CarrierScan via Symantec CommandLineScanner',
['cscmdline','savsecls'],
'-a scan -i 1 -v -s 127.0.0.1:7777 {}',
qr/Files Infected: 0/, qr/^Infected: /,
qr/Info:\s+(.+)/ ],
### http://drweb.imshop.de/
['DrWeb Antivirus for Linux/FreeBSD/Solaris', 'drweb',
'-al -ar -fm -go -ha -ml -ot -sd -up {}',
[0], [1], sub {('no-name')} ],
### http://www.f-secure.com/products/anti-virus/
['F-Secure Antivirus', 'fsav',
'--dumb --archive {}', [0], [3,8],
qr/(?:infection|Infected): (.+)/ ],
['CAI InoculateIT', 'inocucmd',
'-sec -nex {}', [0], [100],
qr/was infected by virus (.+)/ ],
['MkS_Vir for Linux (beta)', ['mks32','mks'],
'-s {}/*', [0], [1,2],
qr/--[ \t]*(.+)/ ],
['MkS_Vir daemon',
'mksscan', '-s -q {}', [0], [1..7],
qr/^... (\S+)/ ],
### http://www.nod32.com/
['ESET Software NOD32', 'nod32',
'-all -subdir+ {}', [0], [1,2],
qr/^.+? - (.+?)\s*(?:backdoor|joke|trojan|virus|worm)/ ],
### http://www.nod32.com/
['ESET Software NOD32 - Client/Server Version', 'nod32cli',
'-a -r -d recurse --heur standard {}', [0], [10,11],
qr/^\S+\s+infected:\s+(.+)/ ],
### http://www.norman.com/products_nvc.shtml
['Norman Virus Control v5 / Linux', 'nvccmd',
'-c -l:0 -s -u {}', [0], [1],
qr/(?i).* virus in .* -> \'(.+)\'/ ],
### http://www.pandasoftware.com/
['Panda Antivirus for Linux', ['pavcl','pavc'],
'-aut -aex -heu -cmp -nor -nso -eng {}',
qr/Number of files infected\.*: 0(?!\d)/,
qr/Number of files infected\.*: 0*[1-9]/,
qr/Found virus :\s*(\S+)/ ],
# Check your RAV license terms before fiddling with the following two lines!
# ['GeCAD RAV AntiVirus 8', 'ravav',
# '--all --archive --mail {}', [1], [2,3,4,You are welcome. I'm glad you got it back up.
(1) You say you did the symbolic link. I will assume this is set correctly; it's very important that it is.
(2) I don't know what you mean by "Been feeding the [email protected] for several weeks now, 700 emails each day at least." After the initial training period, SpamAssassin doesn't learn from mail it has already processed correctly. At this point, you only need to teach SpamAssassin when it is wrong. [email protected] should only be getting spam that is being passed as clean. Likewise, [email protected] should only be getting legitimate mail that is being flagged as junk. You are redirecting mail to both [email protected] and [email protected] ... right? SpamAssassin needs both.
(3) Next, as I said before, you need to implement those "Frontline spam defense for Mac OS X Server." Once you have that done and issue "postfix reload" you can look at your SMTP log in Server Admin and watch as Postfix blocks one piece of junk mail after another. It's kind of cool.
(4) Add some SARE rules:
Visit http://www.rulesemporium.com/rules.htm and download the following rules:
70sareadult.cf
70saregenlsubj0.cf
70sareheader0.cf
70sarehtml0.cf
70sareobfu0.cf
70sareoem.cf
70sarespoof.cf
70sarestocks.cf
70sareunsub.cf
72sare_redirectpost
Visit http://www.rulesemporium.com/other-rules.htm and download the following rules:
backhair.cf
bogus-virus-warnings.cf
chickenpox.cf
weeds.cf
Copy these rules to /etc/mail/spamassassin/
Then stop and restart mail services.
There are other things you can do, and you'll find differing opinions about such things. In general, I think implementing the "Frontline spam defense for Mac OS X Server" and adding the SARE rules will help a lot. Good luck! -
Why can't print to Xerox Splash or HP from Safari or Apple Mail?
I copy pasted this from the Printing and Faxing forum since it seems no one can answer my questions there. Maybe someone here has an answer.
From yesterday:
I just updated my computer from a G4 running 10.3.9 to a G5 running 10.4.5. I used the migrate wizard so I didn't need to install anything new. All my applications even seem to work well. The only thing I can't do is print from Safari or Mail to an HP LaserJet 1320 or a Xerox Docucolor G630. I reinstalled the drivers for both printers and I still can't print. I can print from Quark and Acrobat Reader just fine. A few months ago, I set up a G5 workstation but with that one I needed to install everything from scratch and I'm able to print from Safari and Mail fine from that computer. What do I need to do?
One more thing, I tried printing a page from my System Profile and I can't. I click on the print button and nothing happens. I'm at a loss here. Where do I begin?
I hate to be persistant but I really need some help. Let me tell you what I've done so far.
I've gone to the HP site and downloaded the latest driver for the 1320n series printer and I reinstalled and set up the printer in the print center like I've always done with any of the printers I've set up before. I still can't print from Mail, Safari, and from the system. I see on the HP site that there is a fix in the Tiger system already (I think I'm reading that right) and I shouldn't be worrying about this.
I found in one of the other forum listings about a Foomatic/hpijs and I installed that one. Nothing printed. I tried using a Generic PPD. Nothing happened.
I reinstalled the Xerox Splash printer drivers from the disk and that didn't make a difference.
In the print window, I can't make a PDF, won't let me Preview, and won't let me Print. I click on the buttons and they won't even react. It doesn't do anything. But even with the new drivers I've set up since I started all this, I can still print from Quark and Acrobat Reader. So it seems it's got something to do with the system.
I'm really frustrated here. Can someone please give me a clue if they have one? Anything would be appreciated.
PowerMac G5 2.3GHz 250 HD 1.5 Gb RAM Mac OS X (10.4.5)Thanks a million for your input. I really appreciate it. I found the fix though in the troubleshooting section in the book I purchased from Dr. Smoke from the Forums. It's his X Lab for Tiger book. Dr. Smoke is THE BOMB! :~D I have to thank him again for his guru abilities!
There was a plugin that was afoul. The Xerox Accounting plugin was causing my print option not to respond along with the other buttons in the print window. I removed it from the plugin folder and now I can print. I'm glad that's all it was.
Thanks again!
PowerMac G5 2.3GHz 250 HD 1.5 Gb RAM Mac OS X (10.4.5) -
Mail "unexpectedly quits" -- connection to iCloud migration?
I'm stumped. I upgraded to 10.5 iTunes recently and since then, my mail, iCal, and address book are all on the fritz. Mail is a constant bomb... 3 seconds up and crash. iCal and AddressBook are a bit more stabile.
Running 10.6.8, MacBookPro 2010. Reinstalled to 10.6 from original disks, reinstalled all apps. Mail keeps crashing. Items I've searched for and have not located: mail preferences and a Library "bundle". In other threads these were recommended to be disposed of -- I would if they were there.
Wondering if this Apple pushing my "sync" to the iCloud service? I've turned off syncing in system prefs.
Anyone else seeing this issue with mail? Any solutions?
Thanks much.
[ Sidebar -- I'm not a fan of iCloud, I think it's going to be a huge mistake. I've used Mobile Me for years...I don't need iCloud and I will truly miss the iDisk feature. ]Launch the Console application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad. Click Utilities, then Console in the icon grid.
Step 1
Make sure the title of the Console window is All Messages. If it isn't, select All Messages from the SYSTEM LOG QUERIES menu on the left.
Enter the name of the crashed application or process in the Filter text field. Post the messages from the time of the last crash, if any — the text, please, not a screenshot.
When posting a log extract, be selective. In most cases, a few dozen lines are more than enough.
Please do not indiscriminately dump thousands of lines from the log into a message.
Important: Some private information, such as your name, may appear in the log. Edit it out by search-and-replace in a text editor before posting.
Step 2
Still in the Console window, look under User Diagnostic Reports for crash reports related to the process. The report name starts with the name of the crashed process, and ends with ".crash". Select the most recent report and post the entire contents — again, the text, not a screenshot. In the interest of privacy, I suggest that, before posting, you edit out the “Anonymous UUID,” a long string of letters, numbers, and dashes in the header of the report, if it’s present (it may not be.) Please don’t post shutdownStall, spin, or hang logs — they're very long and not helpful. -
My Mail App crashes and closes every time I try to access it. I can open the app and it will begin to check the mail then it closes. It will not let me do anything in the short time it is open. I have used the account for months without issue. The App says I have 25 new emails and does briefly show my new messages. I have deleted and recreated the account with no luck. I have gone online and removed all emails from the server so no incoming mail would be coming in and then recreated the account on the iPhone. I have powered down, powered up. Nothing seems to resolve this issue and my mail app has been rendered useless. I've done way more then the obvious to resolve this... Any Ideas???
I found this thread and though thank god I am not the only person with this problem.
My .mac Account works fine. However my Demon Account which has worked fine bombs out within seconds. It was working fine for the first week until this evening.
I have done a reset as discribed,
I have deleted the demon mail account on the phone and done a reset. reset up the Demon account and still get the same problem.
Then Tried; deleted the Demon mail account on the phone and done a reset, turned the phone off completely, Done an iTunes Restore, turn the phone off and back on again and then re-entered the account details.
Still have the same problems. I can't remove the stuff of the email server because I need to keep stuff there.
Can anyone offer some advice? -
Mail app crashes with large mailbox (25k+ messages)
When connected to an exchange account, large mailboxes, whether split across multiple folders or all in the inbox, cause the mail app to crash occasionally. Nothing is lost, but it is not behavior I am comfortable with and I want to know if there is a known fix for this issue (aside from the obvious "reduce the number of messages" answer).
Thanks!I found this thread and though thank god I am not the only person with this problem.
My .mac Account works fine. However my Demon Account which has worked fine bombs out within seconds. It was working fine for the first week until this evening.
I have done a reset as discribed,
I have deleted the demon mail account on the phone and done a reset. reset up the Demon account and still get the same problem.
Then Tried; deleted the Demon mail account on the phone and done a reset, turned the phone off completely, Done an iTunes Restore, turn the phone off and back on again and then re-entered the account details.
Still have the same problems. I can't remove the stuff of the email server because I need to keep stuff there.
Can anyone offer some advice? -
Apple Mail Pop Server Configuration
Hi all,
It's not often I post on here but here we go. I have been using Macs ever since the Lisa Electronic Office and have always been perplexed by one strange quirk of the Apple Mail account configuration process. This quirk is now becoming extremely troublesome.
I use BT/Yahoo (I'm not talking about the famous password rejection problem). One main account and several sub-accounts which, for all intents and purposes, can be considered as separate accounts.
Now the problem arises because, while each has a separate email address, they all use the same pop server settings. ie. mail.btinternet.com.
Mail will not allow me to use two accounts with the same pop settings. I can set up and verify the account (doesn't stay on-line because SSL is set and the port is wrong) but when I come make a change and save it I get the message:
Invalid Directory
The account path /Users/fredbloggs/Library/Mail/V2/[email protected]@mail.btinternet.com is already being used by the account “Another One”
Obviously I've changed the account names. Another One is one of my other accounts. I've got one working by using pop.btinternet.com but I've run out of working aliases. I should be able to set up 10 sub accounts and access them all with Apple Mail. IMAP works OK but that is something I don't wish to use for a number of reasons.
Anybody else come across this?
I can do all this with Entourage (horrible) and Outlook which I do not intend to buy. Why does Apple make life so difficult sometimes?OK Folks,
To save confusion and to all those people who think I am using the same email address for everything, here they are.
British Telecomm Residential
[email protected] (USAAF 381st Bomb Group Heavy)
[email protected] (My company)
[email protected] (Master Account for everything else)
British Telecomm Business
[email protected] BT Business E-Mail - I don't use
Others I have are:
[email protected]
[email protected]
[email protected]
[email protected] currently exists as an IMAP account which works but something I would rather not have.
As you can see, they are all separate and distinct.
As I said before, all hese work just fine with Entourage (nasty and a dead product) and Outlook (something I'm not prepared to buy when the Apple offering should do it all for me and integrates really nicely with iCal, Address Book, Notes etc.
Thank you everybody for trying to help and thanks Defcom but, as you thought, that article is really old hat now.
I am now going to open a large bottle and sit in that darkened room.
If I now get flooded with spam, I know where it's come from.
Goodnight, Good Morning or G'Day depending on where you're from..
Jim Tennet,
White Wings Computer Services -
IPod Touch 2.0 bug saving photos from e-mails
Hi all
Has anyone else had problems saving photo attachments in e-mails on the Touch with 2.0 software. I received an e-mail with 5 jpeg photo attachments. Opened them up to view them, decided to save them.
When I selected "Save 5 images" the Touch appeared to freeze for a bit (though it may have been converting the jpegs to thumbnail format I guess?) and then when I went to Photo to look at them, the app wouldn't open. It started, displayed a blank Event list and then bombed out back to the help screen...
Rebooting the Touch and saving them individually allowed me to save 4 of the 5 - but oddly the 5th image, although not in the event and viewable IS the image used to tag the event.
Quite odd.
Has anyone else been able to save photos reliably from e-mails into their photo library on their Touch 2.0?Hi,
I had this multiple times. Two times I was able to fix this in "just" remove MobileMe and the Exchange account. But this time the problem continues to exist. I've worked around this in using IMAP for E-Mail and Exchange for Contacts/Appointments. However since we're using PostPath instead of "real" Exchange contacts won't sync anyway.
Since I don't want to restore my whole iPod once a day I will stay with the IMAP workaround and hope that this will be fixed in 2.0.1
Maybe you are looking for
-
Problem with installing Paint shop Pro photo X2 on with Vista
Trying to install Paint shop photo x2 on my note book but at the end of the installation it freezes and there seems to be some problem with "registering"... Corel (supplier of paint shop) now advised me to change some drivers but the links I received
-
we have a Linux fileserver with Samba share and have several users. The users tend to be in different locations and need to login at different workstations, sometimes the workstation may be WindowsXP and othertimes it is windows7. How can we use Fire
-
New G/L line item extractor 0FI_GL_14
Hi, has anyone worked with the new G/L line item extractor 0FI_GL_14 already? I know that this line items extractor uses function module FAGL_GET_LINE_ITEMS and extract structure FAGLPOSBW. Does anyone have the coding for this function module? Thanks
-
Compiling and running Java programs on my laptop
I have just bought a new laptop but I can't run and compile Java programs using the javac filename.java command in the command prompt. I know I have to download something but I am not sure what link. I would be grateful if somebody could send me on a
-
HT2471 How can I tell if my g5 power mac quad(2006) uses PCIe or PCIx cards?
Hello, I am purchasing a Pro Tools HD8 system, and I need to know if my g5 uses PCIe or PCIx cards? How do I find this out? Regards, Dean.