Whitelist issue

Similar Messages

• Whitelist issues on host.  My IP changes.

  Whitelist issues on host. My IP changes.
  I have a client app that can connect to the database I have on the host fine using jdbc, but I have to add my IP every time to the whitelist. My IP is not static.
  What can on do on my site to eleviate that.
  Can I add some file or script that does the call on the host with jdbc and just call that file from the application to stop remotly calling the query? Presently I call the JDBC query remotely.
  String url = "jdbc:mysql://www.novajobseeker.com:3306/novajobs_customer";
  Connection con = DriverManager.getConnection(url, "novajobs_user","xxxxxxx");I am thinking if I create some file on the host I can then make it.
  String url = "jdbc:mysql://localhost:3306/novajobs_customer";
  Connection con = DriverManager.getConnection(url, "novajobs_user","xxxxxxx");And there by riding my self of the whitelist issue I am having.
  Any terms or words that someone can recommend please post so I can search. Or recommendations. Thanks
  I cant figure out what it is I need to create script, servelet, etc. Whats it called.
  *1) How do I call this file from remote application?*
  *2) How do I send back the String Array "customer" back to remote app?*
  //How do I call this from Remote application
  package customerData;
  import java.sql.*;
  public class JDBCDemo {
      public static void main( String[] args ) {
           try {
          // Connect to the database
              String url = "jdbc:mysql://localhost:3306/novajobs_customer";
          Connection con = DriverManager.getConnection(url, "novajobs_user","xxxxxxx");
          // Execute the SQL statement
          Statement stmt = con.createStatement();
          ResultSet resultSet = stmt.executeQuery("SELECT * FROM CustomerInfo");
          //System.out.println("Got results!");
          // Loop thru all the rows
        while( resultSet.next() ) {
              String dataCN = resultSet.getString( "cusNum");
              String dataFN = resultSet.getString( "firstName");
              String dataLN = resultSet.getString( "lastName");
              String dataHN = resultSet.getString( "houseNum");
              String dataSN = resultSet.getString( "streetName");
              String dataCT = resultSet.getString( "city");
              String dataST = resultSet.getString( "state");
              String dataZC = resultSet.getString( "zipCode");
             String[] customer = {dataCN, dataFN, dataLN, dataHN, dataSN, dataCT, dataST, dataZC};
             //HOW do I send this back
             for(int i = 0; i<customer.length; i++){
                  //System.out.println(customer);
  stmt.close();
  catch( Exception exp ) {
  // System.out.println(exp.getMessage());
  exp.printStackTrace();

  shadow_coder wrote:
  In regards to your second problem, I basically have the same issue and am currently waiting for help. Keep an eye on this thread for possible help:
  [http://forums.sun.com/thread.jspa?threadID=5392794|http://forums.sun.com/thread.jspa?threadID=5392794]
  Huh? That thread has absolutely nothing to do with this thread.

• Whitelist issues...c​ompany emails, customer support emails, transactio​nal emails all blocked

  Hello,
  We just migrated to a brand new email server with 5 brand new IP addresses.
  Our emails to people with verizon email addresses have been blocked from the start.
  When trying to get on the whitelist, I get message for each of the IP's we try to whitelist:
  "After investigation, Verizon Online Security has determined that e-mail from your IP address will not be allowed access to the Verizon Online e-mail domain due to one or more of the following reasons:
  Your IP has been blocked because of spam issues or because your ISP indicates that it is dynamically assigned"
  I checked with our ISP, and they assure us that these are STATIC IP's...which they are.
  On our newsletter we send out, our spam complaints are EXTREMELY low and our email sender score is 99 across the board for all IP's...
  Customers with Verizon email addresses are not even getting their transaction emails and customer support emails.
  I'm not sure what to do, so I figured I'd post here and try to get some help?  I see others have been helped here.
  I thank anyone on the staff in advance for helping me figure this out?
  Thanks so much.
  Dan Eggertsen

  Your issue has been escalated to a Verizon agent. Please go to your profile page for the forum, and look in the middle, right at the top where you will find an area titled "My Support Cases". You can reach your profile page by clicking on your name beside your post, or at the top left of this page underneath the title of the board. you will find a link to the private board where you and the agent may exchange information.
  To ensure you know when they have responded to you, at the top of your support case there is a drop down menu for support case options. Open that and choose "subscribe".This should be checked on a frequent basis as the agent may be waiting for information from you before they can proceed with any actions. Please keep all correspondence regarding your issue in the private support portal.
  If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer that solved your issue as the accepted solution.

• HP G62-220ca boot problem, wifi whitelist issue : ID du module WLAN (702)

  Hi,
  For no apparent reason 6 months after formating my Customer 's laptop his original wifi card is giving him an error code when he boots his laptop. Bios was already updated and all other parts have been tested fine. I just ordered and received another original wifi module and still giving that ''(702)'' error on system boot. Removing that part will allow the laptop to boot correctly, but a laptop w/o a wifi component is pretty much useless for him !
  Laptop brand : HP
  Model: G62-220CA
  Actual BIOS vF.29
  Any idea why/how that happened?
  Thanks
  Hellrik

  Hey its me again,
  So I guess no ones knows what to do or simply can't find any suitable solution. I just can't beleive I am the only one with this issue with this model....
  This is sad.

• Upgrading Wifi-card in T420s ... will an Intel 6300 work? Other recommendations? Modded BIOS?

  Hi all,
  My trusty T420s (4172-CTO) has been rock solid for years but recently has started having issues with wifi disconnects. I've tried multiple wifi drivers, flashing my router firmware, even a new router. Nothing has helped. I am left with the conclusion that my card (Intel 6250) has got to go.
  I am familiar with the whitelisting issue, but was wondering if there was a card I could use instead that would work without a bios mod. I checked the HMM and saw that the Intel Centrino Ultimate-N 6300, FRU 60Y3233, is listed for my application. I can get one on ebay fairly cheap. But, I see the 6300 has three antennas, not two like my 6250. Does this mean it won't work in my T420s? Would I just leave one of them disconnected? Which one?
  Is there another card, already whitelisted, that would work?
  Failing this option, I will go with another card (Intel 7260 unless somone has a better idea) and a modded BIOS. I have found a couple of forums and threads that walk through the process (and provide the BIOSes) but if someone has a recommendation for a site/service to use, I'd appreciate a heads up via PM as I can see such discussion isn't likely weclcome publicly.
  Thanks, all.
  -kj-
  T440p | Core i7 4700MQ @ 2.4 ghz | 8 GB | Samsung 840 EVO 240gb SSD | 14" | Intel HD Graphics | Windows 7 Pro 64-bit
  Solved!
  Go to Solution.

  Thanks for the reply. What do you mean "2.4 GHz WiFi reliability is a hit or miss"?
  Warranty is over so no problem there.
  I see a lot of 7260 cards, is there one in specific I need? Example:
  http://goo.gl/PKcRIU
  http://goo.gl/ooaUEw
  N would actually be fine, don't really need AC, recently upgraded my router and don't feel compelled to change...the price difference is small, and I'm all for future-proofing, but, I just need the thing to WORK.
  Thanks again.
  -kj-
  T440p | Core i7 4700MQ @ 2.4 ghz | 8 GB | Samsung 840 EVO 240gb SSD | 14" | Intel HD Graphics | Windows 7 Pro 64-bit

• HP Pavilion dv7 Notebook and Intel Centrino Advanced-N 6230 WiFi Card

  I've got a dv7tqe (Quad Edition HP Pavilion dv7), part #XW397AV, notebook computer.  On page 8 of the manual, it says that the
  Intel Centrino Advanced-N 6230 wifi card is compatible with this laptop.  However, upon further research online from many sources, including suppliers, it appears that this wifi card is not compatible due to HP's whitelist in the BIOS.
  I'd like to know from an HP representative whether this card is truly compatible (it's not listed on PartSurfer for this laptop).
  I'd also like to know why HP feels the need for a whitelist for wifi cards.  Is it to force your customers to pay your exhorbitant markups for replacement parts?
  I'd really like the answers to these questions.  If it's not compatible, then it shouldn't be listed in the manual.
  I'm also posting this as a warning to potential future HP customers that these types of inconsistencies as well as gouging their customers for replacement parts is commonplace for HP products.

  Hi:
  This is a consumer to consumer forum.
  You will not receive any answers to your questions from anyone speaking on behalf of the company (HP).
  It is more complicated than the wireless cards having to be listed in the service manual as supported.
  1. They must also have the HP part # on them, or they will not work.
  2. There are a few cards listed in the service manuals that have the wrong part numbers, and no one knows the right part number.
  So, when you think you have the right part number, you sometimes get the wrong card which may or may not work.  It just so happens that the Intel 6230 is one of those cards which no one can seem to find the right part # for.
  Therefore, changing a wireless card in any HP notebook--especially a consumer model like yours is nothing short of a nightmare.
  3. No one has an answer for the whitelist issue. If you want to believe that it is to force customers to pay exorbitant markups for replacement parts, that is certainly your prerogative.
  If you don't want to pay HP's prices, do what I do and go on eBay and query your search by the HP part number and get a used but tested and working wireless card for pennies on the dollar.
  Paul

• Upgrading WiFi

  Hi, My laptop is a HP ENVY TouchSmart 15-j051ea and has an Intel® Centrino® Wireless-N 2230 as standard. I had a quick look online and thought that the Intel® Centrino® Advanced-N 6235 would be a decent upgrade. No problems with my current chip, but I'm looking to get better speeds.  I'm wanting to know what people think about the chosen upgrade in terms of difference I will notice, and also whether it will be compatible. Heard a bit about HP having problems with compatibility due to whitelisting.  Below are the links to both chips so you can look at what each offer and let me know whether you think the upgrade would be worthwhile.  Link for current chip: http://www.intel.co.uk/content/www/uk/en/wireless-products/centrino-wireless-n-2230.html?wapkw=intel%C2%AE+centrino%C2%AE+wireless-n+2230Link for upgraded chip: http://www.intel.co.uk/content/www/uk/en/wireless-products/centrino-advanced-n-6235.html Regards, Chris 

  Hi Paul, Thanks for your speedy response.  Our router is with BT, and it's the latest Hub (BT Home Hub 5), which is supported by AC. However, this only applies to the 5 GHz frequncy. We've not yet got access to that as fibre broadband hasn't been rolled out in our area. All the latest Hub offers us for the time being in the best speeds on the 2.4 GHz frequency. As you say, the chip probably won't make a noticeable difference if I'm not able to access the 5GHz frequency. Might wait until we've got a confirmed rollout of fibre broadband before making an upgrade.  However, I am interested in the issue of whitelisting with regards to my model. I purchased it almost 2 years ago now, and I'm wondering if I could take a WiFi chip out of a spare laptop and test the compatibility issue that way. It should work if my laptop isn't whitelisted, and so if it doesn't, that would suggest whitelising. That's a correct method for testing the whitelisting issue, right? Regards, Chris

• Issue with spamassassin, now mail not working

  Hi ! I installed spamtrainer almost two months ago. Been feeding the [email protected] for several weeks now , 700 emails each day at least .
  There was very little improvement if none at all. Tried to add "@local_domains_maps = (1)" to amavisd.conf last night thinking it might be the problem , though no virtual domain exist. This was one of the issue on the default Amavisd config. The other one is adding the symbolic link which I already done.
  Computer froze while adding the parameter "@local_domains_maps = (1)", so I manually turn off the Power Mac, then mail stopped altogether. The mails are filing up but the clients couldn't send or receive since this incidence .
  FF is the maincf. and amavis.conf
  All help are greatly appreciated.
  mail:/Users/sysadmin root# postconf -n
  alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
  always_bcc =
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  content_filter = smtp-amavis:[127.0.0.1]:10024
  daemon_directory = /usr/libexec/postfix
  debug_peer_level = 2
  enable_server_options = yes
  html_directory = no
  inet_interfaces = all
  local_recipient_maps = proxy:unix:passwd.byname $alias_maps
  luser_relay =
  mail_owner = postfix
  mailbox_size_limit = 0
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  maps_rbl_domains =
  message_size_limit = 31457280
  mydestination = $myhostname,localhost.$mydomain,localhost,mail.cpplaw.com,cpplaw.com
  mydomain = cpplaw.com
  mydomain_fallback = localhost
  myhostname = mail.cpplaw.com
  mynetworks = 127.0.0.1/32,192.168.1.0/24,127.0.0.1
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  owner_request_special = no
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  recipient_delimiter = +
  relayhost =
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpd_client_restrictions = permit_mynetworks permit
  smtpd_tls_key_file =
  unknown_local_recipient_reject_code = 550
  virtual_mailbox_domains =
  virtual_transport = virtual
  mail:/Users/sysadmin root# postconf -n
  alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
  always_bcc =
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  content_filter = smtp-amavis:[127.0.0.1]:10024
  daemon_directory = /usr/libexec/postfix
  debug_peer_level = 2
  enable_server_options = yes
  html_directory = no
  inet_interfaces = all
  local_recipient_maps = proxy:unix:passwd.byname $alias_maps
  luser_relay =
  mail_owner = postfix
  mailbox_size_limit = 0
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  maps_rbl_domains =
  message_size_limit = 31457280
  mydestination = $myhostname,localhost.$mydomain,localhost,mail.cpplaw.com,cpplaw.com
  mydomain = cpplaw.com
  mydomain_fallback = localhost
  myhostname = mail.cpplaw.com
  mynetworks = 127.0.0.1/32,192.168.1.0/24,127.0.0.1
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  owner_request_special = no
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  recipient_delimiter = +
  relayhost =
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpd_client_restrictions = permit_mynetworks permit
  smtpd_tls_key_file =
  unknown_local_recipient_reject_code = 550
  virtual_mailbox_domains =
  virtual_transport = virtual
  mail:/Users/sysadmin root#
  _______________________Amavisd.cof_________________________
  use strict;
  # Configuration file for amavisd-new
  # This software is licensed under the GNU General Public License (GPL).
  # See comments at the start of amavisd-new for the whole license text.
  #Sections:
  # Section I - Essential daemon and MTA settings
  # Section II - MTA specific
  # Section III - Logging
  # Section IV - Notifications/DSN, BOUNCE/REJECT/DROP/PASS destiny, quarantine
  # Section V - Per-recipient and per-sender handling, whitelisting, etc.
  # Section VI - Resource limits
  # Section VII - External programs, virus scanners, SpamAssassin
  # Section VIII - Debugging
  #GENERAL NOTES:
  # This file is a normal Perl code, interpreted by Perl itself.
  # - make sure this file (or directory where it resides) is NOT WRITABLE
  # by mere mortals, otherwise it represents a severe security risk!
  # - for values which are interpreted as booleans, it is recommended
  # to use 1 for true, and 0 or undef or '' for false.
  # THIS IS DIFFERENT FROM OLDER AMAVIS VERSIONS where "no" also meant false,
  # now it means true, like any nonempty string does!
  # - Perl syntax applies. Most notably: strings in "" may include variables
  # (which start with $ or @); to include characters @ and $ in double
  # quoted strings, precede them by a backslash; in single-quoted strings
  # the $ and @ lose their special meaning, so it is usually easier to use
  # single quoted strings. Still, in both cases a backslash need to be doubled
  # - variables with names starting with a '@' are lists, the values assigned
  # to them should be lists as well, e.g. ('one@foo', $mydomain, "three");
  # note the comma-separation and parenthesis. If strings in the list
  # do not contain spaces nor variables, a Perl operator qw() may be used
  # as a shorthand to split its argument on whitespace and produce a list
  # of strings, e.g. qw( one@foo example.com three ); Note that the argument
  # to qw is quoted implicitly and no variable interpretation is done within
  # (no '$' variable evaluations). The #-initiated comments can not be used
  # within the string. In other words, $ and # lose their special meaning
  # withing a qw argument, just like within '...' strings.
  # - all e-mail addresses in this file and as used internally by the daemon
  # are in their raw (rfc2821-unquoted and nonbracketed) form, i.e.
  # Bob "Funny" [email protected], not: "Bob \"Funny\" Dude"@example.com
  # and not <"@example.com>; also: '' and not ''.
  # Section I - Essential daemon and MTA settings
  # $MYHOME serves as a quick default for some other configuration settings.
  # More refined control is available with each individual setting further down.
  # $MYHOME is not used directly by the program. No trailing slash!
  #$MYHOME = '/var/lib/amavis'; # (default is '/var/amavis')
  # : $mydomain serves as a quick default for some other configuration settings.
  # : More refined control is available with each individual setting further down.
  # : $mydomain is never used directly by the program.
  $mydomain = 'cpplaw.com'; aol.com'; # (no useful default)
  # Set the user and group to which the daemon will change if started as root
  # (otherwise just keep the UID unchanged, and these settings have no effect):
  $daemon_user = 'clamav'; # (no default; customary: vscan or amavis)
  $daemon_group = 'clamav'; # (no default; customary: vscan or amavis)
  # Runtime working directory (cwd), and a place where
  # temporary directories for unpacking mail are created.
  # (no trailing slash, may be a scratch file system)
  $TEMPBASE = $MYHOME; # (must be set if other config vars use is)
  #$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean?
  # $helpers_home sets environment variable HOME, and is passed as option
  # 'home_dir_for_helpers' to Mail::SpamAssassin::new. It should be a directory
  # on a normal persistent file system, not a scratch or temporary file system
  #$helpers_home = $MYHOME; # (defaults to $MYHOME)
  #$daemon_chroot_dir = $MYHOME; # (default is undef, meaning: do not chroot)
  #$pid_file = "$MYHOME/amavisd.pid"; # (default is "$MYHOME/amavisd.pid")
  #$lock_file = "$MYHOME/amavisd.lock"; # (default is "$MYHOME/amavisd.lock")
  # set environment variables if you want (no defaults):
  $ENV{TMPDIR} = $TEMPBASE; # wise, but usually not necessary
  # MTA SETTINGS, UNCOMMENT AS APPROPRIATE,
  # both $forward_method and $notify_method default to 'smtp:127.0.0.1:10025'
  # POSTFIX, or SENDMAIL in dual-MTA setup, or EXIM V4
  # (set host and port number as required; host can be specified
  # as IP address or DNS name (A or CNAME, but MX is ignored)
  #$forward_method = 'smtp:127.0.0.1:10025'; # where to forward checked mail
  #$notify_method = $forward_method; # where to submit notifications
  # NOTE: The defaults (above) are good for Postfix or dual-sendmail. You MUST
  # uncomment the approprate settings below if using other setups!
  # SENDMAIL MILTER, using amavis-milter.c helper program:
  #$forward_method = undef; # no explicit forwarding, sendmail does it by itself
  # milter; option -odd is needed to avoid deadlocks
  #$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -odd -f ${sender} -- ${recipient}';
  # just a thought: can we use use -Am instead of -odd ?
  # SENDMAIL (old non-milter setup, as relay):
  #$forward_method = 'pipe:flags=q argv=/usr/sbin/sendmail -C/etc/sendmail.orig.cf -i -f ${sender} -- ${recipient}';
  #$notify_method = $forward_method;
  # SENDMAIL (old non-milter setup, amavis.c calls local delivery agent):
  #$forward_method = undef; # no explicit forwarding, amavis.c will call LDA
  #$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -f ${sender} -- ${recipient}';
  # EXIM v3 (not recommended with v4 or later, which can use SMTP setup instead):
  #$forward_method = 'pipe:flags=q argv=/usr/sbin/exim -oMr scanned-ok -i -f ${sender} -- ${recipient}';
  #$notify_method = $forward_method;
  # prefer to collect mail for forwarding as BSMTP files?
  #$forward_method = "bsmtp:$MYHOME/out-%i-%n.bsmtp";
  #$notify_method = $forward_method;
  # Net::Server pre-forking settings
  # You may want $max_servers to match the width of your MTA pipe
  # feeding amavisd, e.g. with Postfix the 'Max procs' field in the
  # master.cf file, like the '2' in the: smtp-amavis unix - - n - 2 smtp
  $max_servers = 2; # number of pre-forked children (default 2)
  $max_requests = 10; # retire a child after that many accepts (default 10)
  $child_timeout=5*60; # abort child if it does not complete each task in n sec
  # (default: 8*60 seconds)
  # Check also the settings of @av_scanners at the end if you want to use
  # virus scanners. If not, you may want to delete the whole long assignment
  # to the variable @av_scanners, which will also remove the virus checking
  # code (e.g. if you only want to do spam scanning).
  # Here is a QUICK WAY to completely DISABLE some sections of code
  # that WE DO NOT WANT (it won't even be compiled-in).
  # For more refined controls leave the following two lines commented out,
  # and see further down what these two lookup lists really mean.
  #@bypass_virus_checks_acl = qw( . ); # uncomment to DISABLE anti-virus code
  #@bypass_spam_checks_acl = qw( . ); # uncomment to DISABLE anti-spam code
  # Any setting can be changed with a new assignment, so make sure
  # you do not unintentionally override these settings further down!
  # Lookup list of local domains (see README.lookups for syntax details)
  # NOTE:
  # For backwards compatibility the variable names @local_domains (old) and
  # @local_domains_acl (new) are synonyms. For consistency with other lookups
  # the name @local_domains_acl is now preferred. It also makes it more
  # obviously distinct from the new %local_domains hash lookup table.
  # local_domains* lookup tables are used in deciding whether a recipient
  # is local or not, or in other words, if the message is outgoing or not.
  # This affects inserting spam-related headers for local recipients,
  # limiting recipient virus notifications (if enabled) to local recipients,
  # in deciding if address extension may be appended, and in SQL lookups
  # for non-fqdn addresses. Set it up correctly if you need features
  # that rely on this setting (or just leave empty otherwise).
  # With Postfix (2.0) a quick reminder on what local domains normally are:
  # a union of domains spacified in: $mydestination, $virtual_alias_domains,
  # $virtual_mailbox_domains, and $relay_domains.
  @local_domains_acl = ( ".$mydomain" ); # $mydomain and its subdomains
  # @local_domains_acl = qw(); # default is empty, no recipient treated as local
  # @local_domains_acl = qw( .example.com );
  # @local_domains_acl = qw( .example.com !host.sub.example.net .sub.example.net );
  # @local_domains_acl = ( ".$mydomain", '.example.com', 'sub.example.net' );
  # or alternatively(A), using a Perl hash lookup table, which may be assigned
  # directly, or read from a file, one domain per line; comments and empty lines
  # are ignored, a dot before a domain name implies its subdomains:
  #read_hash(\%local_domains, '/var/amavis/local_domains');
  #or alternatively(B), using a list of regular expressions:
  # $local_domains_re = new_RE( qr'[@.]example\.com$'i );
  # see README.lookups for syntax and semantics
  # Section II - MTA specific (defaults should be ok)
  # if $relayhost_is_client is true, IP address in $notify_method and
  # $forward_method is dynamically overridden with SMTP client peer address
  # if available, which makes possible for several hosts to share one daemon
  #$relayhost_is_client = 1; # (defaults to false)
  #$insert_received_line = 1; # behave like MTA: insert 'Received:' header
  # (does not apply to sendmail/milter)
  # (default is true)
  # AMAVIS-CLIENT PROTOCOL INPUT SETTINGS (e.g. with sendmail milter)
  # (used with amavis helper clients like amavis-milter.c and amavis.c,
  # NOT needed for Postfix and Exim)
  $unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
  #$unix_socketname = undef; # disable listening on a unix socket
  # (default is undef, i.e. disabled)
  # (usual setting is $MYHOME/amavisd.sock)
  # Do we receive quoted or raw addresses from the helper program?
  # (does not apply to SMTP; defaults to true)
  #$gets_addr_in_quoted_form = 1; # "Bob \"Funny\" Dude"@example.com
  #$gets_addr_in_quoted_form = 0; # Bob "Funny" [email protected]
  # SMTP SERVER (INPUT) PROTOCOL SETTINGS (e.g. with Postfix, Exim v4, ...)
  # (used when MTA is configured to pass mail to amavisd via SMTP or LMTP)
  $inet_socket_port = 10024; # accept SMTP on this local TCP port
  # (default is undef, i.e. disabled)
  # multiple ports may be provided: $inet_socket_port = [10024, 10026, 10028];
  # SMTP SERVER (INPUT) access control
  # - do not allow free access to the amavisd SMTP port !!!
  # when MTA is at the same host, use the following (one or the other or both):
  #$inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface
  # (default is '127.0.0.1')
  @inet_acl = qw( 127.0.0.1 ); # allow SMTP access only from localhost IP
  # (default is qw( 127.0.0.1 ) )
  # when MTA (one or more) is on a different host, use the following:
  #@inet_acl = qw(127/8 10.1.0.1 10.1.0.2); # adjust the list as appropriate
  #$inet_socket_bind = undef; # bind to all IP interfaces
  # Example1:
  # @inet_acl = qw( 127/8 10/8 172.16/12 192.168/16 );
  # permit only SMTP access from loopback and rfc1918 private address space
  # Example2:
  # @inet_acl = qw( !192.168.1.12 172.16.3.3 !172.16.3/255.255.255.0
  # 127.0.0.1 10/8 172.16/12 192.168/16 );
  # matches loopback and rfc1918 private address space except host 192.168.1.12
  # and net 172.16.3/24 (but host 172.16.3.3 within 172.16.3/24 still matches)
  # Example3:
  # @inet_acl = qw( 127/8
  # !172.16.3.0 !172.16.3.127 172.16.3.0/25
  # !172.16.3.128 !172.16.3.255 172.16.3.128/25 );
  # matches loopback and both halves of the 172.16.3/24 C-class,
  # split into two subnets, except all four broadcast addresses
  # for these subnets
  # See README.lookups for details on specifying access control lists.
  # Section III - Logging
  # true (e.g. 1) => syslog; false (e.g. 0) => logging to file
  $DO_SYSLOG = 0; # (defaults to false)
  #$SYSLOG_LEVEL = 'user.info'; # (defaults to 'mail.info')
  # Log file (if not using syslog)
  $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
  #NOTE: levels are not strictly observed and are somewhat arbitrary
  # 0: startup/exit/failure messages, viruses detected
  # 1: args passed from client, some more interesting messages
  # 2: virus scanner output, timing
  # 3: server, client
  # 4: decompose parts
  # 5: more debug details
  $log_level = 4; # (defaults to 0)
  # Customizeable template for the most interesting log file entry (e.g. with
  # $log_level=0) (take care to properly quote Perl special characters like '\')
  # For a list of available macros see README.customize .
  # only log infected messages (useful with log level 0):
  # $log_templ = '[? %#V |[? %#F ||banned filename ([%F|,])]|infected ([%V|,])]#
  # [? %#V |[? %#F ||, from=<%o>, to=[<%R>|,][? %i ||, quarantine %i]]#
  # |, from=<%o>, to=[<%R>|,][? %i ||, quarantine %i]]';
  # log both infected and noninfected messages (default):
  $log_templ = '[? %#V |[? %#F |[?%#D|Not-Delivered|Passed]|BANNED name/type (%F)]|INFECTED (%V)], #
  <%o> -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c';
  # Section IV - Notifications/DSN, BOUNCE/REJECT/DROP/PASS destiny, quarantine
  # Select notifications text encoding when Unicode-aware Perl is converting
  # text from internal character representation to external encoding (charset
  # in MIME terminology)
  # to be used in RFC 2047-encoded header field bodies, e.g. in Subject:
  #$hdr_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
  # to be used in notification body text: its encoding and Content-type.charset
  #$bdy_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
  # Default template texts for notifications may be overruled by directly
  # assigning new text to template variables, or by reading template text
  # from files. A second argument may be specified in a call to read_text(),
  # specifying character encoding layer to be used when reading from the
  # external file, e.g. 'utf8', 'iso-8859-1', or often just $bdy_encoding.
  # Text will be converted to internal character representation by Perl 5.8.0
  # or later; second argument is ignored otherwise. See PerlIO::encoding,
  # Encode::PerlIO and perluniintro man pages.
  # $notify_sender_templ = read_text('/var/amavis/notify_sender.txt');
  # $notify_virus_sender_templ= read_text('/var/amavis/notify_virus_sender.txt');
  # $notify_virus_admin_templ = read_text('/var/amavis/notify_virus_admin.txt');
  # $notify_virus_recips_templ= read_text('/var/amavis/notify_virus_recips.txt');
  # $notify_spam_sender_templ = read_text('/var/amavis/notify_spam_sender.txt');
  # $notify_spam_admin_templ = read_text('/var/amavis/notify_spam_admin.txt');
  # If notification template files are collectively available in some directory,
  # use read_l10n_templates which calls read_text for each known template.
  # read_l10n_templates('/etc/amavis/en_US');
  # Here is an overall picture (sequence of events) of how pieces fit together
  # (only virus controls are shown, spam controls work the same way):
  # bypass_virus_checks set for all recipients? ==> PASS
  # no viruses? ==> PASS
  # log virus if $log_templ is nonempty
  # quarantine if $virus_quarantine_to is nonempty
  # notify admin if $virus_admin (lookup) nonempty
  # notify recips if $warnvirusrecip and (recipient is local or $warn_offsite)
  # add address extensions for local recipients (when enabled)
  # send (non-)delivery notifications
  # to sender if DSN needed (BOUNCE) or ($warnvirussender and D_PASS)
  # virus_lovers or final_destiny==D_PASS ==> PASS
  # DISCARD (2xx) or REJECT (5xx) (depending on final_*_destiny)
  # Equivalent flow diagram applies for spam checks.
  # If a virus is detected, spam checking is skipped entirely.
  # The following symbolic constants can be used in *destiny settings:
  # D_PASS mail will pass to recipients, regardless of bad contents;
  # D_DISCARD mail will not be delivered to its recipients, sender will NOT be
  # notified. Effectively we lose mail (but will be quarantined
  # unless disabled). Not a decent thing to do for a mailer.
  # D_BOUNCE mail will not be delivered to its recipients, a non-delivery
  # notification (bounce) will be sent to the sender by amavisd-new;
  # Exception: bounce (DSN) will not be sent if a virus name matches
  # $viruses_that_fake_sender_re, or to messages from mailing lists
  # (Precedence: bulk|list|junk);
  # D_REJECT mail will not be delivered to its recipients, sender should
  # preferably get a reject, e.g. SMTP permanent reject response
  # (e.g. with milter), or non-delivery notification from MTA
  # (e.g. Postfix). If this is not possible (e.g. different recipients
  # have different tolerances to bad mail contents and not using LMTP)
  # amavisd-new sends a bounce by itself (same as D_BOUNCE).
  # Notes:
  # D_REJECT and D_BOUNCE are similar, the difference is in who is responsible
  # for informing the sender about non-delivery, and how informative
  # the notification can be (amavisd-new knows more than MTA);
  # With D_REJECT, MTA may reject original SMTP, or send DSN (delivery status
  # notification, colloquially called 'bounce') - depending on MTA;
  # Best suited for sendmail milter, especially for spam.
  # With D_BOUNCE, amavisd-new (not MTA) sends DSN (can better explain the
  # reason for mail non-delivery, but unable to reject the original
  # SMTP session). Best suited to reporting viruses, and for Postfix
  # and other dual-MTA setups, which can't reject original client SMTP
  # session, as the mail has already been enqueued.
  $final_virus_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
  $final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
  $final_spam_destiny = D_PASS; # (defaults to D_REJECT)
  $final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
  # Alternatives to consider for spam:
  # - use D_PASS if clients will do filtering based on inserted mail headers;
  # - use D_DISCARD, if kill_level is set safely high;
  # - use D_BOUNCE instead of D_REJECT if not using milter;
  # There are no sensible alternatives to D_BOUNCE for viruses, but consider:
  # - use D_PASS (or virus_lovers) and $warnvirussender=1 to deliver viruses;
  # - use D_REJECT instead of D_BOUNCE if using milter and under heavy
  # virus storm;
  # Don't bother to set both D_DISCARD and $warn*sender=1, it will get mapped
  # to D_BOUNCE.
  # The separation of *_destiny values into D_BOUNCE, D_REJECT, D_DISCARD
  # and D_PASS made settings $warnvirussender and $warnspamsender only still
  # useful with D_PASS.
  # The following $warn*sender settings are ONLY used when mail is
  # actually passed to recipients ($final_*_destiny=D_PASS, or *_lovers*).
  # Bounces or rejects produce non-delivery status notification anyway.
  # Notify virus sender?
  #$warnvirussender = 1; # (defaults to false (undef))
  # Notify spam sender?
  #$warnspamsender = 1; # (defaults to false (undef))
  # Notify sender of banned files?
  #$warnbannedsender = 1; # (defaults to false (undef))
  # Notify sender of syntactically invalid header containing non-ASCII characters?
  #$warnbadhsender = 1; # (defaults to false (undef))
  # Notify virus (or banned files) RECIPIENT?
  # (not very useful, but some policies demand it)
  #$warnvirusrecip = 1; # (defaults to false (undef))
  #$warnbannedrecip = 1; # (defaults to false (undef))
  # Notify also non-local virus/banned recipients if $warn*recip is true?
  # (including those not matching local_domains*)
  #$warn_offsite = 1; # (defaults to false (undef), i.e. only notify locals)
  # Treat envelope sender address as unreliable and don't send sender
  # notification / bounces if name(s) of detected virus(es) match the list.
  # Note that virus names are supplied by external virus scanner(s) and are
  # not standardized, so virus names may need to be adjusted.
  # See README.lookups for syntax.
  $viruses_that_fake_sender_re = new_RE(
  qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i );
  # where to send ADMIN VIRUS NOTIFICATIONS (should be a fully qualified address)
  # - the administrator address may be a simple fixed e-mail address (a scalar),
  # or may depend on the SENDER address (e.g. its domain), in which case
  # a ref to a hash table can be specified (specify lower-cased keys,
  # dot is a catchall, see README.lookups).
  # Empty or undef lookup disables virus admin notifications.
  $virus_admin = '[email protected]';
  # $virus_admin = undef; # do not send virus admin notifications (default)
  # $virus_admin = {'not.example.com' => '', '.' => '[email protected]'};
  # $virus_admin = '[email protected]';
  # equivalent to $virus_admin, but for spam admin notifications:
  #$spam_admin = '[email protected]';# $spam_admin = undef; # do not send spam admin notifications (default)
  # $spam_admin = {'not.example.com' => '', '.' => '[email protected]'};
  #advanced example, using a hash lookup table:
  # - $virus_admin = {
  # '[email protected]' => '[email protected]',
  # '.sub1.example.com' => '[email protected]',
  # '.sub2.example.com' => '', # don't send admin notifications
  # 'a.sub3.example.com' => '[email protected]',
  # '.sub3.example.com' => '[email protected]',
  # '.example.com' => '[email protected]', # catchall for our virus senders
  # '.' => '[email protected]', # catchall for the rest
  # whom notification reports are sent from (ENVELOPE SENDER);
  # may be a null reverse path, or a fully qualified address:
  # (admin and recip sender addresses default to $mailfrom
  # for compatibility, which in turn defaults to undef (empty) )
  # If using strings in double quotes, don't forget to quote @, i.e. \@
  $mailfrom_notify_admin = "virusalert\@$mydomain";
  $mailfrom_notify_recip = "virusalert\@$mydomain";
  $mailfrom_notify_spamadmin = "spam.police\@$mydomain";
  # 'From' HEADER FIELD for sender and admin notifications.
  # This should be a replyable address, see rfc1894. Not to be confused
  # with $mailfrom_notify_sender, which is the envelope address and
  # should be empty (null reverse path) according to rfc2821.
  # $hdrfrom_notify_sender = "amavisd-new <postmaster\@$mydomain>";
  # $hdrfrom_notify_sender = 'amavisd-new <[email protected]>';
  # (defaults to: "amavisd-new <postmaster\@$myhostname>")
  # $hdrfrom_notify_admin = $mailfrom_notify_admin;
  # (defaults to: $mailfrom_notify_admin)
  # $hdrfrom_notify_spamadmin = $mailfrom_notify_spamadmin;
  # (defaults to: $mailfrom_notify_spamadmin)
  # whom quarantined messages appear to be sent from (envelope sender)
  $mailfrom_to_quarantine = undef; # original sender if undef, or set explicitly
  # (default is undef)
  # Location to put infected mail into: (applies to 'local:' quarantine method)
  # empty for not quarantining, may be a file (mailbox),
  # or a directory (no trailing slash)
  # (the default value is undef, meaning no quarantine)
  $QUARANTINEDIR = '/var/virusmails';
  #$virus_quarantine_method = "local:virus-%i-%n"; # default
  #$spam_quarantine_method = "local:spam-%b-%i-%n"; # default
  #use the new 'bsmtp:' method as an alternative to the default 'local:'
  #$virus_quarantine_method = "bsmtp:$QUARANTINEDIR/virus-%i-%n.bsmtp";
  #$spam_quarantine_method = "bsmtp:$QUARANTINEDIR/spam-%b-%i-%n.bsmtp";
  # When using the 'local:' quarantine method (default), the following applies:
  # A finer control of quarantining is available through variable
  # $virus_quarantine_to/$spam_quarantine_to. It may be a simple scalar string,
  # or a ref to a hash lookup table, or a regexp lookup table object,
  # which makes possible to set up per-recipient quarantine addresses.
  # The value of scalar $virus_quarantine_to/$spam_quarantine_to (or a
  # per-recipient lookup result from the hash table %$virus_quarantine_to)
  # is/are interpreted as follows:
  # VARIANT 1:
  # empty or undef disables quarantine;
  # VARIANT 2:
  # a string NOT containg an '@';
  # amavisd will behave as a local delivery agent (LDA) and will quarantine
  # viruses to local files according to hash %local_delivery_aliases (pseudo
  # aliases map) - see subroutine mail_to_local_mailbox() for details.
  # Some of the predefined aliases are 'virus-quarantine' and 'spam-quarantine'.
  # Setting $virus_quarantine_to ($spam_quarantine_to) to this string will:
  # * if $QUARANTINEDIR is a directory, each quarantined virus will go
  # to a separate file in the $QUARANTINEDIR directory (traditional
  # amavis style, similar to maildir mailbox format);
  # * otherwise $QUARANTINEDIR is treated as a file name of a Unix-style
  # mailbox. All quarantined messages will be appended to this file.
  # Amavisd child process must obtain an exclusive lock on the file during
  # delivery, so this may be less efficient than using individual files
  # or forwarding to MTA, and it may not work across NFS or other non-local
  # file systems (but may be handy for pickup of quarantined files via IMAP
  # for example);
  # VARIANT 3:
  # any email address (must contain '@').
  # The e-mail messages to be quarantined will be handed to MTA
  # for delivery to the specified address. If a recipient address local to MTA
  # is desired, you may leave the domain part empty, e.g. 'infected@', but the
  # '@' character must nevertheless be included to distinguish it from variant 2.
  # This method enables more refined delivery control made available by MTA
  # (e.g. its aliases file, other local delivery agents, dealing with
  # privileges and file locking when delivering to user's mailbox, nonlocal
  # delivery and forwarding, fan-out lists). Make sure the mail-to-be-quarantined
  # will not be handed back to amavisd for checking, as this will cause a loop
  # (hopefully broken at some stage)! If this can be assured, notifications
  # will benefit too from not being unecessarily virus-scanned.
  # By default this is safe to do with Postfix and Exim v4 and dual-sendmail
  # setup, but probably not safe with sendmail milter interface without
  # precaution.
  # (the default value is undef, meaning no quarantine)
  #$virus_quarantine_to = '[email protected]'; # traditional local quarantine
  #$virus_quarantine_to = 'infected@'; # forward to MTA for delivery
  #$virus_quarantine_to = "virus-quarantine\@$mydomain"; # similar
  #$virus_quarantine_to = '[email protected]'; # similar
  #$virus_quarantine_to = undef; # no quarantine
  #$virus_quarantine_to = new_RE( # per-recip multiple quarantines
  # [qr'^user@example\.com$'i => 'infected@'],
  # [qr'^(.*)@example\.com$'i => 'virus-${1}@example.com'],
  # [qr'^(.*)(@[^@])?$'i => 'virus-${1}${2}'],
  # [qr/.*/ => 'virus-quarantine'] );
  # similar for spam
  # (the default value is undef, meaning no quarantine)
  #$spam_quarantine_to = '[email protected]';
  #$spam_quarantine_to = "spam-quarantine\@$mydomain";
  #$spam_quarantine_to = new_RE( # per-recip multiple quarantines
  # [qr'^(.*)@example\.com$'i => 'spam-${1}@example.com'],
  # [qr/.*/ => 'spam-quarantine'] );
  # In addition to per-recip quarantine, a by-sender lookup is possible. It is
  # similar to $spam_quarantine_to, but the lookup key is the sender address:
  #$spam_quarantine_bysender_to = undef; # dflt: no by-sender spam quarantine
  # Add X-Virus-Scanned header field to mail?
  $X_HEADER_TAG = 'X-Virus-Scanned'; # (default: undef)
  # Leave empty to add no header field # (default: undef)
  $X_HEADER_LINE = "by amavisd-new at $mydomain";
  $remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone
  #$remove_existing_x_scanned_headers= 1; # remove existing headers
  # (defaults to false)
  $remove_existing_spam_headers = 0; # leave existing X-Spam* headers alone
  #$remove_existing_spam_headers = 1; # remove existing spam headers if
  # spam scanning is enabled (default)
  # set $bypass_decode_parts to true if you only do spam scanning, or if you
  # have a good virus scanner that can deal with compression and recursively
  # unpacking archives by itself, and save amavisd the trouble.
  # Disabling decoding also causes banned_files checking to only see
  # MIME names and MIME content types, not the content classification types
  # as provided by the file(1) utility.
  # It is a double-edged sword, make sure you know what you are doing!
  #$bypass_decode_parts = 1; # (defaults to false)
  # don't trust this file type or corresponding unpacker for this file type,
  # keep both the original and the unpacked file
  # (lookup key is what file(1) utility returned):
  $keep_decoded_original_re = new_RE(
  qr'^(ASCII|text|uuencoded|xxencoded|binhex)'i,
  # Checking for banned MIME types and names. If any mail part matches,
  # the whole mail is rejected, much like the way viruses are handled.
  # A list in object $banned_filename_re can be defined to provide a list
  # of Perl regular expressions to be matched against each part's:
  # * Content-Type value (both declared and effective mime-type),
  # including the possible security risk content types
  # message/partial and message/external-body, as specified by rfc2046;
  # * declared (recommended) file names as specified by MIME subfields
  # Content-Disposition.filename and Content-Type.name, both in their
  # raw (encoded) form and in rfc2047-decoded form if applicable;
  # * file content type as guessed by 'file(1)' utility, both the raw result
  # from file(1), as well as short type name, classified into names such as
  # .asc, .txt, .html, .doc, .jpg, .pdf, .zip, .exe, ..., which is always
  # beginning with a dot - see subroutine determine_file_types().
  # This step is done only if $bypass_decode_parts is not true.
  # * leave $banned_filename_re undefined to disable these checks
  # (giving an empty list to new_RE() will also always return false)
  $banned_filename_re = new_RE(
  qr'\.[a-zA-Z][a-zA-Z0-9]{0,3}\.(vbs|pif|scr|bat|com|exe|dll)$'i, # double extension
  # qr'.\.(exe|vbs|pif|scr|bat|com)$'i, # banned extension - basic
  # qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js|
  # jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb|
  # vbe|vbs|wsc|wsf|wsh)$'ix, # banned extension - long
  # qr'^\.(exe|zip|lha|tnef)$'i, # banned file(1) types
  # qr'^application/x-msdownload$'i, # banned MIME types
  # qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046
  # See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
  # and http://www.cknow.com/vtutor/vtextensions.htm
  # A little trick: a pattern qr'\.exe$' matches both a short type name '.exe',
  # as well as any file name which happens to end with .exe. If only matching
  # a file name is desired, but not the short name, a pattern qr'.\.exe$'i
  # or similar may be used, which requires that at least one character preceeds
  # the '.exe', and so it will never match short file types, which always start
  # with a dot.
  # Section V - Per-recipient and per-sender handling, whitelisting, etc.
  # %virus_lovers, @virus_lovers_acl and $virus_lovers_re lookup tables:
  # (these should be considered policy options, they do not disable checks,
  # see bypas*checks for that!)
  # Exclude certain RECIPIENTS from virus filtering by adding their lower-cased
  # envelope e-mail address (or domain only) to the hash %virus_lovers, or to
  # the access list @virus_lovers_acl - see README.lookups and examples.
  # Make sure the appropriate form (e.g. external/internal) of address
  # is used in case of virtual domains, or when mapping external to internal
  # addresses, etc. - this is MTA-specific.
  # Notifications would still be generated however (see the overall
  # picture above), and infected mail (if passed) gets additional header:
  # X-AMaViS-Alert: INFECTED, message contains virus: ...
  # (header not inserted with milter interface!)
  # NOTE (milter interface only): in case of multiple recipients,
  # it is only possible to drop or accept the message in its entirety - for all
  # recipients. If all of them are virus lovers, we'll accept mail, but if
  # at least one recipient is not a virus lover, we'll discard the message.
  # %bypass_virus_checks, @bypass_virus_checks_acl and $bypass_virus_checks_re
  # lookup tables:
  # (this is mainly a time-saving option, unlike virus_lovers* !)
  # Similar in concept to %virus_lovers, a hash %bypass_virus_checks,
  # access list @bypass_virus_checks_acl and regexp list $bypass_virus_checks_re
  # are used to skip entirely the decoding, unpacking and virus checking,
  # but only if ALL recipients match the lookup.
  # %bypass_virus_checks/@bypass_virus_checks_acl/$bypass_virus_checks_re
  # do NOT GUARANTEE the message will NOT be checked for viruses - this may
  # still happen when there is more than one recipient for a message, and
  # not all of them match these lookup tables. To guarantee virus delivery,
  # a recipient must also match %virus_lovers/@virus_lovers_acl lookups
  # (but see milter limitations above),
  # NOTE: it would not be clever to base virus checks on SENDER address,
  # since there are no guarantees that it is genuine. Many viruses
  # and spam messages fake sender address. To achieve selective filtering
  # based on the source of the mail (e.g. IP address, MTA port number, ...),
  # use mechanisms provided by MTA if available.
  # Similar to lookup tables controlling virus checking, there exist
  # spam scanning, banned names/types, and headers_checks control counterparts:
  # %spam_lovers, @spam_lovers_acl, $spam_lovers_re
  # %banned_files_lovers, @banned_files_lovers_acl, $banned_files_lovers_re
  # %bad_header_lovers, @bad_header_lovers_acl, $bad_header_lovers_re
  # and:
  # %bypass_spam_checks/@bypass_spam_checks_acl/$bypass_spam_checks_re
  # %bypass_banned_checks/@bypass_banned_checks_acl/$bypass_banned_checks_re
  # %bypass_header_checks/@bypass_header_checks_acl/$bypass_header_checks_re
  # See README.lookups for details about the syntax.
  # The following example disables spam checking altogether,
  # since it matches any recipient e-mail address (any address
  # is a subdomain of the top-level root DNS domain):
  # @bypass_spam_checks_acl = qw( . );
  # @bypass_header_checks_acl = qw( [email protected] );
  # @bad_header_lovers_acl = qw( [email protected] );
  # See README.lookups for further detail, and examples below.
  # $virus_lovers{lc("postmaster\@$mydomain")} = 1;
  # $virus_lovers{lc('[email protected]')} = 1;
  # $virus_lovers{lc('[email protected]')} = 1;
  # $virus_lovers{lc('some.user@')} = 1; # this recipient, regardless of domain
  # $virus_lovers{lc('[email protected]')} = 0; # never, even if domain matches
  # $virus_lovers{lc('example.com')} = 1; # this domain, but not its subdomains
  # $virus_lovers{lc('.example.com')}= 1; # this domain, including its subdomains
  #or:
  # @virus_lovers_acl = qw( [email protected] !lab.xxx.com .xxx.com yyy.org );
  # $bypass_virus_checks{lc('[email protected]')} = 1;
  # @bypass_virus_checks_acl = qw( some.ddd !butnot.example.com .example.com );
  # @virus_lovers_acl = qw( [email protected] );
  # $virus_lovers_re = new_RE( qr'(helpdesk|postmaster)@example\.com$'i );
  # $spam_lovers{lc("postmaster\@$mydomain")} = 1;
  # $spam_lovers{lc('[email protected]')} = 1;
  # $spam_lovers{lc('[email protected]')} = 1;
  # @spam_lovers_acl = qw( !.example.com );
  # $spam_lovers_re = new_RE( qr'^user@example\.com$'i );
  # don't run spam check for these RECIPIENT domains:
  # @bypass_spam_checks_acl = qw( d1.com .d2.com a.d3.com );
  # or the other way around (bypass check for all BUT these):
  # @bypass_spam_checks_acl = qw( !d1.com !.d2.com !a.d3.com . );
  # a practical application: don't check outgoing mail for spam:
  # @bypass_spam_checks_acl = ( "!.$mydomain", "." );
  # (a downside of which is that such mail will not count as ham in SA bayes db)
  # Where to find SQL server(s) and database to support SQL lookups?
  # A list of triples: (dsn,user,passw). (dsn = data source name)
  # Specify more than one for multiple (backup) SQL servers.
  # See 'man DBI', 'man DBD::mysql', 'DBD::Pg', ... for details.
  # @lookup_sql_dsn =
  # ( ['DBI:mysql:mail:host1', 'some-username1', 'some-password1'],
  # ['DBI:mysql:mail:host2', 'some-username2', 'some-password2'] );
  # ('mail' in the example is the database name, choose what you like)
  # With PostgreSQL the dsn (first element of the triple) may look like:
  # 'DBI:Pg:host=host1;dbname=mail'
  # The SQL select clause to fetch per-recipient policy settings.
  # The %k will be replaced by a comma-separated list of query addresses
  # (e.g. full address, domain only, catchall). Use ORDER, if there
  # is a chance that multiple records will match - the first match wins.
  # If field names are not unique (e.g. 'id'), the later field overwrites the
  # earlier in a hash returned by lookup, which is why we use '*,users.id'.
  # No need to uncomment the following assignment if the default is ok.
  # $sql_select_policy = 'SELECT *,users.id FROM users,policy'.
  # ' WHERE (users.policy_id=policy.id) AND (users.email IN (%k))'.
  # ' ORDER BY users.priority DESC';
  # The SQL select clause to check sender in per-recipient whitelist/blacklist
  # The first SELECT argument '?' will be users.id from recipient SQL lookup,
  # the %k will be sender addresses (e.g. full address, domain only, catchall).
  # The default value is:
  # $sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr'.
  # ' WHERE (rid=?) AND (sid=mailaddr.id) AND (mailaddr.email IN (%k))'.
  # ' ORDER BY mailaddr.priority DESC';
  # To disable SQL white/black list, set to undef (otherwise comment-out
  # the following statement, leaving it at the default value):
  $sql_select_white_black_list = undef; # undef disables SQL white/blacklisting
  # If you decide to pass viruses (or spam) to certain recipients using the
  # above lookup tables or using $final_virus_destiny=1, you can set
  # the variable $addr_extension_virus ($addr_extension_spam) to some
  # string, and the recipient address will have this string appended
  # as an address extension to the local-part of the address. This extension
  # can be used by final local delivery agent to place such mail in different
  # folders. Leave these two variables undefined or empty strings to prevent
  # appending address extensions. Setting has no effect on recipient which will
  # not be receiving viruses/spam. Recipients who do not match lookup tables
  # local_domains* are not affected.
  # LDAs usually default to stripping away address extension if no special
  # handling is specified, so having this option enabled normally does no harm,
  # provided the $recipients_delimiter matches the setting on the final
  # MTA's LDA.
  # $addr_extension_virus = 'virus'; # (default is undef, same as empty)
  # $addr_extension_spam = 'spam'; # (default is undef, same as empty)
  # $addr_extension_banned = 'banned'; # (default is undef, same as empty)
  # Delimiter between local part of the recipient address and address extension
  # (which can optionally be added, see variables $addr_extension_virus and
  # $addr_extension_spam). E.g. recipient address <[email protected]> gets changed
  # to <[email protected]>.
  # Delimiter should match equivalent (final) MTA delimiter setting.
  # (e.g. for Postfix add 'recipient_delimiter = +' to main.cf)
  # Setting it to an empty string or to undef disables this feature
  # regardless of $addr_extension_virus and $addr_extension_spam settings.
  $recipient_delimiter = '+'; # (default is '+')
  # true: replace extension; false: append extension
  # $replace_existing_extension = 1; # (default is false)
  # Affects matching of localpart of e-mail addresses (left of '@')
  # in lookups: true = case sensitive, false = case insensitive
  $localpart_is_case_sensitive = 0; # (default is false)
  # ENVELOPE SENDER WHITELISTING / BLACKLISTING - GLOBAL (RECIPIENT-INDEPENDENT)
  # WHITELISTING: use ENVELOPE SENDER lookups to ENSURE DELIVERY from whitelisted
  # senders even if the message is recognized as spam. Effectively, for the
  # specified senders, message RECIPIENTS temporarily become 'spam_lovers', with
  # further processing being the same as otherwise specified for spam lovers.
  # It does not turn off inserting spam-related headers, if they are enabled.
  # BLACKLISTING: messages from specified SENDERS are DECLARED SPAM.
  # Effectively, for messages from blacklisted senders, spam level
  # is artificially pushed high, and the normal spam processing applies,
  # resulting in 'X-Spam-Flag: YES', high 'X-Spam-Level' bar and other usual
  # reactions to spam, including possible rejection. If the message nevertheless
  # still passes (e.g. for spam loving recipients), it is tagged as BLACKLISTED
  # in the 'X-Spam-Status' header field, but the reported spam value and
  # set of tests in this report header field (if available from SpamAssassin,
  # which may have not been called) is not adjusted.
  # A sender may be both white- and blacklisted at the same time,
  # settings are independent. For example, being both white- and blacklisted,
  # message is delivered to recipients, but is tagged as spam.
  # If ALL recipients of the message either white- or blacklist the sender,
  # spam scanning (calling the SpamAssassin) is bypassed, saving on time.
  # The following variables (lookup tables) are available, with the semantics
  # and syntax as specified in README.lookups:
  # %whitelist_sender, @whitelist_sender_acl, $whitelist_sender_re
  # %blacklist_sender, @blacklist_sender_acl, $blacklist_sender_re
  # SOME EXAMPLES:
  #ACL:
  # @whitelist_sender_acl = qw( .example.com );
  # @whitelist_sender_acl = ( ".$mydomain" ); # $mydomain and its subdomains
  # NOTE: This is not a reliable way of turning off spam checks for
  # locally-originating mail, as sender address can easily be faked.
  # To reliably avoid spam-scanning outgoing mail,
  # use @bypass_spam_checks_acl .
  #RE:
  # $whitelist_sender_re = new_RE(
  # qr'^postmaster@.*\bexample\.com$'i,
  # qr'^owner-[^@]*@'i, qr'-request@'i,
  # qr'\.example\.com$'i );
  $blacklist_sender_re = new_RE(
  qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
  qr'^(investments|lose_weight_today|market.alert|money2you|MyGreenCard)@'i,
  qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,
  qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
  qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
  qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,
  #HASH lookup variant:
  # NOTE: Perl operator qw splits its argument string by whitespace
  # and produces a list. This means that addresses can not contain
  # whitespace, and there is no provision for comments within the string.
  # You can use the normal Perl list syntax if you have special requirements,
  # e.g. map {...} ('one user@bla', '.second.com'), or use read_hash to read
  # addresses from a file.
  # a hash lookup table can be read from a file,
  # one address per line, comments and empty lines are permitted:
  # read_hash(\%whitelist_sender, '/var/amavis/whitelist_sender');
  # ... or set directly:
  # $whitelist_sender{''} = 1; # don't spam-check MTA bounces
  map { $whitelist_sender{lc($_)}=1 } (qw(
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  [email protected]
  returns.groups.yahoo.com
  # ENVELOPE SENDER WHITELISTING / BLACKLISTING - PER-RECIPIENT
  # The same semantics as for global white/blacklisting applies, but this
  # time each recipient (or its domain, or subdomain, ...) can be given
  # an individual lookup table for matching senders. The per-recipient lookups
  # override the global lookups, which serve as a fallback default.
  # Specify a two-level lookup table: the key for the outer table is recipient,
  # and the result should be an inner lookup table (hash or ACL or RE),
  # where the key used will be the sender.
  #$per_recip_blacklist_sender_lookup_tables = {
  # '[email protected]'=>new_RE(qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i),
  # '[email protected]'=>[qw( [email protected],org .d2.example,org )],
  #$per_recip_whitelist_sender_lookup_tables = {
  # '[email protected]' => [qw( [email protected] .other.example.org )],
  # '.my1.example.com' => [qw( !foe.other.example,org .other.example,org )],
  # '.my2.example.com' => read_hash('/var/amavis/my2-wl.dat'),
  # 'abuse@' => { 'postmaster@'=>1,
  # '[email protected]'=>1, '[email protected]'=>1 },
  # Section VI - Resource limits
  # Sanity limit to the number of allowed recipients per SMTP transaction
  # $smtpd_recipient_limit = 1000; # (default is 1000)
  # Resource limitations to protect against mail bombs (e.g. 42.zip)
  # Maximum recursion level for extraction/decoding (0 or undef disables limit)
  $MAXLEVELS = 14; # (default is undef, no limit)
  # Maximum number of extracted files (0 or undef disables the limit)
  $MAXFILES = 1500; # (default is undef, no limit)
  # For the cumulative total of all decoded mail parts we set max storage size
  # to defend against mail bombs. Even though parts may be deleted (replaced
  # by decoded text) during decoding, the size they occupied is _not_ returned
  # to the quota pool.
  # Parameters to storage quota formula for unpacking/decoding/decompressing
  # Formula:
  # quota = max($MIN_EXPANSION_QUOTA,
  # $mail_size*$MIN_EXPANSION_FACTOR,
  # min($MAX_EXPANSION_QUOTA, $mail_size*$MAX_EXPANSION_FACTOR))
  # In plain words (later condition overrules previous ones):
  # allow MAX_EXPANSION_FACTOR times initial mail size,
  # but not more than MAX_EXPANSION_QUOTA,
  # but not less than MIN_EXPANSION_FACTOR times initial mail size,
  # but never less than MIN_EXPANSION_QUOTA
  $MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
  $MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
  $MIN_EXPANSION_FACTOR = 5; # times original mail size (must be specified)
  $MAX_EXPANSION_FACTOR = 500; # times original mail size (must be specified)
  # Section VII - External programs, virus scanners
  # Specify a path string, which is a colon-separated string of directories
  # (no trailing slashes!) to be assigned to the environment variable PATH
  # and to serve for locating external programs below.
  # NOTE: if $daemon_chroot_dir is nonempty, the directories will be
  # relative to the chroot directory specified;
  $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
  # Specify one string or a search list of strings (first match wins).
  # The string (or: each string in a list) may be an absolute path,
  # or just a program name, to be located via $path;
  # Empty string or undef (=default) disables the use of that external program.
  # Optionally command arguments may be specified - only the first substring
  # up to the whitespace is used for file searching.
  $file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability
  $gzip = 'gzip';
  $bzip2 = 'bzip2';
  $lzop = 'lzop';
  $uncompress = ['uncompress', 'gzip -d', 'zcat'];
  $unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
  $arc = ['nomarch', 'arc'];
  $unarj = ['arj', 'unarj']; # both can extract, same options
  $unrar = ['rar', 'unrar']; # both can extract, same options
  $zoo = 'zoo';
  $lha = 'lha';
  $cpio = 'cpio';
  # SpamAssassin settings
  # $sa_local_tests_only is passed to Mail::SpamAssassin::new as a value
  # of the option local_tests_only. See Mail::SpamAssassin man page.
  # If set to 1, no tests that require internet access will be performed.
  $sa_local_tests_only = 1; # (default: false)
  #$sa_auto_whitelist = 1; # turn on AWL (default: false)
  $sa_mail_body_size_limit = 64*1024; # don't waste time on SA if mail is larger
  # (less than 1% of spam is > 64k)
  # default: undef, no limitations
  # default values, can be overridden by more specific lookups, e.g. SQL
  $sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
  $sa_tag2_level_deflt = 3.0; # add 'spam detected' headers at that level
  $sa_kill_level_deflt = 22.0;
  #$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
  # at or above that level: bounce/reject/drop,
  # quarantine, and adding mail address extension
  # The $sa_tag_level_deflt, $sa_tag2_level_deflt and $sa_kill_level_deflt
  # may also be hashrefs to hash lookup tables, to make static per-recipient
  # settings possible without having to resort to SQL or LDAP lookups.
  # a quick reference:
  # tag_level controls adding the X-Spam-Status and X-Spam-Level headers,
  # tag2_level controls adding 'X-Spam-Flag: YES', and editing Subject,
  # kill_level controls 'evasive actions' (reject, quarantine, extensions);
  # it only makes sense to maintain the relationship:
  # tag_level <= tag2_level <= kill_level
  # string to prepend to Subject header field when message exceeds tag2 level
  $sa_spam_subject_tag = '*** JUNK MAIL ***'; # (defaults to undef, disables)
  # (only seen when spam is not to be rejected
  # and recipient is in local_domains*)
  $sa_spam_modifies_subj = 1; # may be a ref to a lookup table, default is true
  # Example: modify Subject for all local recipients except [email protected]
  #$sa_spam_modifies_subj = [qw( [email protected] . )];
  # @av_scanners is a list of n-tuples, where fields semantics is:
  # 1. av scanner plain name, to be used in log and reports;
  # 2. scanner program name; this string will be submitted to subroutine
  # find_external_programs(), which will try to find the full program
  # path name; if program is not found, this scanner is disabled.
  # Besides a simple string (full program path name or just the basename
  # to be looked for in PATH), this may be an array ref of alternative
  # program names or full paths - the first match in the list will be used;
  # As a special case for more complex scanners, this field may be
  # a subroutine reference, and the whole n-tuple is passed to it as args.
  # 3. command arguments to be given to the scanner program;
  # a substring {} will be replaced by the directory name to be scanned,
  # i.e. "$tempdir/parts"
  # 4. an array ref of av scanner exit status values, or a regexp (to be
  # matched against scanner output), indicating NO VIRUSES found;
  # 5. an array ref of av scanner exit status values, or a regexp (to be
  # matched against scanner output), indicating VIRUSES WERE FOUND;
  # Note: the virus match prevails over a 'not found' match, so it is safe
  # even if 4. matches for viruses too;
  # 6. a regexp (to be matched against scanner output), returning a list
  # of virus names found.
  # 7. and 8.: (optional) subroutines to be executed before and after scanner
  # (e.g. to set environment or current directory);
  # see examples for these at KasperskyLab AVP and Sophos sweep.
  # NOTES:
  # - NOT DEFINING @av_scanners (e.g. setting it to empty list, or deleting the
  # whole assignment) TURNS OFF LOADING AND COMPILING OF THE ANTIVIRUS CODE
  # (which can be handy if all you want to do is spam scanning);
  # - the order matters: although _all_ available entries from the list are
  # always tried regardless of their verdict, scanners are run in the order
  # specified: the report from the first one detecting a virus will be used
  # (providing virus names and scanner output); REARRANGE THE ORDER TO WILL;
  # - it doesn't hurt to keep an unused command line scanner entry in the list
  # if the program can not be found; the path search is only performed once
  # during the program startup;
  # CORROLARY: to disable a scanner that _does_ exist on your system,
  # comment out its entry or use undef or '' as its program name/path
  # (second parameter). An example where this is almost a must: disable
  # Sophos 'sweep' if you have its daemonized version Sophie or SAVI-Perl
  # (same for Trophie/vscan, and clamd/clamscan), or if another unrelated
  # program happens to have a name matching one of the entries ('sweep'
  # again comes to mind);
  # - it DOES HURT to keep unwanted entries which use INTERNAL SUBROUTINES
  # for interfacing (where the second parameter starts with \&).
  # Keeping such entry and not having a corresponding virus scanner daemon
  # causes an unnecessary connection attempt (which eventually times out,
  # but it wastes precious time). For this reason the daemonized entries
  # are commented in the distribution - just remove the '#' where needed.
  @av_scanners = (
  # ### http://www.vanja.com/tools/sophie/
  # ['Sophie',
  # \&ask_daemon, ["{}/\n", '/var/run/sophie'],
  # qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
  # qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
  # ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/
  # ['Sophos SAVI', \&sophos_savi ],
  # ### http://clamav.elektrapro.com/
  # ['Clam Antivirus-clamd',
  # \&ask_daemon, ["CONTSCAN {}\n", '/var/amavis/clamd'],
  # qr/\bOK$/, qr/\bFOUND$/,
  # qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
  # # NOTE: run clamd under the same user as amavisd,
  # # match the socket name in clamav.conf to the socket name in this entry
  # ### http://www.openantivirus.org/
  # ['OpenAntiVirus ScannerDaemon (OAV)',
  # \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'],
  # qr/^OK/, qr/^FOUND: /, qr/^FOUND: (.+)/ ],
  # ### http://www.vanja.com/tools/trophie/
  # ['Trophie',
  # \&ask_daemon, ["{}/\n", '/var/run/trophie'],
  # qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
  # qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
  # ### http://www.f-prot.com/
  # ['FRISK F-Prot Daemon',
  # \&ask_daemon,
  # ["GET {}/*?-dumb%20-archive HTTP/1.0\r\n\r\n",
  # ['127.0.0.1:10200','127.0.0.1:10201','127.0.0.1:10202',
  # '127.0.0.1:10203','127.0.0.1:10204'] ],
  # qr/(?i)<summary[^>]*>clean<\/summary>/,
  # qr/(?i)<summary[^>]*>infected<\/summary>/,
  # qr/(?i)<name>(.+)<\/name>/ ],
  ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp','kavscanner'],
  "-* -P -B -Y -O- {}", [0,3,8], [2,4], # any use for -A -K ?
  qr/infected: (.+)/,
  sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
  sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
  ['KasperskyLab AVPDaemonClient',
  [ '/opt/AVP/kavdaemon', 'kavdaemon',
  '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
  '/opt/AVP/AvpTeamDream', 'AvpTeamDream',
  '/opt/AVP/avpdc', 'avpdc' ],
  '{}', [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/ ],
  # change the startup-script in /etc/init.d/kavd to:
  # DPARMS="-I0 -Y -* /var/amavis"
  # adjusting /var/amavis above to match your $TEMPBASE.
  # NOTE: cd /opt/AVP/DaemonClients; configure; cd Sample; make
  # cp AvpDaemonClient /opt/AVP/
  ### http://www.hbedv.com/ or http://www.centralcommand.com/
  ['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
  ['antivir','vexira'],
  '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
  qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
  (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
  # NOTE: remove the -z if you only have a demo version
  ### http://www.commandsoftware.com/
  ['Command AntiVirus for Linux', 'csav',
  '-all -archive -packed {}', [50], [51,52,53],
  qr/Infection: (.+)/ ],
  ### http://www.symantec.com/
  ['Symantec CarrierScan via Symantec CommandLineScanner',
  ['cscmdline','savsecls'],
  '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
  qr/Files Infected: 0/, qr/^Infected: /,
  qr/Info:\s+(.+)/ ],
  ### http://drweb.imshop.de/
  ['DrWeb Antivirus for Linux/FreeBSD/Solaris', 'drweb',
  '-al -ar -fm -go -ha -ml -ot -sd -up {}',
  [0], [1], sub {('no-name')} ],
  ### http://www.f-secure.com/products/anti-virus/
  ['F-Secure Antivirus', 'fsav',
  '--dumb --archive {}', [0], [3,8],
  qr/(?:infection|Infected): (.+)/ ],
  ['CAI InoculateIT', 'inocucmd',
  '-sec -nex {}', [0], [100],
  qr/was infected by virus (.+)/ ],
  ['MkS_Vir for Linux (beta)', ['mks32','mks'],
  '-s {}/*', [0], [1,2],
  qr/--[ \t]*(.+)/ ],
  ['MkS_Vir daemon',
  'mksscan', '-s -q {}', [0], [1..7],
  qr/^... (\S+)/ ],
  ### http://www.nod32.com/
  ['ESET Software NOD32', 'nod32',
  '-all -subdir+ {}', [0], [1,2],
  qr/^.+? - (.+?)\s*(?:backdoor|joke|trojan|virus|worm)/ ],
  ### http://www.nod32.com/
  ['ESET Software NOD32 - Client/Server Version', 'nod32cli',
  '-a -r -d recurse --heur standard {}', [0], [10,11],
  qr/^\S+\s+infected:\s+(.+)/ ],
  ### http://www.norman.com/products_nvc.shtml
  ['Norman Virus Control v5 / Linux', 'nvccmd',
  '-c -l:0 -s -u {}', [0], [1],
  qr/(?i).* virus in .* -> \'(.+)\'/ ],
  ### http://www.pandasoftware.com/
  ['Panda Antivirus for Linux', ['pavcl','pavc'],
  '-aut -aex -heu -cmp -nor -nso -eng {}',
  qr/Number of files infected\.*: 0(?!\d)/,
  qr/Number of files infected\.*: 0*[1-9]/,
  qr/Found virus :\s*(\S+)/ ],
  # Check your RAV license terms before fiddling with the following two lines!
  # ['GeCAD RAV AntiVirus 8', 'ravav',
  # '--all --archive --mail {}', [1], [2,3,4,

  You are welcome. I'm glad you got it back up.
  (1) You say you did the symbolic link. I will assume this is set correctly; it's very important that it is.
  (2) I don't know what you mean by "Been feeding the [email protected] for several weeks now, 700 emails each day at least." After the initial training period, SpamAssassin doesn't learn from mail it has already processed correctly. At this point, you only need to teach SpamAssassin when it is wrong. [email protected] should only be getting spam that is being passed as clean. Likewise, [email protected] should only be getting legitimate mail that is being flagged as junk. You are redirecting mail to both [email protected] and [email protected] ... right? SpamAssassin needs both.
  (3) Next, as I said before, you need to implement those "Frontline spam defense for Mac OS X Server." Once you have that done and issue "postfix reload" you can look at your SMTP log in Server Admin and watch as Postfix blocks one piece of junk mail after another. It's kind of cool.
  (4) Add some SARE rules:
  Visit http://www.rulesemporium.com/rules.htm and download the following rules:
  70sareadult.cf
  70saregenlsubj0.cf
  70sareheader0.cf
  70sarehtml0.cf
  70sareobfu0.cf
  70sareoem.cf
  70sarespoof.cf
  70sarestocks.cf
  70sareunsub.cf
  72sare_redirectpost
  Visit http://www.rulesemporium.com/other-rules.htm and download the following rules:
  backhair.cf
  bogus-virus-warnings.cf
  chickenpox.cf
  weeds.cf
  Copy these rules to /etc/mail/spamassassin/
  Then stop and restart mail services.
  There are other things you can do, and you'll find differing opinions about such things. In general, I think implementing the "Frontline spam defense for Mac OS X Server" and adding the SARE rules will help a lot. Good luck!

• Ironport Whitelist and related questions

  Hi all,
  I have recently started at a new position for a company that is utilising ironport as the email spam filtering/virus checking appliance.
  Almost immediately after starting in my position issues were being discussed, where the senderbase reputation scoring was marking a sister companies mail as spam - obviously due to a bad reputation.
  It was important that these mails were delivered and the obvious answer seemed to be to whitelist the domains, which was implemented by another support person. After the whitelist setting was applied though the mails were still be rejected due to being suspected spam - there is no quarantine setup.
  Today I logged into the boxes to see if I could syslog the mail logs to a seperate linux server and suddenly got wrapped up in this problem. I had a look and could see the domains in the whitelist section within the HAT, after doing some reading I can confirm the whitelist section was ordered as being number 1 in the list and by looking further it looks like the whitelist domains were via the 'add to sender group' button within the monitoring overview screens (this is assumed as both .sistercompany.com and sistercompany.com were appended to the whitelist).
  After a few hours of reading up I couldn't understand why the whitelist wasn't working, I even did a lookup of the domain in the monitoring overview search section for mail recieved by sistercompany.com and could see that it belonged in the whitelist group. I got further confused when reading the help and support guide - it had screenshots that looked very similar to our setup [within the HAT overview and Mail Policies], however it had an sbrs for the whitelist set between 6 and 10, where as that was blank on our system, nowhere in the document would it describe why this sbrs value was set. Bearing in mind I have only had a few hours of experience with this product, so these maybe silly questions but:
  Why would you add an sbrs value to the whitelist - I would have thought whitelists would ignore any score presented.
  If number 1 has nothing to do with why these domains were still being flagged as spam, has anyone got any suggestions as to what the issue maybe?
  For a small bit of information we have the C660 appliances installed.
  Any help would be much appreciated

  I'm taking a wild guess here since there are a lot of missing details. Forgive me if I'm covering ground you've already trod.
  Remember that the HAT controls how incoming SMTP connections are handled, so entries in the HAT must correspond to the remote SMTP servers that are connecting to you. You don't put the "domain" part of "user@domain" in the HAT ("sistercompany.com" in your case), you put in the the domain names of the actual remote SMTP servers or a wildcard that matches them all. In your case, this might be ".sistercompay.com" (note the leading "." indicating that this will match any domain name ending with ".sistercompany.com"), but only if their SMTP servers have host names in that domain.
  Whitlisting by domain name requires that the IP addresses of those remote SMTP servers have correct rDNS. If they don't, you'll have to list them in the HAT by IP address. FYI, we never put anything in the HAT by IP address unless it is unavoidable. Using domain names and requiring correct rDNS forces good DNS hygiene, and also provides a layer of abstraction. The server's address can change, but so long as the DNS is kept up to date we don't have to change our HAT entries.
  You can see from the mail logs what sender group is being applied on each SMTP connection. Find one of the rejected messages in the log and see what sender group its connection landed in. If it didn't land in the whitelist (which will almost certainly be the case, given that the message was not in fact whitelisted), then you know the HAT entry is wrong. You can also use the log to determine the actual domain name of the remote server, assuming the rDNS for its IP address is correct.
  The example screenshot in the manual showing SBRS between 6 and 10 being whitelisted is demonstrating that you can whitelist by SBRS as well as by explicit listing in the sender group. Your whitelist simply isn't doing this, which is fine. In this age of rampant spamming from stolen accounts on reputable servers, whitelisting by SBRS can let spam in. We raised the lower limit from 6 to 8 several years ago after getting hit in this exact way.
  ++Don

• Whitelist in Reader X doesn't work

  Hello everyone,
  Anybody can help me figure out this?
  I have a plug-in which will call functions in a DLL to invoke 3rd-party application's UI. It works in Reader 9.0, none-protect mode in Reader X. But it doesn't work in protect mode in Reader X.
  (Here, it used COM to make the communication. )
  To make this plug-in be trusted. I followed the document to make whitelist:
  1. Set registry to enable the configurable file of white-list.
  Create a key-value named bUseWhitelistConfigFile with value 1, under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\10.0\FeatureLockDown.
  2. Create the configure file named ProtectedModeWhitelistConfig.txt under Reader X’s installation folder.
  3. Write configure file in #2 with following content to allow it access to Tamale Software
  ; Files Section
  FILES_ALLOW_ANY = *
  ; Processes
  PROCESS_ALL_EXEC = *
  ; Registry
  REG_ALLOW_ANY = *
  ; Mutants
  MUTANT_ALLOW_ANY = *
  ; Sections
  SECTION_ALLOW_ANY = *
  I think my configure will allow all access to local. Same as disable the protect mode. Right?
  Why my plug-in can work when protect mode is disabled but cannot work in my setting of whitelist?
  Thanks a lot~ ^_^
  =================
  More information about this topic:
  I got log from Reader X:
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: MSFT.VSA.COM.DISABLE.4092
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: MSFT.VSA.IEC.STATUS.6c736db0
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: Global\CLR_PerfMon_StartEnumEvent
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: Global\CLR_PerfMon_StartEnumEvent
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:52] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:52] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:52] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:52] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:52] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:52] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:54] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:54] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:54] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:54] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:54] name: MSFT.VSA.COM.DISABLE.4092
  [03:22/01:20:54] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:54] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:54] name: MSFT.VSA.IEC.STATUS.6c736db0
  [03:22/01:20:54] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:21:00] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:21:00] name: _fCanRegisterWithShellService
  [03:22/01:21:00] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:21:07] NtOpenSection: STATUS_ACCESS_DENIED
  All status are Denied. Why? I feel confused about this.
  =================
  I updated my policy rules. Now, I will not get STATUS_ACCESS_DENIED in the log anymore.
  But still, my plug-in does not work.
  The latest log is:
  [03:22/01:51:22] Adobe Reader Protected Mode Logging Initiated
  [03:22/01:51:22] Found custom policy file: C:\Program Files\Adobe\Reader 10.0\Reader\ProtectedModeWhitelistConfig.txt
  [03:22/01:51:22] Adding custom policy: FILES_ALLOW_ANY = c:\*
  [03:22/01:51:22] Adding custom policy: PROCESS_ALL_EXEC = c:\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CLASSES_ROOT\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CURRENT_USER\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_LOCAL_MACHINE\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_USERS\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CURRENT_CONFIG\*
  [03:22/01:51:22] Adding custom policy: MUTANT_ALLOW_ANY = \BaseNamedObjects\MS*
  [03:22/01:51:22] Adding custom policy: SECTION_ALLOW_ANY = \BaseNamedObjects\MS*
  [03:22/01:51:22] Adding custom policy: SECTION_ALLOW_ANY = \BaseNamedObjects\Local*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = MS*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = Gl*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = _fC*
  [03:22/01:51:22] Adding custom policy: NAMEDPIPES_ALLOW_ANY = MS*
  [03:22/01:51:22] Adding custom policy: FILES_ALLOW_DIR_ANY = c:\*
  Then, nothing else. Any idea of my issue?
  Thanks a lot.
  =================
  To update my current status of this issue again.
  Now, I can catch the error when I try to create the instance of COM object. It will throw an error said: Class not registered.
  I still feel confused about this.

  Hello everyone,
  Anybody can help me figure out this?
  I have a plug-in which will call functions in a DLL to invoke 3rd-party application's UI. It works in Reader 9.0, none-protect mode in Reader X. But it doesn't work in protect mode in Reader X.
  (Here, it used COM to make the communication. )
  To make this plug-in be trusted. I followed the document to make whitelist:
  1. Set registry to enable the configurable file of white-list.
  Create a key-value named bUseWhitelistConfigFile with value 1, under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\10.0\FeatureLockDown.
  2. Create the configure file named ProtectedModeWhitelistConfig.txt under Reader X’s installation folder.
  3. Write configure file in #2 with following content to allow it access to Tamale Software
  ; Files Section
  FILES_ALLOW_ANY = *
  ; Processes
  PROCESS_ALL_EXEC = *
  ; Registry
  REG_ALLOW_ANY = *
  ; Mutants
  MUTANT_ALLOW_ANY = *
  ; Sections
  SECTION_ALLOW_ANY = *
  I think my configure will allow all access to local. Same as disable the protect mode. Right?
  Why my plug-in can work when protect mode is disabled but cannot work in my setting of whitelist?
  Thanks a lot~ ^_^
  =================
  More information about this topic:
  I got log from Reader X:
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: MSFT.VSA.COM.DISABLE.4092
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: MSFT.VSA.IEC.STATUS.6c736db0
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: Global\CLR_PerfMon_StartEnumEvent
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: Global\CLR_PerfMon_StartEnumEvent
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:52] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:52] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:52] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:52] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:52] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:52] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:54] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:54] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:54] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:54] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:54] name: MSFT.VSA.COM.DISABLE.4092
  [03:22/01:20:54] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:54] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:54] name: MSFT.VSA.IEC.STATUS.6c736db0
  [03:22/01:20:54] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:21:00] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:21:00] name: _fCanRegisterWithShellService
  [03:22/01:21:00] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:21:07] NtOpenSection: STATUS_ACCESS_DENIED
  All status are Denied. Why? I feel confused about this.
  =================
  I updated my policy rules. Now, I will not get STATUS_ACCESS_DENIED in the log anymore.
  But still, my plug-in does not work.
  The latest log is:
  [03:22/01:51:22] Adobe Reader Protected Mode Logging Initiated
  [03:22/01:51:22] Found custom policy file: C:\Program Files\Adobe\Reader 10.0\Reader\ProtectedModeWhitelistConfig.txt
  [03:22/01:51:22] Adding custom policy: FILES_ALLOW_ANY = c:\*
  [03:22/01:51:22] Adding custom policy: PROCESS_ALL_EXEC = c:\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CLASSES_ROOT\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CURRENT_USER\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_LOCAL_MACHINE\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_USERS\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CURRENT_CONFIG\*
  [03:22/01:51:22] Adding custom policy: MUTANT_ALLOW_ANY = \BaseNamedObjects\MS*
  [03:22/01:51:22] Adding custom policy: SECTION_ALLOW_ANY = \BaseNamedObjects\MS*
  [03:22/01:51:22] Adding custom policy: SECTION_ALLOW_ANY = \BaseNamedObjects\Local*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = MS*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = Gl*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = _fC*
  [03:22/01:51:22] Adding custom policy: NAMEDPIPES_ALLOW_ANY = MS*
  [03:22/01:51:22] Adding custom policy: FILES_ALLOW_DIR_ANY = c:\*
  Then, nothing else. Any idea of my issue?
  Thanks a lot.
  =================
  To update my current status of this issue again.
  Now, I can catch the error when I try to create the instance of COM object. It will throw an error said: Class not registered.
  I still feel confused about this.

• PLM Web UI ACM/ACL issue

  Hi All,
  I am configuring PLM Business package/ Web UI in portal. Version EHP4. (PLM Web UI)
  Every screen (Material, BOM) giving me error "Authorizations are missing" . I know this trusted user issue.
  I provided the role "SAP_PLMWUI_TRUSTED_USER_ALL" in ECC System.
  How I can fix the problem? Which roles I need to assign to resolve the problem. FYI, Document are working fine. Because documents are not the part of ACM
  2. I am looking in to SAP Help for authorizations  but there are not detailed steps to set up these ACM/ACL .
  3. How I can generate Root Context. There is a program we can run in SE38. But before that I need to assign Context Admin role to in IMG. Which role I need to assign as Context Admin.
  I appreciate your help. Thanks in Advance.
  Regards
  Mark

  administrator can set up the whitelist in Customizing for SAP NetWeaver under SAP
  Web Application Server Web Dynpro ABAP Set-Up Active Controls Whitelist .
  o The whitelist has to be named DEFAULT.
  o File Extension
  All files of this type can be executed in an external program by using the
  Customizing option %auto%. For more information see Customizing for Logistics
  General under Product Lifecycle Management PLM Web User Interface
  Objects Document in PLM Web UI Define Workstation Application
  o Application
  Enter applications to be used for viewing or editing a file.
  o Download
  Enter at least one directory and one server. The system opens the directory and
  all subdirectories for the download.
  o Upload
  Enter at least one directory and one server. The system opens the directory and
  all subdirectories for the upload.
  Make an entry for each option (File Extension, Application, Download,
  Upload).
  o Find the correct server name for upload and download
  Working with a local whitelist in a SAP system requires a certificate for the system used.
  The administrator must download the certificate using transaction WDR_ACF_GEN_CERT.
  Alternatively, the administrator can create the new certificate in Customizing for SAP
  NetWeaver under Application Server Web Dynpro ABAP Generate Certificate for
  Whitelist
  3. Each user has to install the certifcate using transaction ACF_WHITELIST_SETUP.
  Alternatively, the user can install the certificate via Customizing for SAP NetWeaver
  under Application Server Web Dynpro ABAP Activate Active Controls Whitelist .
  o The provided list of whitelists is only for display reasons. The certificate is always
  installed for the DEFAULT whitelist.
  o You have to install the certificate after each change of the DEFAULT whitelist

• Issues with publishing my iWeb site to .MAC - Progress bar freezes at 100%

  Well, as topic says, i'm having troubles publishing my iWeb site to .MAC now since upgrading to '08. The progress bar reaches full circle, but then nothing. Left it uploading to .Mac for well over 2 hours one time while out of the house...nada. Sometimes i get an error message, sometimes not and have to close iWeb while it's still publishing.
  Any feedback regarding this?
  Thanks in advance.
  /Rich

  Update: After 36 hours, I have successfully managed to upload my entire website via the "Publish All to .Mac" option. I now have blue indicators on the left side of my iWeb program in place of those pesky red ones. How did I do it? Well, I'm not sure. But on my last attempt I looked at the problem from a different perspective, so I took an alternate approach. I had a feeling that I was experiencing a network timeout issue caused by a 3rd party software, so I created a Whitelist entry on my website filtering software that allows unlimited access to "idisk.mac.com";; and "web.mac.com";; domains. I've got two kids at home, so I'm running the free OpenDNS Dashboard service on my network which provides content filtering (blocks adult site, phishing site, etc..). I started using this service two weeks ago. My last website update was a week before that. I figured I had nothing to loose by trying. To my surprise, it worked. Now, it took almost two hours to publish, of which the pie indicator was in the  "filled" position for a nerve racking hour. To reconfirm,  I then made a minor change to one of the pages on my website and re-published. This time using the "Publish to .Mac" option in place of the ALL option and once again it worked. It took less than 5 minutes. Now, I'm not sure if this is a coincidence, maybe Apple fixed the problem, or maybe my website filtering service was causing some type of time out issue all along??  Don't know.. But at least for now, I'm a happy camper since I have my site up.

• Trouble Whitelisting E-mail Server IP

  In the hopes of attracting Verizon problem-solvers, I'm posting here as a Verizon customer and owner of a small business.  I own my own business domain, but my e-mail server is owned by a parent company and all outgoing e-mail goes through that company's e-mail server.  
    All of my outgoing business e-mail to Verizon addresses suddenly started to get blocked today by Verizon anti-spam.  I listed my e-mail provider's IP of the e-mail server, following Verizon's suggestion to submit it for whitelisting.  Twice it was rejected with the following reply: 
  After investigation, Verizon Online Security has determined that e-mail from your IP address will not be allowed access to the Verizon Online e-mail domain due to one or more of the following reasons:
  Your IP has been blocked because of spam issues or because your ISP indicates that it is dynamically assigned.
    So far as I know, the IP is static.  Also, the IP is not blacklisted (verified this at http://whatismyipaddress.com/blacklist-check).  
  My e-mail host threw up its hands, staing that my 'clients' should pick a different e-mail provider, i.e., not Verizon.  Uh, no.  Any ideas about getting on Verizon's WhiteList?
  Thanks.

  Since you are syncing with iCloud why don't you try to delete the Gmail account and try to send your mac mail. If mail goes through okay once the Gmail is gone then you can add Gmail back and all of your mail will also come back. See if that works for you.

• Unable to whitelist our mail server IP

  Hi,
  I hope Verizon Support staff will see this message as it is practically our last resort.
  Ever since we upgraded our dedicated server used as both web and mail server for the domain kraisoft.com (which inflicted IP address change) all emails sent out from this server to Verizon customers are being rejected with the following bounce message:
  host relay.verizon.net[206.46.232.11] refused to talk to me:
  571 Email from 69.64.78.50 is currently blocked by Verizon Online's anti-spam system. The email sender or Email Service Provider may visit http://www.verizon.net/whitelist and request removal of the block. 150330
  Any attempts to whitelist our server using the above-mentioned form end up within several minutes with seemingy automatic (judging by its uselessness and the time taken to investigate) reply:
  Your IP has been blocked because of spam issues or because your ISP indicates that it is dynamically assigned
  No Reverse Hostname associated with your IP address.
  Once you have addressed any security-related issues on your network, you should contact Verizon Online Security via this form.
  Sincerely,
  Verizon Online Security
  Any attempts to reply to this message, or use "this form", or email [email protected] quoted in the message end in complete and total silence.
  Needless to say the IP adress in question - 69.64.78.50 -
  1. Does not have any spam issues as it is a freshly assigned IP address for a new dedicated server built a couple of weeks ago (with your rejection started from the day one). The Postfix mailer on the server is configured properly, not an open relay, isn't listed in any of the 100 common blacklists, uses SSL client connections, has SPF records, signs email using DKIM etc.
  2. Isn't by any means a dynamic IP. It is a static IP, one of the 4 assigned to the server by the hoster.
  3. ANY available tool (online or command-line) will show within seconds that  a proper reverse hostname kraisoft.com is assosiated with the IP address in question 69.64.78.50 so the reply is obviously irrelevant.
  This is getting extremely frustrating and we'd be very, very grateful if this issue could be escalated to someone who can provide some additional info or resolve the issue.
  Thank you.

  Your issue has been escalated to a Verizon agent. Before the agent can begin assisting you, they will need to collect further information from you.
  Please go to your profile page for the forum, and look in the middle, right at the top where you will find an area titled "My Support Cases". You can reach your profile page by clicking on your name beside your post, or at the top left of this page underneath the title of the board.
  Under “My Support Cases” you will find a link to the private board where you and the agent may exchange information. This should be checked on a frequent basis as the agent may be waiting for information from you before they can proceed with any actions.
  To ensure you know when they have responded to you, at the top of your support case there is a drop down menu for support case options. Open that and choose "subscribe".
  Please keep all correspondence regarding your issue in the private support portal.

• RBL Whitelist

  Hello,
  We have an issue with our server rejecting email from a customer who is hosted with godady.
  After checking his SMTP details it would appear his outgoing server is listed on the RBLs.
  Godaddy's responce is for us to whitelist their IP...
  What I want to do is add the IP to /etc/postfix/rbl_whitelist, the only problem is this file is auto generated and I cant find where in the Server App I can manage this.
  Can anybody help please?
  Thanks,
  Mart

  Hi Ben,
  Going a little bit deeper into a useful tip before answering your question.  As a general rule, but not always, the Serveradmin command from a terminal session will let you do most things that the GUI does. Most, not all.....
  So to look for commands under Serveradmin that might help you, the easiest thing to do ( again as a general rule) is to type the following at a terminal prompt.
  $ sudo serveradmin settings list
  This will give you a list of the server "services".
  Then type:
  $ sudo serveradmin settings mail
  to get a complete list of the mail settings.
  If you know what you are looking for, e.g whitelisting, you could type:
  $ sudo serveradmin settings | grep white
  And that would return some settings of interest that were available through serveradmin.
  To answer your question , the command you are looking for is:
  $ sudo serveradmin settings mail:postfix:add_whitelist_domain = 'domain1.com,domain2.com,etc'
  Hope that helps
  Gerry