amavisd.conf-default   [plain text]


use strict;

## A CONFIGURATION FILE FOR AMAVISD-NEW, LISTING ALL CONFIGURATION VARIABLES
## WITH THEIR DEFAULT VALUES (FOR REFERENCE ONLY, NON-AUTHORITATIVE)

## This software is licensed under the GNU General Public License (GPL).
## See comments at the start of file amavisd for the whole license text.
##   Copyright (C) 2002-2009  Mark Martinec,  All Rights Reserved.

## See file amavisd.conf-sample for explanations and examples.

## The 'after-default' comment indicates that these variables obtain their
## default value if the config file left them undefined. It means these values
## are not yet available during processing of the configuration file, but that
## they can derive their value from other configurations variables no matter
## where in the configuration file they appear.


## GENERAL

# $myhostname = ... predefined default from uname(3), must be a FQDN
# $mydomain   = ... no useful default, should be set if used in expressions
# $snmp_contact  = '';
# $snmp_location = '';
# $daemon_user   = undef;
# $daemon_group  = undef;
# $MYHOME        = '/var/amavis';
# $TEMPBASE      = $MYHOME;                # after-default
# $db_home       = "$MYHOME/db";           # after-default
# $pid_file      = "$MYHOME/amavisd.pid";  # after-default
# $lock_file     = "$MYHOME/amavisd.lock"; # after-default
# $daemon_chroot_dir = undef;
# $max_requests = 20;    # retire a child after that many accepts
# $max_servers = 2;      # number of pre-forked children
# $min_servers       = undef;  # see Net::Server::Prefork for semantics
# $min_spare_servers = undef;
# $max_spare_servers = undef;
# $child_timeout = 8*60;
# $localpart_is_case_sensitive = 0;
# $enable_db = 0;
# $enable_global_cache = 0;
# $nanny_details_level = 1;  # verbosity: 0, 1, 2
# @additional_perl_modules = ();
# @local_domains_maps=(\%local_domains,\@local_domains_acl,\$local_domains_re);
# @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
#                   10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
# @mynetworks_maps = (\@mynetworks);
# @client_ipaddr_policy = map { $_ => 'MYNETS' } @mynetworks_maps;

## LOGGING AND DEBUGGING

# $log_level = 0;
# $LOGFILE   = undef;
# $DO_SYSLOG = undef;  # same as 0
# $syslog_ident = 'amavis';
# $syslog_facility = 'mail';    # after-default, derived from $SYSLOG_LEVEL
# $syslog_priority = 'debug';   # after-default, derived from $SYSLOG_LEVEL
# $SYSLOG_LEVEL = 'mail.debug'; # obsolete variable
# $logline_maxlen = 980;

# $log_templ =       ... built-in default at the end of file amavisd
# $log_recip_templ = ... built-in default at the end of file amavisd
# @debug_sender_maps = (\@debug_sender_acl);  @debug_sender_acl = ();
# $sa_debug = undef;


## MTA INTERFACE - INPUT

# $unix_socketname  = undef; # Unix socket to accept amavis helper protocol
# $inet_socket_port = undef; # accept connections on this TCP port(s) (SMTP...)
# $inet_socket_bind = '127.0.0.1';
# @inet_acl   = qw( 127.0.0.1 [::1] );
# $listen_queue_size = undef;

# $protocol = ... defaults to 'SMTP' or 'LMTP' (autodetect) on inet socket
#             and to 'AM.CL' (old amavis helper protocol) on Unix socket;
#             Possible values: 'ESMTP' or 'SMTP' or 'LMTP', 'AM.CL', 'AM.PDP',
#             and with appropriate patches applied also: 'COURIER' or 'QMQPqq'

# $smtpd_timeout = 8*60;
# $smtpd_recipient_limit = 1100;
# $smtpd_message_size_limit = undef;  # site-wide limit
# @message_size_limit_maps = ();      # per-recipient limits
# $smtpd_greeting_banner = '${helo-name} ${protocol} ${product} service ready';
# $smtpd_quit_banner = '${helo-name} ${product} closing transmission channel';
# $auth_required_inp = undef;
# $auth_required_release = 1;
# @auth_mech_avail=(); # empty list disables incoming AUTH; or: qw(PLAIN LOGIN)
# $tls_security_level_in = undef;  # undef, 'may', 'encrypt', ...
# $smtpd_tls_cert_file = undef;
# $smtpd_tls_key_file = undef;
# $smtp_connection_cache_on_demand = 1;
# $smtp_connection_cache_enable = 1;
# $enforce_smtpd_message_size_limit_64kb_min = 1;

# $enable_dkim_verification = undef;
# $reputation_factor = 0.2;
# @signer_reputation_maps = ();

## MTA INTERFACE - OUTPUT

## see also $notify_method, $forward_method and $*_quarantine_method

# $localhost_name = 'localhost'; # my EHLO name, and inserted in Received
# $local_client_bind_address = undef;  # my source IP address as a SMTP client
# $auth_required_out = undef;
# $amavis_auth_user  = undef;    # for submitting notifications and quarantine
# $amavis_auth_pass  = undef;
# $auth_reauthenticate_forwarded = undef; # our credentials for forwarding too
# $tls_security_level_out = undef;  # undef, 'may', 'encrypt', ...
# @smtpd_discard_ehlo_keywords = ();

## MAIL FORWARDING AND DKIM SIGNING

# $forward_method = 'smtp:[127.0.0.1]:10025';
# $resend_method = undef;  # falls back to $forward_method
# $always_bcc = undef;

# $final_virus_destiny  = D_DISCARD;  # subj to @viruses_that_fake_sender_maps
# $final_banned_destiny = D_BOUNCE;
# $final_spam_destiny   = D_BOUNCE;   # subject to $sa_dsn_cutoff_level
# $final_bad_header_destiny = D_PASS;

# $enable_dkim_signing = undef;
# %dkim_signing_keys = ();

## QUARANTINE

# $release_method = undef;  # falls back to $notify_method
# $requeue_method = 'smtp:[127.0.0.1]:25';
# $release_format = 'resend';  # (dsn), (arf), attach,  plain,  resend
# $report_format  = 'arf';     # (dsn),  arf,  attach,  plain,  resend

# $virus_quarantine_method        = 'local:virus-%m';
# $spam_quarantine_method         = 'local:spam-%m.gz';
# $banned_files_quarantine_method = 'local:banned-%m';
# $bad_header_quarantine_method   = 'local:badh-%m';
# $clean_quarantine_method   = undef;
# $archive_quarantine_method = undef;

# $QUARANTINEDIR = undef;
# $quarantine_subdir_levels = undef;  # 0 or 1  (undef treated as 0)
# $sql_quarantine_chunksize_max;  # see SQL section

# $virus_quarantine_to     = 'virus-quarantine';  # via %local_delivery_aliases
# $banned_quarantine_to    = 'banned-quarantine';
# $bad_header_quarantine_to= 'bad-header-quarantine';
# $spam_quarantine_to      = 'spam-quarantine';
# $spam_quarantine_bysender_to = undef;
# $clean_quarantine_to     = 'clean-quarantine';
# $archive_quarantine_to   = 'archive-quarantine';

# @virus_quarantine_to_maps      = (\$virus_quarantine_to);
# @banned_quarantine_to_maps     = (\$banned_quarantine_to);
# @bad_header_quarantine_to_maps = (\$bad_header_quarantine_to);
# @spam_quarantine_to_maps       = (\$spam_quarantine_to);
# @spam_quarantine_bysender_to_maps = (\$spam_quarantine_bysender_to);
# @clean_quarantine_to_maps      = (\$clean_quarantine_to);
# @archive_quarantine_to_maps    = (\$archive_quarantine_to);

# %local_delivery_aliases  ... predefined, used by a delivery method 'local:'
# $mailfrom_to_quarantine = undef;  # undef keeps original sender


## NOTIFICATIONS (DSN, admin, recip)

# $notify_method  = 'smtp:[127.0.0.1]:10025';

# $propagate_dsn_if_possible = 1;
# $terminate_dsn_on_notify_success = 0;

# $newvirus_admin = undef;
# $virus_admin = undef;
# $spam_admin = undef;
# $banned_admin = undef;
# $bad_header_admin = undef;

# $dsn_bcc = undef;

# @newvirus_admin_maps  = (\$newvirus_admin);
# @virus_admin_maps     = (\%virus_admin, \$virus_admin);
# @banned_admin_maps    = (\$banned_admin, \%virus_admin, \$virus_admin);
# @spam_admin_maps      = (\%spam_admin,  \$spam_admin);
# @bad_header_admin_maps= (\$bad_header_admin);

# $hdr_encoding = 'iso-8859-1';  # header field bodies charset
# $bdy_encoding = 'iso-8859-1';  # notification body text charset
# $hdr_encoding_qb = 'Q';        # quoted-printable (Q or B)

# $notify_sender_templ       = ... built-in default at the end of file amavisd
# $notify_virus_sender_templ = ... built-in default at the end of file amavisd
# $notify_spam_sender_templ  = ... built-in default at the end of file amavisd
# $notify_virus_admin_templ  = ... built-in default at the end of file amavisd
# $notify_spam_admin_templ   = ... built-in default at the end of file amavisd
# $notify_virus_recips_templ = ... built-in default at the end of file amavisd
# $notify_spam_recips_templ  = ... built-in default at the end of file amavisd
# $notify_release_templ      = ... built-in default at the end of file amavisd
# $notify_report_templ       = ... built-in default at the end of file amavisd

# $mailfrom_notify_admin = undef;
# $mailfrom_notify_recip = undef;
# $mailfrom_notify_spamadmin = undef;

## these are after-defaults:
# $hdrfrom_notify_sender = "\"Content-filter at $myhostname\" <postmaster\@$myhostname>";
# $hdrfrom_notify_recip     = ... derived from $mailfrom_notify_recip
# $hdrfrom_notify_admin     = ... derived from $mailfrom_notify_admin
# $hdrfrom_notify_spamadmin = ... derived from $mailfrom_notify_spamadmin
# $hdrfrom_notify_release   = $hdrfrom_notify_sender;
# $hdrfrom_notify_report    = $hdrfrom_notify_sender;

# $warnvirussender  = undef;
# $warnbannedsender = undef;
# $warnspamsender   = undef;
# $warnbadhsender   = undef;

# $warn_offsite     = undef;

# $warnvirusrecip   = undef;
# $warnbannedrecip  = undef;
# $warnbadhrecip    = undef;
# @warnvirusrecip_maps  = (\$warnvirusrecip);
# @warnbannedrecip_maps = (\$warnbannedrecip);
# @warnbadhrecip_maps   = (\$warnbadhrecip);


## MODIFICATIONS TO PASSED MAIL

# %allowed_added_header_fields = ...;  # built-in default
# $insert_received_line = 1;  # insert 'Received:' header
# $remove_existing_x_scanned_headers = 0;
# $remove_existing_spam_headers = 1;
# @remove_existing_spam_headers_maps = (\$remove_existing_spam_headers);
# $allow_fixing_improper_header = 1;   # all-white folding lines and long lines
# $allow_fixing_improper_header_folding = 1;
# $allow_fixing_long_header_lines = 1;
# $append_header_fields_to_bottom = 0;
# $prepend_header_fields_hdridx = 0;

# $X_HEADER_TAG  = 'X-Virus-Scanned';               # after-default
# $X_HEADER_LINE = "$myproduct_name at $mydomain";  # after-default

# $defang_virus  = undef;
# $defang_banned = undef;
# $defang_spam   = undef;
# $defang_bad_header = undef;
# $defang_undecipherable = undef;
# $defang_all    = undef;  # mostly for testing

# $allow_disclaimers = undef;
# $enable_anomy_sanitizer = 0;
# @anomy_sanitizer_args = ();   # a config file or list of var=value pairs
# $altermime = 'altermime';     # a path to the program
# @altermime_args_defang     = qw(--verbose --removeall);
# @altermime_args_disclaimer = qw(--disclaimer=/etc/altermime-disclaimer.txt);
# @disclaimer_options_bysender_maps = ();

# $undecipherable_subject_tag = '***UNCHECKED*** ';
# $sa_spam_subject_tag = undef;
# $sa_spam_modifies_subj = 1;
# $sa_spam_level_char = '*';
# $sa_spam_report_header = undef;

# @spam_modifies_subj_maps= (\$sa_spam_modifies_subj);
# @spam_subject_tag_maps  = (\$sa_spam_subject_tag1); # N.B.: inconsistent name
# @spam_subject_tag2_maps = (\$sa_spam_subject_tag);  # N.B.: inconsistent name
# @spam_subject_tag3_maps = ();


## ADDING ADDRESS EXTENSIONS TO RECIPIENTS - 'plus addressing'

# $recipient_delimiter = undef;
# $replace_existing_extension = 1;
# $addr_extension_virus  = undef;
# $addr_extension_banned = undef;
# $addr_extension_spam   = undef;
# $addr_extension_bad_header = undef;
# @addr_extension_virus_maps      = (\$addr_extension_virus);
# @addr_extension_banned_maps     = (\$addr_extension_banned);
# @addr_extension_spam_maps       = (\$addr_extension_spam);
# @addr_extension_bad_header_maps = (\$addr_extension_bad_header);


## MAIL DECODING

# $bypass_decode_parts = undef;

# $keep_decoded_original_re = undef;
# @keep_decoded_original_maps = (\$keep_decoded_original_re);

# $map_full_type_to_short_type_re = ... predefined regexp lookup table
# @map_full_type_to_short_type_maps = (\$map_full_type_to_short_type_re);

# $MAXLEVELS = undef;
# $MAXFILES  = undef;
# $MIN_EXPANSION_QUOTA = undef;
# $MAX_EXPANSION_QUOTA = undef;
# $MIN_EXPANSION_FACTOR =   5;  # times original mail size
# $MAX_EXPANSION_FACTOR = 500;  # times original mail size

# $path = undef;
# $file = 'file';

# For backwards compatibility the @decoders list defaults to use of legacy
# variables $gzip, $bzip2, $lzop, ...  It is cleaner to explicitly assign
# a list to @decoders in amavisd.conf and directly specify program paths,
# without indirections through legacy variables $gzip, etc.
#
# $gzip = $bzip2 = $lzop = $rpm2cpio = undef;
# $uncompress = $unfreeze = $arc = $unarj = $unrar = undef;
# $zoo = $lha = $pax = $cpio = $cabextract = undef;
#
# @decoders = (
#   ['mail', \&do_mime_decode],
### ['asc',  \&do_ascii],
### ['uue',  \&do_ascii],
### ['hqx',  \&do_ascii],
### ['ync',  \&do_ascii],
#   ['F',    \&do_uncompress, \$unfreeze],
#   ['Z',    \&do_uncompress, \$uncompress],
#   ['gz',   \&do_gunzip],
#   ['gz',   \&do_uncompress, \$gunzip],
#   ['bz2',  \&do_uncompress, \$bunzip2],
#   ['lzo',  \&do_uncompress, \$unlzop],
#   ['rpm',  \&do_uncompress, \$rpm2cpio],
#   ['cpio', \&do_pax_cpio,   \$pax],
#   ['cpio', \&do_pax_cpio,   \$cpio],
#   ['tar',  \&do_pax_cpio,   \$pax],
#   ['tar',  \&do_pax_cpio,   \$cpio],
#   ['deb',  \&do_ar,         \$ar],
### ['a',    \&do_ar,         \$ar],  # unpacking .a seems an overkill
#   ['zip',  \&do_unzip],
#   ['7z',   \&do_7zip,       ['7zr','7za','7z'] ],
#   ['rar',  \&do_unrar,      \$unrar],
#   ['arj',  \&do_unarj,      \$unarj],
#   ['arc',  \&do_arc,        \$arc],
#   ['zoo',  \&do_zoo,        \$zoo],
#   ['lha',  \&do_lha,        \$lha],
#   ['doc',  \&do_ole,        \$ripole],
#   ['cab',  \&do_cabextract, \$cabextract],
#   ['tnef', \&do_tnef_ext,   \$tnef],
#   ['tnef', \&do_tnef],
### ['sit',  \&do_unstuff,    \$unstuff],  # broken/unsafe decoder
#   ['exe',  \&do_executable, \$unrar,\$lha,\$unarj],
# );


## ANTI-VIRUS AND INVALID/FORBIDDEN CONTENTS CONTROLS

# @av_scanners = ();
# @av_scanners_backup = ();
# $first_infected_stops_scan = undef;

# $viruses_that_fake_sender_re = undef;
# @viruses_that_fake_sender_maps = (\$viruses_that_fake_sender_re, 1);
# @virus_name_to_spam_score_maps =
#   (new_RE(  # the order matters!
#     [ qr'^Phishing\.'                                             => 0.1 ],
#     [ qr'^Structured\.(SSN|CreditCardNumber)\b'                   => 0.1 ],
#     [ qr'^(Email|HTML)\.Phishing\.(?!.*Sanesecurity)'             => 0.1 ],
#     [ qr'^Sanesecurity\.(Malware|Rogue|Trojan)\.' => undef ],# keep infected
#     [ qr'^Sanesecurity\.'                                         => 0.1 ],
#     [ qr'^Sanesecurity_PhishBar_'                                 => 0   ],
#     [ qr'^Sanesecurity.TestSig_'                                  => 0   ],
#     [ qr'^Email\.Spam\.Bounce(\.[^., ]*)*\.Sanesecurity\.'        => 0   ],
#     [ qr'^Email\.Spammail\b'                                      => 0.1 ],
#     [ qr'^MSRBL-(Images|SPAM)\b'                                  => 0.1 ],
#     [ qr'^VX\.Honeypot-SecuriteInfo\.com\.Joke'                   => 0.1 ],
#     [ qr'^VX\.not-virus_(Hoax|Joke)\..*-SecuriteInfo\.com(\.|\z)' => 0.1 ],
#     [ qr'^Email\.Spam.*-SecuriteInfo\.com(\.|\z)'                 => 0.1 ],
#     [ qr'^Safebrowsing\.'                                         => 0.1 ],
#     [ qr'^winnow\.(phish|spam)\.'                                 => 0.1 ],
#     [ qr'^INetMsg\.SpamDomain'                                    => 0.1 ],
#     [ qr'-SecuriteInfo\.com(\.|\z)'         => undef ],  # keep as infected
#     [ qr'^MBL_NA\.UNOFFICIAL'               => 0.1 ],    # false positives
#     [ qr'^MBL_'                             => undef ],  # keep as infected
#   ));

# $banned_namepath_re = undef;  # new-style
# $banned_filename_re = undef;  # traditional
# @banned_filename_maps = (\$banned_filename_re);  # traditional

# $virus_check_negative_ttl=  3*60;  # time to cache contents when not infected
# $virus_check_positive_ttl= 30*60;  # time to cache contents when infected

# @bypass_virus_checks_maps = (\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
# @bypass_banned_checks_maps = (\%bypass_banned_checks, \@bypass_banned_checks_acl, \$bypass_banned_checks_re);
# @bypass_header_checks_maps = (\%bypass_header_checks, \@bypass_header_checks_acl, \$bypass_header_checks_re);

# @virus_lovers_maps = (\%virus_lovers, \@virus_lovers_acl, \$virus_lovers_re);
# @banned_files_lovers_maps = (\%banned_files_lovers, \@banned_files_lovers_acl, \$banned_files_lovers_re);
# @bad_header_lovers_maps = (\%bad_header_lovers, \@bad_header_lovers_acl, \$bad_header_lovers_re);

# $allowed_header_tests{$_} = 1  for qw(other mime 8bit control empty long
#                                       syntax missing multiple);


## ANTI-SPAM CONTROLS

# @spam_scanners = (['SpamAssassin', 'Amavis::SpamControl::SpamAssassin']);
# $sa_configpath = undef;
# $sa_siteconfigpath = undef;
# $helpers_home = $MYHOME;  # after-default

# $sa_mail_body_size_limit = undef;
# $sa_local_tests_only = 0;
# $sa_spawned = 0;
# $dspam = undef;

# $sa_timeout = 30;
# $spam_check_negative_ttl = 10*60;  # time to cache contents as not spam
# $spam_check_positive_ttl = 30*60;  # time to cache contents as spam

# @bypass_spam_checks_maps = (\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
# @spam_lovers_maps = (\%spam_lovers, \@spam_lovers_acl, \$spam_lovers_re);

# $sa_tag_level_deflt  = undef;
# $sa_tag2_level_deflt = undef;
# $sa_tag3_level_deflt = undef;
# $sa_kill_level_deflt = undef;
# $sa_dsn_cutoff_level = undef;
# $sa_crediblefrom_dsn_cutoff_level = undef;
# $sa_quarantine_cutoff_level = undef;

# @spam_tag_level_maps  = (\$sa_tag_level_deflt);
# @spam_tag2_level_maps = (\$sa_tag2_level_deflt);
# @spam_tag3_level_maps = (\$sa_tag3_level_deflt);
# @spam_kill_level_maps = (\$sa_kill_level_deflt);
# @spam_quarantine_cutoff_level_maps = (\$sa_quarantine_cutoff_level);
# @spam_notifyadmin_cutoff_level_maps = ();
# @spam_dsn_cutoff_level_maps          = (\$sa_dsn_cutoff_level);
# @spam_dsn_cutoff_level_bysender_maps = (\$sa_dsn_cutoff_level);
# @spam_crediblefrom_dsn_cutoff_level_maps =
#   (\$sa_crediblefrom_dsn_cutoff_level);
# @spam_crediblefrom_dsn_cutoff_level_bysender_maps =
#   (\$sa_crediblefrom_dsn_cutoff_level);

$bounce_killer_score = 0;
$penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn database)
$reputation_factor = 0.33;

# @score_sender_maps = ();
# @signer_reputation_maps = ();

# @blacklist_sender_maps = (\%blacklist_sender, \@blacklist_sender_acl, \$blacklist_sender_re);
# @whitelist_sender_maps = (\%whitelist_sender, \@whitelist_sender_acl, \$whitelist_sender_re);

# $per_recip_blacklist_sender_lookup_tables = undef;
# $per_recip_whitelist_sender_lookup_tables = undef;  # deprecated

# $os_fingerprint_method = undef;
# $os_fingerprint_dst_ip_and_port = undef;


## SQL & LDAP

# $trim_trailing_space_in_lookup_result_fields = 0;

# @lookup_sql_dsn  = ();  # SQL data source name for lookups, or empty
# @storage_sql_dsn = ();  # SQL data source name for log/quarantine, or empty
# $timestamp_fmt_mysql = undef;
# $sql_partition_tag = undef;
# $sql_allow_8bit_address = 0;  # VARCHAR (0), VARBINARY/BYTEA (1)
# $sql_lookups_no_at_means_domain = 0;
# $sql_quarantine_chunksize_max = 16384;

# $sql_select_policy =
#   'SELECT *,users.id'.
#   ' FROM users LEFT JOIN policy ON users.policy_id=policy.id'.
#   ' WHERE users.email IN (%k) ORDER BY users.priority DESC';

# $sql_select_white_black_list =
#   'SELECT wb'.
#   ' FROM wblist JOIN mailaddr ON wblist.sid=mailaddr.id'.
#   ' WHERE wblist.rid=? AND mailaddr.email IN (%k)'.
#   ' ORDER BY mailaddr.priority DESC';

# %sql_clause = (
#   'sel_policy' => \$sql_select_policy,
#   'sel_wblist' => \$sql_select_white_black_list,
#   'sel_adr' =>
#     'SELECT id FROM maddr WHERE partition_tag=? AND email=?',
#   'ins_adr' =>
#     'INSERT INTO maddr (partition_tag, email, domain) VALUES (?,?,?)',
#   'ins_msg' =>
#     'INSERT INTO msgs (partition_tag, mail_id, secret_id, am_id,'.
#     ' time_num, time_iso, sid, policy, client_addr, size, host)'.
#     ' VALUES (?,?,?,?,?,?,?,?,?,?,?)',
#   'upd_msg' =>
#     'UPDATE msgs SET content=?, quar_type=?, quar_loc=?, dsn_sent=?,'.
#     ' spam_level=?, message_id=?, from_addr=?, subject=?, client_addr=?'.
#     ' WHERE partition_tag=? AND mail_id=?',
#   'ins_rcp' =>
#     'INSERT INTO msgrcpt (partition_tag, mail_id, rid,'.
#     ' ds, rs, bl, wl, bspam_level, smtp_resp) VALUES (?,?,?,?,?,?,?,?,?)',
#   'ins_quar' =>
#     'INSERT INTO quarantine (partition_tag, mail_id, chunk_ind, mail_text)'.
#     ' VALUES (?,?,?,?)',
#   'sel_msg' =>  # obtains partition_tag if missing in a release request
#     'SELECT partition_tag FROM msgs WHERE mail_id=?',
#   'sel_quar' =>
#     'SELECT mail_text FROM quarantine'.
#     ' WHERE coalesce(partition_tag,0)=coalesce(?,0) AND mail_id=?'.
#     ' ORDER BY chunk_ind',
#   'sel_penpals' =>  # no message-id references list
#     "SELECT msgs.time_num, msgs.mail_id, subject".
#     " FROM msgs JOIN msgrcpt USING (partition_tag,mail_id)".
#     " WHERE sid=? AND rid=? AND msgs.content!='V' AND ds='P'".
#     " ORDER BY msgs.time_num DESC",  # LIMIT 1
#   'sel_penpals_msgid' =>  # with a nonempty message-id references list
#     "SELECT msgs.time_num, msgs.mail_id, subject, message_id, rid".
#     " FROM msgs JOIN msgrcpt USING (partition_tag,mail_id)".
#     " WHERE sid=? AND msgs.content!='V' AND ds='P' AND message_id IN (%m)".
#       " AND rid!=sid".
#     " ORDER BY rid=? DESC, msgs.time_num DESC",  # LIMIT 1
# );

## LDAP, Please see file README.lookups for more info.

# $enable_ldap = 0;
# $ldap_lookups_no_at_means_domain = 0;
#
# $default_ldap = {
#   hostname       => 'localhost',
#   port           => 389,
#   version        => 3,
#   timeout        => 120,
#   tls            => 0,
#   base           => undef,
#   scope          => 'sub',
#   query_filter   => '(&(objectClass=amavisAccount)(mail=%m))',
#   bind_dn        => undef,
#   bind_password  => undef,
# };


## hierarchy by which a final setting is chosen:
##   policy bank (based on port or IP address) -> *_by_ccat
##   *_by_ccat (based on mail contents) -> *_maps
##   *_maps (based on recipient address) -> final configuration value

## MAPPING A CONTENTS CATEGORY TO A SETTING CHOSEN

# %final_destiny_by_ccat = (
#   CC_VIRUS,       sub { c('final_virus_destiny') },
#   CC_BANNED,      sub { c('final_banned_destiny') },
#   CC_SPAM,        sub { c('final_spam_destiny') },
#   CC_BADH,        sub { c('final_bad_header_destiny') },
#   CC_OVERSIZED,   D_BOUNCE,
#   CC_CATCHALL,    D_PASS,
# );
# %smtp_reason_by_ccat = (
#   CC_VIRUS,       "id=%n - INFECTED: %V",
#   CC_BANNED,      "id=%n - BANNED: %F",
#   CC_UNCHECKED,   "id=%n - UNCHECKED",
#   CC_SPAM,        "id=%n - SPAM",
#   CC_SPAMMY.',1', "id=%n - SPAMMY (tag3)",
#   CC_SPAMMY,      "id=%n - SPAMMY",
#   CC_BADH.',1',   "id=%n - BAD HEADER: MIME error",
#   CC_BADH.',2',   "id=%n - BAD HEADER: nonencoded 8-bit character",
#   CC_BADH.',3',   "id=%n - BAD HEADER: contains invalid control character",
#   CC_BADH.',4',   "id=%n - BAD HEADER: line made up entirely of whitespace",
#   CC_BADH.',5',   "id=%n - BAD HEADER: line longer than RFC 2822 limit",
#   CC_BADH.',6',   "id=%n - BAD HEADER: syntax error",
#   CC_BADH.',7',   "id=%n - BAD HEADER: missing required header field",
#   CC_BADH.',8',   "id=%n - BAD HEADER: duplicate header field",
#   CC_BADH,        "id=%n - BAD HEADER",
#   CC_OVERSIZED,   "id=%n - Message size exceeds recipient's size limit",
#   CC_MTA.',1',    "id=%n - Temporary MTA failure on relaying",
#   CC_MTA.',2',    "id=%n - Rejected by MTA on relaying",
#   CC_MTA,         "id=%n - Unable to relay message back to MTA",
#   CC_CLEAN,       "id=%n - CLEAN",
#   CC_CATCHALL,    "id=%n - OTHER",  # should not happen
# );
# %lovers_maps_by_ccat = (
#   CC_VIRUS,       sub { ca('virus_lovers_maps') },
#   CC_BANNED,      sub { ca('banned_files_lovers_maps') },
#   CC_SPAM,        sub { ca('spam_lovers_maps') },
#   CC_BADH,        sub { ca('bad_header_lovers_maps') },
# );
# %defang_maps_by_ccat = (
#   CC_VIRUS,       sub { c('defang_virus') },
#   CC_BANNED,      sub { c('defang_banned') },
#   CC_UNCHECKED,   sub { c('defang_undecipherable') },
#   CC_SPAM,        sub { c('defang_spam') },
#   CC_SPAMMY,      sub { c('defang_spam') },
# # CC_BADH.',3',   1,  # NUL or CR character in header section
# # CC_BADH.',5',   1,  # header line longer than 998 characters
# # CC_BADH.',6',   1,  # header field syntax error
#   CC_BADH,        sub { c('defang_bad_header') },
# );
# %subject_tag_maps_by_ccat = (
#   CC_VIRUS,       [ '***INFECTED*** ' ],
#   CC_BANNED,      undef,
#   CC_UNCHECKED,   sub { [ c('undecipherable_subject_tag') ] }, # not by-recip
#   CC_SPAM,        undef,
#   CC_SPAMMY.',1', sub { ca('spam_subject_tag3_maps') },
#   CC_SPAMMY,      sub { ca('spam_subject_tag2_maps') },
#   CC_CLEAN.',1',  sub { ca('spam_subject_tag_maps') },
# );
# %quarantine_method_by_ccat = (
#   CC_VIRUS,       sub { c('virus_quarantine_method') },
#   CC_BANNED,      sub { c('banned_files_quarantine_method') },
#   CC_SPAM,        sub { c('spam_quarantine_method') },
#   CC_SPAMMY,      sub { c('clean_quarantine_method') }, #formally a clean msg
#   CC_BADH,        sub { c('bad_header_quarantine_method') },
#   CC_CLEAN,       sub { c('clean_quarantine_method') },
# );
# %quarantine_to_maps_by_ccat = (
#   CC_VIRUS,       sub { ca('virus_quarantine_to_maps') },
#   CC_BANNED,      sub { ca('banned_quarantine_to_maps') },
#   CC_SPAM,        sub { ca('spam_quarantine_to_maps') },
#   CC_SPAMMY,      sub { ca('clean_quarantine_to_maps') }, # formally is clean
#   CC_BADH,        sub { ca('bad_header_quarantine_to_maps') },
#   CC_CLEAN,       sub { ca('clean_quarantine_to_maps') },
# );
# %admin_maps_by_ccat = (
#   CC_VIRUS,       sub { ca('virus_admin_maps') },
#   CC_BANNED,      sub { ca('banned_admin_maps') },
#   CC_SPAM,        sub { ca('spam_admin_maps') },
#   CC_BADH,        sub { ca('bad_header_admin_maps') },
# );
# %always_bcc_by_ccat = (
#   CC_CATCHALL,    sub { c('always_bcc') },
# );
# %dsn_bcc_by_ccat = (
#   CC_CATCHALL,    sub { c('dsn_bcc') },
# );
# %mailfrom_notify_admin_by_ccat = (
#   CC_SPAM,        sub { c('mailfrom_notify_spamadmin') },
#   CC_CATCHALL,    sub { c('mailfrom_notify_admin') },
# );
# %hdrfrom_notify_admin_by_ccat = (
#   CC_SPAM,        sub { c('hdrfrom_notify_spamadmin') },
#   CC_CATCHALL,    sub { c('hdrfrom_notify_admin') },
# );
# %mailfrom_notify_recip_by_ccat = (
#   CC_CATCHALL,    sub { c('mailfrom_notify_recip') },
# );
# %hdrfrom_notify_recip_by_ccat = (
#   CC_CATCHALL,    sub { c('hdrfrom_notify_recip') },
# );
# %hdrfrom_notify_sender_by_ccat = (
#   CC_CATCHALL,    sub { c('hdrfrom_notify_sender') },
# );
# %hdrfrom_notify_release_by_ccat = (
#   CC_CATCHALL,    sub { c('hdrfrom_notify_release') },
# );
# %hdrfrom_notify_report_by_ccat = (
#   CC_CATCHALL,    sub { c('hdrfrom_notify_report') },
# );
# %notify_admin_templ_by_ccat = (
#   CC_SPAM,        sub { cr('notify_spam_admin_templ') },
#   CC_CATCHALL,    sub { cr('notify_virus_admin_templ') },
# );
# %notify_recips_templ_by_ccat = (
#   CC_SPAM,        sub { cr('notify_spam_recips_templ') },  #usualy empty
#   CC_CATCHALL,    sub { cr('notify_virus_recips_templ') },
# );
# %notify_sender_templ_by_ccat = (  # bounce templates
#   CC_VIRUS,       sub { cr('notify_virus_sender_templ') },
#   CC_BANNED,      sub { cr('notify_virus_sender_templ') }, #historical reason
#   CC_SPAM,        sub { cr('notify_spam_sender_templ') },
#   CC_CATCHALL,    sub { cr('notify_sender_templ') },
# );
# %notify_release_templ_by_ccat = (
#   CC_CATCHALL,    sub { cr('notify_release_templ') },
# );
# %notify_report_templ_by_ccat = (
#   CC_CATCHALL,    sub { cr('notify_report_templ') },
# );
# %notify_autoresp_templ_by_ccat = (
#   CC_CATCHALL,    sub { cr('notify_autoresp_templ') },
# );
# %warnsender_by_ccat = (  # deprecated use, except perhaps for CC_BADH
#   CC_VIRUS,       sub { c('warnvirussender') },
#   CC_BANNED,      sub { c('warnbannedsender') },
#   CC_SPAM,        sub { c('warnspamsender') },
#   CC_BADH,        sub { c('warnbadhsender') },
# );
# %warnrecip_maps_by_ccat = (
#   CC_VIRUS,       sub { ca('warnvirusrecip_maps') },
#   CC_BANNED,      sub { ca('warnbannedrecip_maps') },
#   CC_SPAM,        undef,
#   CC_BADH,        sub { ca('warnbadhrecip_maps') },
# );
# %addr_extension_maps_by_ccat = (
#   CC_VIRUS,       sub { ca('addr_extension_virus_maps') },
#   CC_BANNED,      sub { ca('addr_extension_banned_maps') },
#   CC_SPAM,        sub { ca('addr_extension_spam_maps') },
#   CC_SPAMMY,      sub { ca('addr_extension_spam_maps') },
#   CC_BADH,        sub { ca('addr_extension_bad_header_maps') },
# # CC_OVERSIZED,   'oversized';
# );
# %addr_rewrite_maps_by_ccat = ( );


## POLICY BANKS

# %interface_policy = ();  # maps input interface/port to policy bank name

# $policy_bank{''} = { ...predefined... };
    ## the built-in policy bank (empty name) is predefined, and includes
    ## references to most other variables listed above (the dynamic config
    ## variables), which are accessed only indirectly through the currently
    ## installed policy bank. Overlaying a policy bank with another policy
    ## bank may bring-in references to entirely different variables,
    ## possibly unnamed. Here is a list of configuration variables
    ## referenced from the built-in policy bank by keys of the same name
    ## (e.g. { log_level => \$log_level, inet_acl => \@inet_acl, ...} )
    ##
    ##   $policy_bank_name $protocol @inet_acl
    ##   $myhostname $snmp_contact $snmp_location
    ##   $syslog_ident $syslog_facility $syslog_priority
    ##   $log_level $log_templ $log_recip_templ
    ##   $forward_method $notify_method $resend_method
    ##   $release_method $requeue_method $release_format $report_format
    ##   $os_fingerprint_method $os_fingerprint_dst_ip_and_port
    ##   $originating @smtpd_discard_ehlo_keywords
    ##   $propagate_dsn_if_possible $terminate_dsn_on_notify_success
    ##   $amavis_auth_user $amavis_auth_pass $auth_reauthenticate_forwarded
    ##   $auth_required_out $auth_required_inp $auth_required_release
    ##   @auth_mech_avail $tls_security_level_in $tls_security_level_out
    ##   $local_client_bind_address $smtpd_message_size_limit
    ##   $localhost_name $smtpd_greeting_banner $smtpd_quit_banner
    ##   $mailfrom_to_quarantine $warn_offsite $bypass_decode_parts @decoders
    ##   @av_scanners @av_scanners_backup @spam_scanners
    ##   $first_infected_stops_scan
    ##   $sa_spam_report_header $sa_spam_level_char $sa_mail_body_size_limit
    ##   $penpals_bonus_score $penpals_halflife $bounce_killer_score
    ##   $reputation_factor
    ##   $undecipherable_subject_tag $localpart_is_case_sensitive
    ##   $recipient_delimiter $replace_existing_extension
    ##   $hdr_encoding $bdy_encoding $hdr_encoding_qb
    ##   $allow_disclaimers $insert_received_line
    ##   $append_header_fields_to_bottom $prepend_header_fields_hdridx
    ##   $allow_fixing_improper_header
    ##   $allow_fixing_improper_header_folding $allow_fixing_long_header_lines
    ##   %allowed_added_header_fields %allowed_header_tests
    ##   $X_HEADER_TAG $X_HEADER_LINE $notify_xmailer_header
    ##   $remove_existing_x_scanned_headers $remove_existing_spam_headers
    ##   %sql_clause $sql_partition_tag
    ##   %local_delivery_aliases $banned_namepath_re
    ##   $per_recip_whitelist_sender_lookup_tables
    ##   $per_recip_blacklist_sender_lookup_tables
    ##   @anomy_sanitizer_args @altermime_args_defang
    ##   @altermime_args_disclaimer @disclaimer_options_bysender_maps
    ##   %signed_header_fields @dkim_signature_options_bysender_maps
    ##
    ##   @local_domains_maps @mynetworks_maps @client_ipaddr_policy
    ##   @newvirus_admin_maps @banned_filename_maps
    ##   @spam_quarantine_bysender_to_maps
    ##   @spam_tag_level_maps @spam_tag2_level_maps @spam_tag3_level_maps
    ##   @spam_kill_level_maps @spam_modifies_subj_maps
    ##   @spam_subject_tag_maps @spam_subject_tag2_maps @spam_subject_tag3_maps
    ##   @spam_dsn_cutoff_level_maps @spam_dsn_cutoff_level_bysender_maps
    ##   @spam_crediblefrom_dsn_cutoff_level_maps
    ##   @spam_crediblefrom_dsn_cutoff_level_bysender_maps
    ##   @spam_quarantine_cutoff_level_maps @spam_notifyadmin_cutoff_level_maps
    ##   @whitelist_sender_maps @blacklist_sender_maps @score_sender_maps
    ##   @author_to_policy_bank_maps @signer_reputation_maps
    ##   @message_size_limit_maps @debug_sender_maps
    ##   @bypass_virus_checks_maps @bypass_spam_checks_maps
    ##   @bypass_banned_checks_maps @bypass_header_checks_maps
    ##   @viruses_that_fake_sender_maps @virus_name_to_spam_score_maps
    ##   @remove_existing_spam_headers_maps
    ##
    ##   %final_destiny_by_ccat %lovers_maps_by_ccat
    ##   %defang_maps_by_ccat %subject_tag_maps_by_ccat
    ##   %quarantine_method_by_ccat   %quarantine_to_maps_by_ccat
    ##   %notify_admin_templ_by_ccat  %notify_recips_templ_by_ccat
    ##   %notify_sender_templ_by_ccat %notify_autoresp_templ_by_ccat
    ##   %notify_release_templ_by_ccat %notify_report_templ_by_ccat
    ##   %warnsender_by_ccat
    ##   %hdrfrom_notify_admin_by_ccat %mailfrom_notify_admin_by_ccat
    ##   %hdrfrom_notify_recip_by_ccat %mailfrom_notify_recip_by_ccat
    ##   %hdrfrom_notify_sender_by_ccat
    ##   %hdrfrom_notify_release_by_ccat %hdrfrom_notify_report_by_ccat
    ##   %admin_maps_by_ccat %warnrecip_maps_by_ccat
    ##   %always_bcc_by_ccat %dsn_bcc_by_ccat
    ##   %addr_extension_maps_by_ccat %addr_rewrite_maps_by_ccat
    ##   %smtp_reason_by_ccat

    # legacy dynamic configuration variables:

    ##   $final_virus_destiny  $final_spam_destiny
    ##   $final_banned_destiny $final_bad_header_destiny
    ##   @virus_lovers_maps @spam_lovers_maps
    ##   @banned_files_lovers_maps @bad_header_lovers_maps
    ##   $always_bcc $dsn_bcc
    ##   $mailfrom_notify_sender $mailfrom_notify_recip
    ##   $mailfrom_notify_admin  $mailfrom_notify_spamadmin
    ##   $hdrfrom_notify_sender  $hdrfrom_notify_recip
    ##   $hdrfrom_notify_admin   $hdrfrom_notify_spamadmin
    ##   $hdrfrom_notify_release $hdrfrom_notify_report
    ##   $notify_virus_admin_templ  $notify_spam_admin_templ
    ##   $notify_virus_recips_templ $notify_spam_recips_templ
    ##   $notify_virus_sender_templ $notify_spam_sender_templ
    ##   $notify_sender_templ $notify_release_templ
    ##   $notify_report_templ $notify_autoresp_templ
    ##   $warnvirussender $warnspamsender $warnbannedsender $warnbadhsender
    ##   $defang_virus $defang_banned $defang_spam
    ##   $defang_bad_header $defang_undecipherable $defang_all
    ##   $virus_quarantine_method $banned_files_quarantine_method
    ##   $spam_quarantine_method $bad_header_quarantine_method
    ##   $clean_quarantine_method $archive_quarantine_method
    ##   @virus_quarantine_to_maps @banned_quarantine_to_maps
    ##   @spam_quarantine_to_maps  @bad_header_quarantine_to_maps
    ##   @clean_quarantine_to_maps @archive_quarantine_to_maps
    ##   @virus_admin_maps @banned_admin_maps
    ##   @spam_admin_maps @bad_header_admin_maps
    ##   @warnvirusrecip_maps @warnbannedrecip_maps @warnbadhrecip_maps
    ##   @addr_extension_virus_maps  @addr_extension_spam_maps
    ##   @addr_extension_banned_maps @addr_extension_bad_header_maps

1;  # insure a defined return value