use strict;

##
## amavisd-new CARNet configuration file
##
## This file contains the config entries that we modify programatically,
## or that we think are better defaults than what Debian provides.
##
## Do not edit this file, put your changes in 50-user instead!
##

# override $mydomain value from 05-domain_id and 20-debian_defaults
# but keep local_domains we got there
#
$mydomain = '_CN_DOMAIN_';
push @local_domains_acl, ( "$mydomain", ".$mydomain" );

# prettify the return path for notifications a bit in case there's a
# separate person handling these, ie. if the user customizes
# virusalert or spamalert aliases.
#
$mailfrom_notify_admin     = "virusalert\@$mydomain";
$mailfrom_notify_recip     = "virusalert\@$mydomain";
$mailfrom_notify_spamadmin = "spamalert\@$mydomain";
undef $virus_admin;
# Add a line like this (but uncommented) in 50-user if you want it.
#$virus_admin               = "postmaster\@$mydomain";

# Keep the default for now
# $X_HEADER_TAG = 'X-Virus-Scanned';	# (default: undef)
# $X_HEADER_LINE = "by $myversion (Debian) at $mydomain";

# postfix configuration, postfix' listener socket
#
$forward_method = 'smtp:127.0.0.1:10025';  # where to forward checked mail
$notify_method  = $forward_method;         # where to submit notifications

# Default antivirus checking mode
#
@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);

# Default SPAM checking mode
#
@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

# postfix setup for notifications, for rationale read the comments about
# LMTP in /usr/share/doc/amavisd-new/README.postfix.gz
#
$final_virus_destiny      = D_DISCARD; # (defaults to D_BOUNCE)
$final_banned_destiny     = D_BOUNCE;  # (defaults to D_BOUNCE)
$final_spam_destiny       = D_BOUNCE;  # (defaults to D_REJECT)
$final_bad_header_destiny = D_PASS;  # (defaults to D_PASS), D_BOUNCE suggested

# read our legacy sender white/blacklists
#
if (-f "$MYHOME/whitelist_sender") {
  read_hash(\%whitelist_sender, "$MYHOME/whitelist_sender");
}
if (-f "$MYHOME/blacklist_sender") {
  read_hash(\%blacklist_sender, "$MYHOME/blacklist_sender");
}

# A small optimization
$first_infected_stops_scan = 1;        # default is false, all scanners are called

# placeholder for AVs we might enable
#
push @av_scanners, (

# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/
# ['Sophos SAVI', \&sophos_savi ],

);

# Always have an AV fallback
#
push @av_scanners_backup, (

# Commented out because the name 'sweep' clashes with Debian and FreeBSD
# package/port of an audio editor. Make sure the correct 'sweep' is found
# in the path when enabling.
#
# ### http://www.sophos.com/   - backs up Sophie or SAVI-Perl
 ['Sophos Anti Virus (sweep)', 'sweep',
   '-nb -f -all -rec -ss -sc -archive -cab -tnef --no-reset-atime {}',
   [0,2], qr/Virus .*? found/,
   qr/^>>> Virus(?: fragment)? '?(.*?)'? found/,
 ],
 # other options to consider: -mime -oe -idedir=/usr/local/sav

# always succeeds (uncomment to consider mail clean if all other scanners fail)
 ['always-clean', sub {0}],

);

1;  # insure a defined return