diff options
author | Micah <micah@leap.se> | 2015-09-22 15:04:33 -0400 |
---|---|---|
committer | Micah <micah@leap.se> | 2015-10-13 10:01:39 -0400 |
commit | d6b521372243b79105a1513d4559572dfab6db54 (patch) | |
tree | c54d7433278c2a5b89ea5e2b47e5332efa79d912 /puppet/modules/clamav/templates | |
parent | b748aeffbdd72d50a7665b9c21c96a9750a840c0 (diff) |
add clamav filtering, with sanesecurity signature updating and provider whitelisting (#3625)
Change-Id: I15985ca00ee95bc62855f098a78e364ebbc32616
Diffstat (limited to 'puppet/modules/clamav/templates')
-rw-r--r-- | puppet/modules/clamav/templates/clamav-milter.conf.erb | 28 | ||||
-rw-r--r-- | puppet/modules/clamav/templates/local.pdb.erb | 1 | ||||
-rw-r--r-- | puppet/modules/clamav/templates/whitelisted_addresses.erb | 5 |
3 files changed, 34 insertions, 0 deletions
diff --git a/puppet/modules/clamav/templates/clamav-milter.conf.erb b/puppet/modules/clamav/templates/clamav-milter.conf.erb new file mode 100644 index 00000000..9bf7099e --- /dev/null +++ b/puppet/modules/clamav/templates/clamav-milter.conf.erb @@ -0,0 +1,28 @@ +# THIS FILE MANAGED BY PUPPET +MilterSocket /var/run/clamav/milter.ctl +FixStaleSocket true +User clamav +MilterSocketGroup clamav +MilterSocketMode 666 +AllowSupplementaryGroups true +ReadTimeout 120 +Foreground false +PidFile /var/run/clamav/clamav-milter.pid +ClamdSocket unix:/var/run/clamav/clamd.ctl +OnClean Accept +OnInfected Reject +OnFail Defer +AddHeader Replace +LogSyslog true +LogFacility LOG_LOCAL6 +LogVerbose yes +LogInfected Basic +LogTime true +LogFileUnlock false +LogClean Off +LogRotate true +SupportMultipleRecipients false +MaxFileSize 10M +TemporaryDirectory /var/tmp +RejectMsg "Message refused due to content violation: %v - contact https://<%= @domain %>/tickets/new if this is in error" +Whitelist /etc/clamav/whitelisted_addresses diff --git a/puppet/modules/clamav/templates/local.pdb.erb b/puppet/modules/clamav/templates/local.pdb.erb new file mode 100644 index 00000000..9ea0584a --- /dev/null +++ b/puppet/modules/clamav/templates/local.pdb.erb @@ -0,0 +1 @@ +H:<%= @domain %> diff --git a/puppet/modules/clamav/templates/whitelisted_addresses.erb b/puppet/modules/clamav/templates/whitelisted_addresses.erb new file mode 100644 index 00000000..9e068ec5 --- /dev/null +++ b/puppet/modules/clamav/templates/whitelisted_addresses.erb @@ -0,0 +1,5 @@ +<%- if @whitelisted_addresses then -%> +<% @whitelisted_addresses.each do |name| -%> +From::<%= name %> +<% end -%> +<% end -%> |