1 files changed, 0 insertions, 293 deletions
diff --git a/recipes-security/clamav/files/clamav-milter.conf.sample b/recipes-security/clamav/files/clamav-milter.conf.sample
deleted file mode 100644
index ed0d519..0000000
--- a/recipes-security/clamav/files/clamav-milter.conf.sample
+++ /dev/null
@@ -1,293 +0,0 @@
-##
-## Example config file for clamav-milter
-##
-
-# Comment or remove the line below.
-Example
-
-
-##
-## Main options
-##
-
-# Define the interface through which we communicate with sendmail
-# This option is mandatory! Possible formats are:
-# [[unix|local]:]/path/to/file - to specify a unix domain socket
-# inet:port@[hostname|ip-address] - to specify an ipv4 socket
-# inet6:port@[hostname|ip-address] - to specify an ipv6 socket
-#
-# Default: no default
-#MilterSocket /tmp/clamav-milter.socket
-#MilterSocket inet:7357
-
-# Define the group ownership for the (unix) milter socket.
-# Default: disabled (the primary group of the user running clamd)
-#MilterSocketGroup virusgroup
-
-# Sets the permissions on the (unix) milter socket to the specified mode.
-# Default: disabled (obey umask)
-#MilterSocketMode 660
-
-# Remove stale socket after unclean shutdown.
-#
-# Default: yes
-#FixStaleSocket yes
-
-# Run as another user (clamav-milter must be started by root for this option to work)
-#
-# Default: unset (don't drop privileges)
-#User clamav
-
-# Initialize supplementary group access (clamav-milter must be started by root).
-#
-# Default: no
-#AllowSupplementaryGroups no
-
-# Waiting for data from clamd will timeout after this time (seconds).
-# Value of 0 disables the timeout.
-#
-# Default: 120
-#ReadTimeout 300
-
-# Don't fork into background.
-#
-# Default: no
-#Foreground yes
-
-# Chroot to the specified directory.
-# Chrooting is performed just after reading the config file and before dropping privileges.
-#
-# Default: unset (don't chroot)
-#Chroot /newroot
-
-# This option allows you to save a process identifier of the listening
-# daemon (main thread).
-#
-# Default: disabled
-#PidFile /var/run/clamav/clamav-milter.pid
-
-# Optional path to the global temporary directory.
-# Default: system specific (usually /tmp or /var/tmp).
-#
-#TemporaryDirectory /var/tmp
-
-##
-## Clamd options
-##
-
-# Define the clamd socket to connect to for scanning.
-# This option is mandatory! Syntax:
-# ClamdSocket unix:path
-# ClamdSocket tcp:host:port
-# The first syntax specifies a local unix socket (needs an absolute path) e.g.:
-#     ClamdSocket unix:/var/run/clamd/clamd.socket
-# The second syntax specifies a tcp local or remote tcp socket: the
-# host can be a hostname or an ip address; the ":port" field is only required
-# for IPv6 addresses, otherwise it defaults to 3310, e.g.:
-#     ClamdSocket tcp:192.168.0.1
-#
-# This option can be repeated several times with different sockets or even
-# with the same socket: clamd servers will be selected in a round-robin fashion.
-#
-# Default: no default
-ClamdSocket /var/run/clamav/clamd
-
-
-##
-## Exclusions
-##
-
-# Messages originating from these hosts/networks will not be scanned
-# This option takes a host(name)/mask pair in CIRD notation and can be
-# repeated several times. If "/mask" is omitted, a host is assumed.
-# To specify a locally orignated, non-smtp, email use the keyword "local"
-#
-# Default: unset (scan everything regardless of the origin)
-#LocalNet local
-#LocalNet 192.168.0.0/24
-#LocalNet 1111:2222:3333::/48
-
-# This option specifies a file which contains a list of basic POSIX regular
-# expressions. Addresses (sent to or from - see below) matching these regexes
-# will not be scanned.  Optionally each line can start with the string "From:"
-# or "To:" (note: no whitespace after the colon) indicating if it is, 
-# respectively, the sender or recipient that is to be whitelisted.
-# If the field is missing, "To:" is assumed.
-# Lines starting with #, : or ! are ignored.
-#
-# Default unset (no exclusion applied)
-#Whitelist /etc/whitelisted_addresses
-
-# Messages from authenticated SMTP users matching this extended POSIX
-# regular expression (egrep-like) will not be scanned.
-# As an alternative, a file containing a plain (not regex) list of names (one
-# per line) can be specified using the prefix "file:".
-# e.g. SkipAuthenticated file:/etc/good_guys
-#
-# Note: this is the AUTH login name!
-#
-# Default: unset (no whitelisting based on SMTP auth)
-#SkipAuthenticated ^(tom|dick|henry)$
-
-# Messages larger than this value won't be scanned.
-# Make sure this value is lower or equal than StreamMaxLength in clamd.conf
-#
-# Default: 25M
-#MaxFileSize 10M
-
-
-##
-## Actions
-##
-
-# The following group of options controls the delievery process under
-# different circumstances.
-# The following actions are available:
-# - Accept
-#   The message is accepted for delievery
-# - Reject
-#   Immediately refuse delievery (a 5xx error is returned to the peer)
-# - Defer
-#   Return a temporary failure message (4xx) to the peer
-# - Blackhole (not available for OnFail)
-#   Like Accept but the message is sent to oblivion
-# - Quarantine (not available for OnFail)
-#   Like Accept but message is quarantined instead of being delivered
-#
-# NOTE: In Sendmail the quarantine queue can be examined via mailq -qQ
-# For Postfix this causes the message to be placed on hold
-# 
-# Action to be performed on clean messages (mostly useful for testing)
-# Default: Accept
-#OnClean Accept
-
-# Action to be performed on infected messages
-# Default: Quarantine
-#OnInfected Quarantine
-
-# Action to be performed on error conditions (this includes failure to
-# allocate data structures, no scanners available, network timeouts,
-# unknown scanner replies and the like)
-# Default: Defer
-#OnFail Defer
-
-# This option allows to set a specific rejection reason for infected messages
-# and it's therefore only useful together with "OnInfected Reject"
-# The string "%v", if present, will be replaced with the virus name.
-# Default: MTA specific
-#RejectMsg 
-
-# If this option is set to "Replace" (or "Yes"), an "X-Virus-Scanned" and an
-# "X-Virus-Status" headers will be attached to each processed message, possibly
-# replacing existing headers.
-# If it is set to Add, the X-Virus headers are added possibly on top of the
-# existing ones.
-# Note that while "Replace" can potentially break DKIM signatures, "Add" may
-# confuse procmail and similar filters.
-# Default: no
-#AddHeader Replace
-
-# When AddHeader is in use, this option allows to arbitrary set the reported
-# hostname. This may be desirable in order to avoid leaking internal names.
-# If unset the real machine name is used.
-# Default: disabled
-#ReportHostname my.mail.server.name
-
-# Execute a command (possibly searching PATH) when an infected message is found.
-# The following parameters are passed to the invoked program in this order:
-# virus name, queue id, sender, destination, subject, message id, message date.
-# Note #1: this requires MTA macroes to be available (see LogInfected below)
-# Note #2: the process is invoked in the context of clamav-milter
-# Note #3: clamav-milter will wait for the process to exit. Be quick or fork to
-# avoid unnecessary delays in email delievery
-# Default: disabled
-#VirusAction /usr/local/bin/my_infected_message_handler
-
-##
-## Logging options
-##
-
-# Uncomment this option to enable logging.
-# LogFile must be writable for the user running daemon.
-# A full path is required.
-#
-# Default: disabled
-#LogFile /var/log/clamav/clamav-milter.log
-
-# By default the log file is locked for writing - the lock protects against
-# running clamav-milter multiple times.
-# This option disables log file locking.
-#
-# Default: no
-#LogFileUnlock yes
-
-# Maximum size of the log file.
-# Value of 0 disables the limit.
-# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
-# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
-# in bytes just don't use modifiers. If LogFileMaxSize is enabled, log
-# rotation (the LogRotate option) will always be enabled.
-#
-# Default: 1M
-#LogFileMaxSize 2M
-
-# Log time with each message.
-#
-# Default: no
-#LogTime yes
-
-# Use system logger (can work together with LogFile).
-#
-# Default: no
-#LogSyslog yes
-
-# Specify the type of syslog messages - please refer to 'man syslog'
-# for facility names.
-#
-# Default: LOG_LOCAL6
-#LogFacility LOG_MAIL
-
-# Enable verbose logging.
-#
-# Default: no
-#LogVerbose yes
-
-# Enable log rotation. Always enabled when LogFileMaxSize is enabled.
-# Default: no
-#LogRotate yes
-
-# This option allows to tune what is logged when a message is infected.
-# Possible values are Off (the default - nothing is logged),
-# Basic (minimal info logged), Full (verbose info logged)
-# Note:
-# For this to work properly in sendmail, make sure the msg_id, mail_addr,
-# rcpt_addr and i macroes are available in eom. In other words add a line like:
-# Milter.macros.eom={msg_id}, {mail_addr}, {rcpt_addr}, i
-# to your .cf file. Alternatively use the macro:
-# define(`confMILTER_MACROS_EOM', `{msg_id}, {mail_addr}, {rcpt_addr}, i')
-# Postfix should be working fine with the default settings.
-#
-# Default: disabled
-#LogInfected Basic
-
-# This option allows to tune what is logged when no threat is found in a scanned message.
-# See LogInfected for possible values and caveats.
-# Useful in debugging but drastically increases the log size.
-# Default: disabled
-#LogClean Basic
-
-# This option affects the behaviour of LogInfected, LogClean and VirusAction
-# when a message with multiple recipients is scanned:
-# If SupportMultipleRecipients is off (the default)
-# then one single log entry is generated for the message and, in case the
-# message is determined to be malicious, the command indicated by VirusAction
-# is executed just once. In both cases only the last recipient is reported.
-# If SupportMultipleRecipients is on:
-# then one line is logged for each recipient and the command indicated
-# by VirusAction is also executed once for each recipient.
-# 
-# Note: although it's probably a good idea to enable this option, the default value
-# is currently set to off for legacy reasons.
-# Default: no
-#SupportMultipleRecipients yes
-