From 57dafd46f4d09846d6bd397005fc3619b13f68a1 Mon Sep 17 00:00:00 2001
From: William Desportes <williamdes@wdes.fr>
Date: Wed, 10 Jan 2024 16:00:57 +0100
Subject: [PATCH] Amavis config tweaks

---
 .env.dist          |  1 -
 docker-compose.yml |  1 -
 tests/.env.test1   |  1 -
 user-patches.sh    | 26 ++++++++++++++++++++++++--
 4 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/.env.dist b/.env.dist
index b839e19..39e509e 100755
--- a/.env.dist
+++ b/.env.dist
@@ -50,7 +50,6 @@ PFLOGSUMM_RECIPIENT=
 LOGWATCH_RECIPIENT=
 # The @ must be escaped like \@
 VIRUS_ADMIN_EMAIL=
-VIRUS_X_HEADER_LINE=
 
 # Fail2ban config to allow IPs to make failed attempts
 FAIL2BAN_IGNORE_IPS=
diff --git a/docker-compose.yml b/docker-compose.yml
index 35d0b00..e3d9203 100755
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -131,7 +131,6 @@ services:
             MAILTO: "${CRON_MAILTO:-$POSTMASTER_ADDRESS}"
             POSTMASTER_ADDRESS: "${POSTMASTER_ADDRESS}"
             VIRUS_ADMIN_EMAIL: "${VIRUS_ADMIN_EMAIL}"
-            VIRUS_X_HEADER_LINE: "${VIRUS_X_HEADER_LINE}"
             PFLOGSUMM_RECIPIENT: "${PFLOGSUMM_RECIPIENT}"
             PFLOGSUMM_TRIGGER: daily_cron
             LOGWATCH_INTERVAL: daily
diff --git a/tests/.env.test1 b/tests/.env.test1
index 0d3adb1..4379101 100755
--- a/tests/.env.test1
+++ b/tests/.env.test1
@@ -61,7 +61,6 @@ VIRUS_ADMIN_EMAIL=tech@desportes.corp
 POSTMASTER_ADDRESS=tech@desportes.corp
 CRON_MAILFROM=tech+cronsend@desportes.corp
 CRON_MAILTO=tech+cronrcpt@desportes.corp
-VIRUS_X_HEADER_LINE="at Wdes SAS"
 
 # Replication
 DOVECOT_REPLICATION_SERVER=
diff --git a/user-patches.sh b/user-patches.sh
index 8016c9f..00b70e9 100755
--- a/user-patches.sh
+++ b/user-patches.sh
@@ -31,6 +31,29 @@ printf '\nsmtp_helo_name = %s\n' "${OVERRIDE_HOSTNAME}" >> /etc/postfix/main.cf
 
 echo 'Add spam check config'
 
+cat <<EOF > /etc/amavis/conf.d/05-domain_id
+use strict;
+
+# \$mydomain is used just for convenience in the config files and it is not
+# used internally by amavisd-new except in the default X_HEADER_LINE (which
+# Debian overrides by default anyway).
+
+\$mydomain = '$OVERRIDE_HOSTNAME';
+
+# amavisd-new needs to know which email domains are to be considered local
+# to the administrative domain.  Only emails to "local" domains are subject
+# to certain functionality, such as the addition of spam tags.
+#
+# Default local domains to \$mydomain and all subdomains.  Remember to
+# override or redefine this if \$mydomain is changed later in the config
+# sequence.
+
+@local_domains_acl = ( "$OVERRIDE_HOSTNAME" );
+
+1;  # ensure a defined return
+
+EOF
+
 cat <<EOF > /etc/amavis/conf.d/50-user
 use strict;
 
@@ -51,8 +74,7 @@ use strict;
 \$enable_dkim_verification = 1; # Check DKIM
 
 \$virus_admin = '${VIRUS_ADMIN_EMAIL}';
-
-\$X_HEADER_LINE = '${VIRUS_X_HEADER_LINE}';
+\$banned_quarantine_to = '${VIRUS_ADMIN_EMAIL}';
 
 #------------ Do not modify anything below this line -------------
 1;  # ensure a defined return