How to Remove UNCHECKED Term Attached in Email Subject Area When Received
How do I turn off "UNCHECKED contents in mail FROM" mails sent by Amavis to the postmaster of the domain every time a user sends an encrypted mail. The setup is a Debian 7 with postfix and amavisd.
Solution 1:
You can use the parameter %admin_maps_by_ccat to define whom amavisd-new sends Mails for each of its categories. With undef you can disable the mails.
So you have to define a setting like the following if you don't want to get mails for all "unchecked" mails:
$admin_maps_by_ccat{+CC_UNCHECKED} = undef;
To only do this for UNCHECKED-ENCRYPTED use this (for amavis 2.9.0, found via release notes):
$admin_maps_by_ccat{+CC_UNCHECKED.',1'} = undef;
Solution 2:
The problem of receiving emails having UNCHECKED in the subject can be resolved in two fashions.
The first solution is a temporary and quick fix which can lead to other unwanted problems since mails will not be scanned. Let's us look at what has been proposed so far.
The usage of "$admin_maps_by_ccat{+CC_UNCHECKED} = undef;" as mentioned above should not be used because that solution does not really address the real problem which is stemming from clamav being outdated. Please be aware that once clamav is OUTDATED, the "UNCHECKED" term in the email subject will be attached once more because emails sent by clients can not be scanned properly by clamav that is not updated.
Another aspect of solution one is to add in the file "/etc/amavis/conf.d/50-user" the snippet, "$undecipherable_subject_tag=undef;" without the quotation marks of course, as proposed by some individulas. Still, THAT IS NOT A SOLUTION for the same reason mentioned above.
Let's look at solution number two.
First run the command freshclam. Doing so will generate most likely more than one error but will also tell you the latest clamav version. To have a much better output of the problem, run if need be:
tail -20 /var/log/clamav/freshclam.log
Second, Uninstall the old version with the command:
apt remove clamav
Third, download the latest clamav file with the command:
wget https://www.clamav.net/downloads/production/clamav-0.100.1.tar.gz
Here I am using clamav-0.100.1 as an example. Please choose the latest version
Fourth, extract the file with the command:
tar xf clamav*
Then make sure that you are in the clamav directory. So, run the command:
cd clamav*/
Now let's compile clamav with the following three commands one by one in the clamav directory:
./configure
make
make install
Once more run the command:
freshclam
If you get the error “Can’t open/parse the config file /usr/local/etc/freshclam.cong", here is how to fix it.
Remove the existing freshclam.conf file from the /usr/local/etc/ folder with the command:
rm -f /usr/local/etc/freshclam.conf
If the file is not there, proceed to the next step below by creating a link to the new file so that if you ever have to run it again, the conf file will stay updated.
ln -s /etc/clamav/freshclam.conf /usr/local/etc/freshclam.conf
Then run freshclam to update.
freshclam
Well, there is one more minor error you will get because freshclam is already running in the background. let's kill it with the command:
pkill -15 -x freshclam
Finally, run freshclam again as follows:
freshclam
Voila.
To test, send yourself an email or ask a friend to send you an email. You should not see the UNCHECKED term in the subject of the emails sent from clients. If one week later you have the same error, most likely clamav is upgraded to a newer version.