Introduce CLAMAV_MESSAGE_SIZE_LIMIT env (#2453)

target/scripts/start-mailserver.sh

@@ -21,6 +21,7 @@ VARS[REPORT_RECIPIENT]="${REPORT_RECIPIENT:=${POSTMASTER_ADDRESS}}"
 VARS[REPORT_SENDER]="${REPORT_SENDER:=mailserver-report@${DOMAINNAME}}"
 
 VARS[AMAVIS_LOGLEVEL]="${AMAVIS_LOGLEVEL:=0}"
+VARS[CLAMAV_MESSAGE_SIZE_LIMIT]="${CLAMAV_MESSAGE_SIZE_LIMIT:=25M}" # 25 MB
 VARS[DEFAULT_RELAY_HOST]="${DEFAULT_RELAY_HOST:=}"
 VARS[DMS_DEBUG]="${DMS_DEBUG:=0}"
 VARS[DOVECOT_INET_PROTOCOLS]="${DOVECOT_INET_PROTOCOLS:=all}"
@@ -53,13 +54,13 @@ VARS[MOVE_SPAM_TO_JUNK]="${MOVE_SPAM_TO_JUNK:=1}"
 VARS[NETWORK_INTERFACE]="${NETWORK_INTERFACE:=eth0}"
 VARS[ONE_DIR]="${ONE_DIR:=1}"
 VARS[OVERRIDE_HOSTNAME]="${OVERRIDE_HOSTNAME:-}"
+VARS[PERMIT_DOCKER]="${PERMIT_DOCKER:=none}"
 VARS[PFLOGSUMM_RECIPIENT]="${PFLOGSUMM_RECIPIENT:=${REPORT_RECIPIENT}}"
 VARS[PFLOGSUMM_SENDER]="${PFLOGSUMM_SENDER:=${REPORT_SENDER}}"
 VARS[PFLOGSUMM_TRIGGER]="${PFLOGSUMM_TRIGGER:=none}"
-VARS[PERMIT_DOCKER]="${PERMIT_DOCKER:=none}"
 VARS[POSTFIX_INET_PROTOCOLS]="${POSTFIX_INET_PROTOCOLS:=all}"
 VARS[POSTFIX_MAILBOX_SIZE_LIMIT]="${POSTFIX_MAILBOX_SIZE_LIMIT:=0}"
-VARS[POSTFIX_MESSAGE_SIZE_LIMIT]="${POSTFIX_MESSAGE_SIZE_LIMIT:=10240000}" # ~10MB
+VARS[POSTFIX_MESSAGE_SIZE_LIMIT]="${POSTFIX_MESSAGE_SIZE_LIMIT:=10240000}" # ~10 MB
 VARS[POSTGREY_AUTO_WHITELIST_CLIENTS]="${POSTGREY_AUTO_WHITELIST_CLIENTS:=5}"
 VARS[POSTGREY_DELAY]="${POSTGREY_DELAY:=300}"
 VARS[POSTGREY_MAX_AGE]="${POSTGREY_MAX_AGE:=35}"
@@ -116,6 +117,7 @@ function register_functions
   [[ ${DOVECOT_INET_PROTOCOLS} != 'all' ]] && _register_setup_function '_setup_dovecot_inet_protocols'
   [[ ${ENABLE_FAIL2BAN} -eq 1 ]] && _register_setup_function '_setup_fail2ban'
   [[ ${ENABLE_DNSBL} -eq 0 ]] && _register_setup_function '_setup_dnsbl_disable'
+  [[ ${CLAMAV_MESSAGE_SIZE_LIMIT} != '25M' ]] && _register_setup_function '_setup_clamav_sizelimit'
 
   _register_setup_function '_setup_dkim'
   _register_setup_function '_setup_ssl'

target/scripts/startup/daemons-stack.sh

@@ -130,7 +130,7 @@ EOF
 
 function _start_daemons_clamav
 {
-  _notify 'task' 'Starting clamav'
+  _notify 'task' 'Starting ClamAV'
   supervisorctl start clamav || dms_panic__fail_init 'ClamAV'
 }
 

target/scripts/startup/setup-stack.sh

@@ -443,16 +443,22 @@ function _setup_postfix_postscreen
 
 function _setup_postfix_sizelimits
 {
-  _notify 'inf' "Configuring postfix message size limit"
+  _notify 'inf' "Configuring postfix message size limit to ${POSTFIX_MESSAGE_SIZE_LIMIT}"
   postconf -e "message_size_limit = ${POSTFIX_MESSAGE_SIZE_LIMIT}"
 
-  _notify 'inf' "Configuring postfix mailbox size limit"
+  _notify 'inf' "Configuring postfix mailbox size limit to ${POSTFIX_MAILBOX_SIZE_LIMIT}"
   postconf -e "mailbox_size_limit = ${POSTFIX_MAILBOX_SIZE_LIMIT}"
 
-  _notify 'inf' "Configuring postfix virtual mailbox size limit"
+  _notify 'inf' "Configuring postfix virtual mailbox size limit to ${POSTFIX_MAILBOX_SIZE_LIMIT}"
   postconf -e "virtual_mailbox_limit = ${POSTFIX_MAILBOX_SIZE_LIMIT}"
 }
 
+function _setup_clamav_sizelimit
+{
+  _notify 'inf' "Configuring ClamAV message scan size limit to ${CLAMAV_MESSAGE_SIZE_LIMIT}"
+  sedfile -i "s/^MaxFileSize.*/MaxFileSize ${CLAMAV_MESSAGE_SIZE_LIMIT}/" /etc/clamav/clamd.conf
+}
+
 function _setup_postfix_smtputf8
 {
   _notify 'inf' "Configuring postfix smtputf8 support (disable)"
@@ -948,14 +954,14 @@ EOM
     fi
   fi
 
-  # Clamav
+  # ClamAV
   if [[ ${ENABLE_CLAMAV} -eq 0 ]]
   then
-    _notify 'warn' "Clamav is disabled. You can enable it with 'ENABLE_CLAMAV=1'"
+    _notify 'warn' "ClamAV is disabled. You can enable it with 'ENABLE_CLAMAV=1'"
     echo '@bypass_virus_checks_maps = (1);' >>"${DMS_AMAVIS_FILE}"
   elif [[ ${ENABLE_CLAMAV} -eq 1 ]]
   then
-    _notify 'inf' 'Enabling clamav'
+    _notify 'inf' 'Enabling ClamAV'
   fi
 
   echo '1;  # ensure a defined return' >>"${DMS_AMAVIS_FILE}"