amavis-user June 2010 archive
Main Archive Page > Month Archives  > amavis-user archives
amavis-user: Re: [AMaViS-user] AMaViS as before-queue content fi

Re: [AMaViS-user] AMaViS as before-queue content filter to Postfix?

From: Patrick Ben Koetter <p_at_nospam>
Date: Tue Jun 29 2010 - 06:50:52 GMT
To: amavis-user@lists.sourceforge.net

* Rich Wales <richw@richw.org>:
> I'm using Postfix 2.6.5, with AMaViSd-new 2.6.4 as an after-queue
> content filter. Messages scoring above 5 are being quarantined for
> later examination using MailZu.
>
> I would like to reconfigure my setup to use AMaViS as a before-queue
> content filter -- rejecting messages scoring above 25 (or maybe 30),
> accepting (and quarantining) messages scoring between 5 and 25 (or
> 30), and delivering mail scoring below 5.
>
> How do I do this?
>
> I understand the "cons" about increased load on my mail server if I
> adopt before-queue filter mode, and I'm prepared to deal with this.

Change $final_spam_destiny in amavisd confguration to:

$final_spam_destiny = D_REJECT;

Tune these to suit your needs:
$sa_tag_level_deflt = 0.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions

Add this in /etc/postfix/master.cf:
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================

#
# Handle incoming message and hand it down to amavisd-new
#
smtp inet n - n - 16 smtpd
        -o smtpd_proxy_filter=127.0.0.1:10024
        -o smtpd_client_connection_count_limit=10
        -o smtpd_authorized_xforward_hosts=127.0.0.0/8
        -o smtpd_authorized_xclient_hosts=127.0.0.0/8

...

#
# Reinject message from amavisd-new to Postfix
#
127.0.0.1:10025 inet n - n - - smtpd
    -o content_filter=
    -o smtpd_authorized_xforward_hosts=127.0.0.0/8
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o smtpd_restriction_classes=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
    -o local_header_rewrite_clients=

Then drop the content_filter-setting in main.cf.
Reload amavisd-new.
Reload Postfix.

p@rick

-- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/> ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org