postfix spamfilter a shell prikaz trap

Vilem Kebrt vilem.kebrt at gmail.com
Wed Jun 17 10:11:25 CEST 2009


Jiří Veselský napsal(a):
>> premejslim o necem podobnym
>> postu mam jak ty (postfix, virtualni uzivatele a spamassassin), ale me 
>> by stacilo ty spamy presmerovat na uzivatele "spam". Moje idea byla 
>> zatim takova, ze pomoci header_checks mapy bych nedefinoval
>>
>> /^Subject: .*SPAM* /
>> REDIRECT spam at moje.domena
>>
>> zatim jsem to teda nezkousel, je to jen takova idea jeste nedotazena 
>> do konce. Nejsem si ani jistej, jestli ten header_checks je aplikovan 
>> jen na prvne prichozi maily, nebo i na maily vracene spamassassinem
>>
>> s tim by mi moh nekdo poradit
> No jestli muzu... nerikas jak dostanes zpravu do spamassassina.
> Je vice cest.
> Vsechny zpravy prochazi "cleanup"-em, ktery je soucasti postfixu a zde 
> se provadi"header-checks"
> Problem je v tom, ze napriklad pokud spamassassin nakonfigurujes jako 
> "milter" (smtpd_milter = local:/var/run/spamass-milter.sock), tak zprava 
> nejdrive projde pres cleanup a potom teprve jde do spamassassina a tudis 
> radek hlavicky "X-Spam-Status: ..." je pridan az po "cisteni" zpravy a 
> tudis neprojde zminovanym header_checks.
> Dalsi moznost je poslat zpravu do spamassassina pomoci smtp a 
> spamassassin ti to vrati na jiny port, kde samozrejme header_checks 
> zpravy presmeruje jak pozadujes.
Tak presne tuhle druhou moznost pouzivam, prijde mi to i jednodussi z 
hlediska pripadneho hledani problemu, jsou to oddelene procesy a v logu 
je hned videt jesli se to predalo nebo ne...a hlavne kdyz nastavim 
zahazovat viry tak dorucovaci procesy se tim uz vubec nezabivaji tema 
virama protoze zpravu zlikviduje hned amavis.
> Treti moznost je pouzit amavis nebo nejaky LDA, ktery ti dovoli 
> definovat pravidla.
> 
Tuhle treti moznost nejak nakombinoval na serveru kolega, ma tam predani 
z postfixu do amavisu, tam to projede antivirem a pres dspam a nasledne 
to vrati do maildropa...tam by mel prijit header check jesli se 
nepletu...moc sem to nerozebiral jak to ma udelany, nemel jsem na to cas 
zatim...

> Co se me tyce, tak mam variantu 1 (milter) a cekam az vyjde Postfix 2.7, 
> kde Wietse doprogramoval direktivu "milter_header_checks", ktera jiz 
> prochazi zpravy az po vsech definovanych milterech. Prikladam uryvek 
> emailu od Wietse a timto mu velmi dekuji:
Tak na tohle se tesim, to vypada vylozene rozumne.
> -----
> I have added header checks for Milter-generated mail headers.
> The feature is called "milter_header_checks".
> 
> It is available from Postfix mirrors as postfix-2.7-20090607, and
> also available as an optional patch for Postfix 2.6.
> 
> Wietse
> 
> milter_header_checks (default: empty)
> 
> Optional lookup tables for content inspection of message headers that
> are produced by Milter applications. See the header_checks(5) manual
> page available actions. Currently, PREPEND is not implemented.
> 
> The following example sends all mail that is marked as SPAM to a spam
> handling machine. Note that matches are case-insensitive by default.
> 
> /etc/postfix/main.cf:
> milter_header_checks = pcre:/etc/postfix/milter_header_checks
> 
> /etc/postfix/milter_header_checks:
> /^X-SPAM-FLAG:\s+YES/ FILTER mysmtp:sanitizer.example.com:25
> 
> The milter_header_checks mechanism could also be used for whitelisting.
> For example it could be used to skip heavy content scans for DKIM-
> signed mail from known friendly domains.
> 
> This feature is available in Postfix 2.7, and as an optional patch for
> Postfix 2.6.
> -----
> Jirka
> 
> 
> 
> 
> __________ Informace od ESET NOD32 Antivirus, verze databaze 4160 
> (20090616) __________
> 
> Tuto zpravu proveril ESET NOD32 Antivirus.
> 
> http://www.eset.cz
> 
> 
> -- 
> FreeBSD mailing list (users-l at freebsd.cz)
> http://www.freebsd.cz/listserv/listinfo/users-l




More information about the Users-l mailing list