postfix spamfilter a shell prikaz trap
Vilem Kebrt
vilem.kebrt at gmail.com
Wed Jun 17 10:11:25 CEST 2009
Jiří Veselský napsal(a):
>> premejslim o necem podobnym
>> postu mam jak ty (postfix, virtualni uzivatele a spamassassin), ale me
>> by stacilo ty spamy presmerovat na uzivatele "spam". Moje idea byla
>> zatim takova, ze pomoci header_checks mapy bych nedefinoval
>>
>> /^Subject: .*SPAM* /
>> REDIRECT spam at moje.domena
>>
>> zatim jsem to teda nezkousel, je to jen takova idea jeste nedotazena
>> do konce. Nejsem si ani jistej, jestli ten header_checks je aplikovan
>> jen na prvne prichozi maily, nebo i na maily vracene spamassassinem
>>
>> s tim by mi moh nekdo poradit
> No jestli muzu... nerikas jak dostanes zpravu do spamassassina.
> Je vice cest.
> Vsechny zpravy prochazi "cleanup"-em, ktery je soucasti postfixu a zde
> se provadi"header-checks"
> Problem je v tom, ze napriklad pokud spamassassin nakonfigurujes jako
> "milter" (smtpd_milter = local:/var/run/spamass-milter.sock), tak zprava
> nejdrive projde pres cleanup a potom teprve jde do spamassassina a tudis
> radek hlavicky "X-Spam-Status: ..." je pridan az po "cisteni" zpravy a
> tudis neprojde zminovanym header_checks.
> Dalsi moznost je poslat zpravu do spamassassina pomoci smtp a
> spamassassin ti to vrati na jiny port, kde samozrejme header_checks
> zpravy presmeruje jak pozadujes.
Tak presne tuhle druhou moznost pouzivam, prijde mi to i jednodussi z
hlediska pripadneho hledani problemu, jsou to oddelene procesy a v logu
je hned videt jesli se to predalo nebo ne...a hlavne kdyz nastavim
zahazovat viry tak dorucovaci procesy se tim uz vubec nezabivaji tema
virama protoze zpravu zlikviduje hned amavis.
> Treti moznost je pouzit amavis nebo nejaky LDA, ktery ti dovoli
> definovat pravidla.
>
Tuhle treti moznost nejak nakombinoval na serveru kolega, ma tam predani
z postfixu do amavisu, tam to projede antivirem a pres dspam a nasledne
to vrati do maildropa...tam by mel prijit header check jesli se
nepletu...moc sem to nerozebiral jak to ma udelany, nemel jsem na to cas
zatim...
> Co se me tyce, tak mam variantu 1 (milter) a cekam az vyjde Postfix 2.7,
> kde Wietse doprogramoval direktivu "milter_header_checks", ktera jiz
> prochazi zpravy az po vsech definovanych milterech. Prikladam uryvek
> emailu od Wietse a timto mu velmi dekuji:
Tak na tohle se tesim, to vypada vylozene rozumne.
> -----
> I have added header checks for Milter-generated mail headers.
> The feature is called "milter_header_checks".
>
> It is available from Postfix mirrors as postfix-2.7-20090607, and
> also available as an optional patch for Postfix 2.6.
>
> Wietse
>
> milter_header_checks (default: empty)
>
> Optional lookup tables for content inspection of message headers that
> are produced by Milter applications. See the header_checks(5) manual
> page available actions. Currently, PREPEND is not implemented.
>
> The following example sends all mail that is marked as SPAM to a spam
> handling machine. Note that matches are case-insensitive by default.
>
> /etc/postfix/main.cf:
> milter_header_checks = pcre:/etc/postfix/milter_header_checks
>
> /etc/postfix/milter_header_checks:
> /^X-SPAM-FLAG:\s+YES/ FILTER mysmtp:sanitizer.example.com:25
>
> The milter_header_checks mechanism could also be used for whitelisting.
> For example it could be used to skip heavy content scans for DKIM-
> signed mail from known friendly domains.
>
> This feature is available in Postfix 2.7, and as an optional patch for
> Postfix 2.6.
> -----
> Jirka
>
>
>
>
> __________ Informace od ESET NOD32 Antivirus, verze databaze 4160
> (20090616) __________
>
> Tuto zpravu proveril ESET NOD32 Antivirus.
>
> http://www.eset.cz
>
>
> --
> FreeBSD mailing list (users-l at freebsd.cz)
> http://www.freebsd.cz/listserv/listinfo/users-l
More information about the Users-l
mailing list