info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
How to concatenate two content filters
32 views
Skip to first unread message
larzeni
Mar 29, 2016, 2:41:51 PM3/29/16
to
Hi,
I'm using postfix 2.11 under Debian GNU/Linux 8.3 Jessie
I integrated amavis-new with postfix and used it to integrate clamav, spamassassin, pyzor and razor.
So fine, so good.
I need now to extract big attachment and webserve them placing a link into the mail.
I know that I can do it with:
- MimeDefang
or using the example directly from postfix site, at url:
- http://fex.rus.uni-stuttgart.de/usecases/BIGMAIL.html
But here comes my question: I would like to extract attachment only AFTER the amavis content filter, so I should place them after amavis (or within it, if it's possible).
Can someone help me?
Thanks,
larzeni
Here are my master.cf and my main.cf:
=== master.cf ===============================================
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
# porta 25: smtp (mail che arrivano da altri server, o da client locali)
smtp inet n - - - - smtpd
-o syslog_name=postfix-smtp
submission inet n - - - - smtpd
-o syslog_name=postfix-submission
-o smtpd_tls_wrappermode=no
-o smtpd_tls_security_level=encrypt
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
pickup unix n - - 60 1 pickup
-o receive_override_options=no_header_body_checks
-o content_filter=
cleanup unix n - - - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
relay unix - - - - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
amavis unix - - - - 6 lmtp
-o lmtp_data_done_timeout=1200
-o lmtp_send_xforward_command=yes
-o max_use=20
127.0.0.1:10025 inet n - - - - smtpd
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o smtpd_delay_reject=no
-o local_header_rewrite_clients=
-o local_recipient_maps=
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings,no_milters
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=permit_mynetworks,reject
-o smtpd_sender_restrictions=permit_mynetworks,reject
-o smtpd_relay_restrictions=permit_mynetworks,reject
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining,permit
-o content_filter=
===== main.cf =============================================
myhostname = /etc/mailname
mydestination =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
relay_domains =
relayhost =
smtpd_helo_required = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU Linux)
biff = no
alias_maps = hash:/etc/aliases
strict_rfc821_envelopes = yes
append_dot_mydomain = no
recipient_delimiter = +
readme_directory = no
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_auth_only = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
# ------------------------------------------------------------------------
# Allow all connections to SMTP daemon on port 25; we will place more
# checks in following restrictions
smtpd_client_restrictions =
permit
# Don't talk to mail systems that have no public own hostname.
# Explicitely permit mynetwork an authenticated client to avoid DNS lookups
smtpd_helo_restrictions =
permit_mynetworks, permit_sasl_authenticated,
reject_unknown_helo_hostname
permit
# Don't accept mail from domains that don't exist.
# Explicitely permit mynetwork an authenticated client to avoid DNS lookups
smtpd_sender_restrictions =
permit_mynetworks, permit_sasl_authenticated,
reject_unknown_sender_domain
permit
# Allow to send mail to another domain only if you are a local process or an authenticated
# client; reject if you are not sending mail to one of my virtual domains (so permit to
# send mail only to my virtual domains). In this restriction, "permit_mynetworks" and
# "permit_sasl_authenticated" are here to do their real job and not simply to shorten
# the evaluation process
smtpd_relay_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
permit
# Spam control: Explicitely permit mynetwork an authenticated client to avoid DNBLS lookups
# then first check postgrey and, if passed, go through DBLs checks
smtpd_recipient_restrictions =
permit_mynetworks, permit_sasl_authenticated,
check_policy_service inet:127.0.0.1:10023,
reject_rbl_client zen.spamhaus.org,
reject_rhsbl_helo dbl.spamhaus.org,
reject_rhsbl_sender dbl.spamhaus.org,
permit
# ------------------------------------------------------------------------
content_filter = amavis:[127.0.0.1]:10024
# ------------------------------------------------------------------------
virtual_mailbox_domains =
pgsql:/etc/postfix/pgsql-virtual-mailbox-domains.cf
virtual_mailbox_maps =
pgsql:/etc/postfix/pgsql-virtual-mailbox-maps.cf
virtual_alias_maps =
pgsql:/etc/postfix/pgsql-virtual-alias-maps.cf,
pgsql:/etc/postfix/pgsql-virtual-email2email.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
==================================================
I'm using postfix 2.11 under Debian GNU/Linux 8.3 Jessie
I integrated amavis-new with postfix and used it to integrate clamav, spamassassin, pyzor and razor.
So fine, so good.
I need now to extract big attachment and webserve them placing a link into the mail.
I know that I can do it with:
- MimeDefang
or using the example directly from postfix site, at url:
- http://fex.rus.uni-stuttgart.de/usecases/BIGMAIL.html
But here comes my question: I would like to extract attachment only AFTER the amavis content filter, so I should place them after amavis (or within it, if it's possible).
Can someone help me?
Thanks,
larzeni
Here are my master.cf and my main.cf:
=== master.cf ===============================================
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
# porta 25: smtp (mail che arrivano da altri server, o da client locali)
smtp inet n - - - - smtpd
-o syslog_name=postfix-smtp
submission inet n - - - - smtpd
-o syslog_name=postfix-submission
-o smtpd_tls_wrappermode=no
-o smtpd_tls_security_level=encrypt
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
pickup unix n - - 60 1 pickup
-o receive_override_options=no_header_body_checks
-o content_filter=
cleanup unix n - - - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
relay unix - - - - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
amavis unix - - - - 6 lmtp
-o lmtp_data_done_timeout=1200
-o lmtp_send_xforward_command=yes
-o max_use=20
127.0.0.1:10025 inet n - - - - smtpd
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o smtpd_delay_reject=no
-o local_header_rewrite_clients=
-o local_recipient_maps=
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings,no_milters
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=permit_mynetworks,reject
-o smtpd_sender_restrictions=permit_mynetworks,reject
-o smtpd_relay_restrictions=permit_mynetworks,reject
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining,permit
-o content_filter=
===== main.cf =============================================
myhostname = /etc/mailname
mydestination =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
relay_domains =
relayhost =
smtpd_helo_required = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU Linux)
biff = no
alias_maps = hash:/etc/aliases
strict_rfc821_envelopes = yes
append_dot_mydomain = no
recipient_delimiter = +
readme_directory = no
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_auth_only = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
# ------------------------------------------------------------------------
# Allow all connections to SMTP daemon on port 25; we will place more
# checks in following restrictions
smtpd_client_restrictions =
permit
# Don't talk to mail systems that have no public own hostname.
# Explicitely permit mynetwork an authenticated client to avoid DNS lookups
smtpd_helo_restrictions =
permit_mynetworks, permit_sasl_authenticated,
reject_unknown_helo_hostname
permit
# Don't accept mail from domains that don't exist.
# Explicitely permit mynetwork an authenticated client to avoid DNS lookups
smtpd_sender_restrictions =
permit_mynetworks, permit_sasl_authenticated,
reject_unknown_sender_domain
permit
# Allow to send mail to another domain only if you are a local process or an authenticated
# client; reject if you are not sending mail to one of my virtual domains (so permit to
# send mail only to my virtual domains). In this restriction, "permit_mynetworks" and
# "permit_sasl_authenticated" are here to do their real job and not simply to shorten
# the evaluation process
smtpd_relay_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
permit
# Spam control: Explicitely permit mynetwork an authenticated client to avoid DNBLS lookups
# then first check postgrey and, if passed, go through DBLs checks
smtpd_recipient_restrictions =
permit_mynetworks, permit_sasl_authenticated,
check_policy_service inet:127.0.0.1:10023,
reject_rbl_client zen.spamhaus.org,
reject_rhsbl_helo dbl.spamhaus.org,
reject_rhsbl_sender dbl.spamhaus.org,
permit
# ------------------------------------------------------------------------
content_filter = amavis:[127.0.0.1]:10024
# ------------------------------------------------------------------------
virtual_mailbox_domains =
pgsql:/etc/postfix/pgsql-virtual-mailbox-domains.cf
virtual_mailbox_maps =
pgsql:/etc/postfix/pgsql-virtual-mailbox-maps.cf
virtual_alias_maps =
pgsql:/etc/postfix/pgsql-virtual-alias-maps.cf,
pgsql:/etc/postfix/pgsql-virtual-email2email.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
==================================================
d.agosti...@gmail.com
Mar 29, 2016, 4:47:23 PM3/29/16
to
Your smtp trafic is incoming or port 25 and AMAVIS send the mails back to postfix on port 10025. Maybe you can set AMAVIS to loopback to 10026 and apply differents rules/options than the smtpd service listening on port 10025 but the easier would be to set up an external content filter with the content_filter option which is empty in your case.
Regards
Victor
larzeni
May 5, 2016, 1:51:18 PM5/5/16
to
Thanks Victor,
I was not able to use the content filter, but I used your hint to build my solution.
Here is a link to the details to help anyone sould need it.
https://using-debian.blogspot.it/2016/05/postfix-remove-and-webserve-attachments.html
Thanks again!
I was not able to use the content filter, but I used your hint to build my solution.
Here is a link to the details to help anyone sould need it.
https://using-debian.blogspot.it/2016/05/postfix-remove-and-webserve-attachments.html
Thanks again!
0 new messages