Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
REJECT with Before-Queue Content Filter?
59 views
Skip to first unread message
Juerg Reimann
Aug 27, 2012, 3:03:26 PM8/27/12
to
Hello everybody,
Please excuse my probably rather novice question but I couldn't find any hint on this. The document at http://www.postfix.org/SMTPD_PROXY_README.html says it should be possible to reject an email with a before-queue content filter ... but how would I exactly accomplish this?
What I want to do is reject what spamassassin considers spam (ok, I know the cons, but I really want to do it this way), so what I have in my master.cf is:
smtp inet n - n - - smtpd
-o content_filter=spamfilter:dummy
spamfilter unix - n n - - pipe
flags=Rq user=spamfilter argv=/.../spamfilter -f ${sender} -- ${recipient}
And in spamfilter I have this:
#!/bin/bash
/usr/bin/spamc | /usr/lib/sendmail -i "$@"
exit $?
So how would I have to change my spamfilter in order to have Postfix reject what spamassassin considers spam? A header check on /X-Spam-Level: \*{5,}/ does not work; as in this step Postfix has already accepted the email; it would generate backscatter instead, not what I want...
Thanks a lot for some advice!
Please excuse my probably rather novice question but I couldn't find any hint on this. The document at http://www.postfix.org/SMTPD_PROXY_README.html says it should be possible to reject an email with a before-queue content filter ... but how would I exactly accomplish this?
What I want to do is reject what spamassassin considers spam (ok, I know the cons, but I really want to do it this way), so what I have in my master.cf is:
smtp inet n - n - - smtpd
-o content_filter=spamfilter:dummy
spamfilter unix - n n - - pipe
flags=Rq user=spamfilter argv=/.../spamfilter -f ${sender} -- ${recipient}
And in spamfilter I have this:
#!/bin/bash
/usr/bin/spamc | /usr/lib/sendmail -i "$@"
exit $?
So how would I have to change my spamfilter in order to have Postfix reject what spamassassin considers spam? A header check on /X-Spam-Level: \*{5,}/ does not work; as in this step Postfix has already accepted the email; it would generate backscatter instead, not what I want...
Thanks a lot for some advice!
Brian Evans - Postfix List
Aug 27, 2012, 3:15:50 PM8/27/12
to
On 8/27/2012 3:03 PM, Juerg Reimann wrote:
> Hello everybody,
>
> Please excuse my probably rather novice question but I couldn't find any hint on this. The document at http://www.postfix.org/SMTPD_PROXY_README.html says it should be possible to reject an email with a before-queue content filter ... but how would I exactly accomplish this?
>
> What I want to do is reject what spamassassin considers spam (ok, I know the cons, but I really want to do it this way), so what I have in my master.cf is:
If I were you, I would use spamass-milter or similar because it does
> Hello everybody,
>
> Please excuse my probably rather novice question but I couldn't find any hint on this. The document at http://www.postfix.org/SMTPD_PROXY_README.html says it should be possible to reject an email with a before-queue content filter ... but how would I exactly accomplish this?
>
> What I want to do is reject what spamassassin considers spam (ok, I know the cons, but I really want to do it this way), so what I have in my master.cf is:
exactly what you describe.
Personally, I use amavisd-milter to do virus scanning as well as spam
checking at the front door.
Just understand that milters are global as per the documentation.
I'm sure there are before-queue filters out there, but you cannot use a
pipe.
You must create/find a front-end that speaks SMTP as noted at the bottom
of the SMTPD_PROXY_README.
Brian
Noel Jones
Aug 27, 2012, 3:26:52 PM8/27/12
to
On 8/27/2012 2:03 PM, Juerg Reimann wrote:
> Hello everybody,
>
> Please excuse my probably rather novice question but I couldn't find any hint on this. The document at http://www.postfix.org/SMTPD_PROXY_README.html says it should be possible to reject an email with a before-queue content filter ... but how would I exactly accomplish this?
>
> What I want to do is reject what spamassassin considers spam (ok, I know the cons, but I really want to do it this way), so what I have in my master.cf is:
>
> Hello everybody,
>
> Please excuse my probably rather novice question but I couldn't find any hint on this. The document at http://www.postfix.org/SMTPD_PROXY_README.html says it should be possible to reject an email with a before-queue content filter ... but how would I exactly accomplish this?
>
> What I want to do is reject what spamassassin considers spam (ok, I know the cons, but I really want to do it this way), so what I have in my master.cf is:
>
> smtp inet n - n - - smtpd
> -o content_filter=spamfilter:dummy
> spamfilter unix - n n - - pipe
> flags=Rq user=spamfilter argv=/.../spamfilter -f ${sender} -- ${recipient}
This is what postfix refers to as a "simple content filter", and
> -o content_filter=spamfilter:dummy
> spamfilter unix - n n - - pipe
> flags=Rq user=spamfilter argv=/.../spamfilter -f ${sender} -- ${recipient}
cannot be used as a before-queue filter.
http://www.postfix.org/FILTER_README.html#simple_filter
To use spamassassin in a before-queue filter, SA will need to be
called either from a milter, or from an "advanced content filter"
that speaks SMTP.
amavisd-new is frequently recommended as a reliable and flexible
advanced content filter that is suitable for use as an
smtpd_proxy_filter.
spamass-milter is frequently recommended as a simple milter for
spamassassin integration.
Although the setup and protocol of smtpd_proxy_filter vs. milter is
very different, overall system load/efficiency is largely the same,
making the choice mostly a feature set of a particular product.
-- Noel Jones
KSB
Aug 27, 2012, 3:30:04 PM8/27/12
to
On 2012.08.27. 22:15, Brian Evans - Postfix List wrote:
> I'm sure there are before-queue filters out there, but you cannot use a
> pipe.
> You must create/find a front-end that speaks SMTP as noted at the bottom
> of the SMTPD_PROXY_README.
>
> Brian
>
__
KSB
Ralf Hildebrandt
Aug 27, 2012, 3:30:29 PM8/27/12
to
* Juerg Reimann <j...@jworld.ch>:
a "pipe" instead of a filter that speaks SMTP.
Use a milter or amavisd-new (or, for that matter, any filter solution
that speaks SMTP).
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hil...@charite.de | http://www.charite.de
> Hello everybody,
>
> Please excuse my probably rather novice question but I couldn't find any hint on this. The document at http://www.postfix.org/SMTPD_PROXY_README.html says it should be possible to reject an email with a before-queue content filter ... but how would I exactly accomplish this?
>
> What I want to do is reject what spamassassin considers spam (ok, I know the cons, but I really want to do it this way), so what I have in my master.cf is:
>
> smtp inet n - n - - smtpd
> -o content_filter=spamfilter:dummy
> spamfilter unix - n n - - pipe
> flags=Rq user=spamfilter argv=/.../spamfilter -f ${sender} -- ${recipient}
That's not possible to use in a smtp_proxy_filter setup, since it uses
>
> Please excuse my probably rather novice question but I couldn't find any hint on this. The document at http://www.postfix.org/SMTPD_PROXY_README.html says it should be possible to reject an email with a before-queue content filter ... but how would I exactly accomplish this?
>
> What I want to do is reject what spamassassin considers spam (ok, I know the cons, but I really want to do it this way), so what I have in my master.cf is:
>
> smtp inet n - n - - smtpd
> -o content_filter=spamfilter:dummy
> spamfilter unix - n n - - pipe
> flags=Rq user=spamfilter argv=/.../spamfilter -f ${sender} -- ${recipient}
a "pipe" instead of a filter that speaks SMTP.
Use a milter or amavisd-new (or, for that matter, any filter solution
that speaks SMTP).
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hil...@charite.de | http://www.charite.de
0 new messages