You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Yoda Woda <yo...@yahoo.com> on 2007/10/19 16:30:47 UTC
How to Reject Messages
Here my scenario: I have postfix and spamassassin installed in a gateway machine. Postfix accepts incoming messages, pipes them to spamassassin for scoring, which then pipes them back to postfix to be relayed to another machine. This work fine for us
What I am trying to do now is to have spamassassin reject a message (say if the score is above 5) before it is re-injected back to postfix for relay. How can I accomplish this. Here is my master.cf:
#smtp inet n - n - - smtpd
smtp inet n - n - - smtpd -o content_filter=spam
spam unix - n n - - pipe user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail.postfix -oi -f ${sender} ${recipient}
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_etrn_restrictions=reject
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
#tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
#local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Re: How to Reject Messages
Posted by Per Jessen <pe...@computer.org>.
David B Funk wrote:
> Using sendmail and a milter it is easily possible to do a proper
> reject (571) at incoming SMTP time. How can this be properly done
> using postfix?
You can do pre-queue filtering with postfix - whether you'll want to do
so depends on your inbound transaction rate.
/Per Jessen, Zürich
Re: How to Reject Messages
Posted by Noel Jones <no...@gmail.com>.
On 10/19/07, David B Funk <db...@engineering.uiowa.edu> wrote:
> On Fri, 19 Oct 2007, Noel Jones wrote:
>
> > On 10/19/07, Yoda Woda <yo...@yahoo.com> wrote:
> > > Here my scenario: I have postfix and spamassassin installed in a gateway
> > > machine. Postfix accepts incoming messages, pipes them to spamassassin for
> > > scoring, which then pipes them back to postfix to be relayed to another
> > > machine. This work fine for us
> > >
> > > What I am trying to do now is to have spamassassin reject a message (say if
> > > the score is above 5) before it is re-injected back to postfix for relay.
> > > How can I accomplish this. Here is my master.cf:
> >
> > Don't reject messages once postfix has accepted them. This makes you
> > a backscatter source and will eventually get you blacklisted.
> >
> > You can discard messages that are over some score threshold by either
> > using a postfix header_checks rule in the reinjection postfix
> > instance, or better, run spamassassin under amavisd-new and use it to
> > quarantine/discard messages over some score.
>
> Using sendmail and a milter it is easily possible to do a proper
> reject (571) at incoming SMTP time. How can this be properly done
> using postfix? Currently I use sendmail+milter in my MXs, I've thought
> about switching to postifx but dont want to lose that functionality.
>
> Dave
Postfix supports milters, use version 2.4.5 or newer for best results.
You should be able to continue using your existing milter if you like
its feature set.
Postfix also supports pre queue filtering with the smtpd_proxy_filter
setting. Amavisd-new is one example of a program that can be used in
this manner (but it's recommended to use amavisd-new as a post-queue
content_filter).
See postfix docs or postfix-users list for details.
Note that when using any kind of pre-queue filtering, whether via a
milter or a proxy, peak throughput is limited to the throughput of the
filter. Running a resource intensive filter such as SpamAssassin
pre-queue is best limited to small sites or larger sites that can
allocate enough hardware to handle the expected peak load.
--
Noel Jones
Re: How to Reject Messages
Posted by David B Funk <db...@engineering.uiowa.edu>.
On Fri, 19 Oct 2007, Noel Jones wrote:
> On 10/19/07, Yoda Woda <yo...@yahoo.com> wrote:
> > Here my scenario: I have postfix and spamassassin installed in a gateway
> > machine. Postfix accepts incoming messages, pipes them to spamassassin for
> > scoring, which then pipes them back to postfix to be relayed to another
> > machine. This work fine for us
> >
> > What I am trying to do now is to have spamassassin reject a message (say if
> > the score is above 5) before it is re-injected back to postfix for relay.
> > How can I accomplish this. Here is my master.cf:
>
> Don't reject messages once postfix has accepted them. This makes you
> a backscatter source and will eventually get you blacklisted.
>
> You can discard messages that are over some score threshold by either
> using a postfix header_checks rule in the reinjection postfix
> instance, or better, run spamassassin under amavisd-new and use it to
> quarantine/discard messages over some score.
Using sendmail and a milter it is easily possible to do a proper
reject (571) at incoming SMTP time. How can this be properly done
using postfix? Currently I use sendmail+milter in my MXs, I've thought
about switching to postifx but dont want to lose that functionality.
Dave
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
Re: How to Reject Messages
Posted by Noel Jones <no...@gmail.com>.
On 10/19/07, Yoda Woda <yo...@yahoo.com> wrote:
> Here my scenario: I have postfix and spamassassin installed in a gateway
> machine. Postfix accepts incoming messages, pipes them to spamassassin for
> scoring, which then pipes them back to postfix to be relayed to another
> machine. This work fine for us
>
> What I am trying to do now is to have spamassassin reject a message (say if
> the score is above 5) before it is re-injected back to postfix for relay.
> How can I accomplish this. Here is my master.cf:
Don't reject messages once postfix has accepted them. This makes you
a backscatter source and will eventually get you blacklisted.
You can discard messages that are over some score threshold by either
using a postfix header_checks rule in the reinjection postfix
instance, or better, run spamassassin under amavisd-new and use it to
quarantine/discard messages over some score.
--
Noel Jones
Re: How to Reject Messages
Posted by Evan Platt <ev...@espphotography.com>.
SpamAssassin won't / can't reject mail. You'd need to use procmail or
another similar method.
At 07:30 AM 10/19/2007, Yoda Woda wrote:
>Here my scenario: I have postfix and spamassassin installed in a
>gateway machine. Postfix accepts incoming messages, pipes them to
>spamassassin for scoring, which then pipes them back to postfix to
>be relayed to another machine. This work fine for us
>
>What I am trying to do now is to have spamassassin reject a message
>(say if the score is above 5) before it is re-injected back to
>postfix for relay. How can I accomplish this. Here is my master.cf:
Re: How to Reject Messages
Posted by Per Jessen <pe...@computer.org>.
Yoda Woda wrote:
> Here my scenario: I have postfix and spamassassin installed in a
> gateway machine. Postfix accepts incoming messages, pipes them to
> spamassassin for scoring, which then pipes them back to postfix to be
> relayed to another machine. This work fine for us
>
> What I am trying to do now is to have spamassassin reject a message
> (say if the score is above 5) before it is re-injected back to
> postfix for relay. How can I accomplish this.
Leave it to postfix to reject messages. You could use a header_check to
look at the Spam-Summary added by spamassassin.
/Per Jessen, Zürich
Re: How to Reject Messages
Posted by LEVEAU Stanislas <st...@ac-caen.fr>.
hi
use a filter as amavisd-new for example.
Spamassassin give a score and amavisd-new with this score reject or
accept a message
in amavisd.conf (file configuration) :
$sa_tag2_level_deflt = 5; (score)
$sa_kill_level_deflt = $sa_tag2_level_deflt;
$final_spam_destiny = D_DISCARD;
if a message score is equal or > 5 message is discard
regards
Yoda Woda a écrit :
> Here my scenario: I have postfix and spamassassin installed in a
> gateway machine. Postfix accepts incoming messages, pipes them to
> spamassassin for scoring, which then pipes them back to postfix to be
> relayed to another machine. This work fine for us
>
> What I am trying to do now is to have spamassassin reject a message
> (say if the score is above 5) before it is re-injected back to postfix
> for relay. How can I accomplish this. Here is my master.cf:
>
> #smtp inet n - n - - smtpd
> smtp inet n - n - - smtpd -o content_filter=spam
> spam unix - n n - - pipe user=spamd argv=/usr/bin/spamc -f -e
> /usr/sbin/sendmail.postfix -oi -f ${sender} ${recipient}
> #smtps inet n - n - - smtpd
> # -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
> #submission inet n - n - - smtpd
> # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o
> smtpd_etrn_restrictions=reject
> #628 inet n - n - - qmqpd
> pickup fifo n - n 60 1 pickup
> cleanup unix n - n - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> #qmgr fifo n - n 300 1 oqmgr
> #tlsmgr fifo - - n 300 1 tlsmgr
> rewrite unix - - n - - trivial-rewrite
> bounce unix - - n - 0 bounce
> defer unix - - n - 0 bounce
> trace unix - - n - 0 bounce
> verify unix - - n - 1 verify
> flush unix n - n 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - n - - smtp
> relay unix - - n - - smtp
> # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> showq unix n - n - - showq
> error unix - - n - - error
> #local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
--
*LEVEAU Stanislas**
*Rectorat de Caen
SIAC
168, rue Caponière
B.P. 6184
14061 CAEN Cedex
/
Service Informatique de l'académie de Caen
Département Systèmes & Réseaux/
Tel : 02.31.30.17.86