Loading ...
Sorry, an error occurred while loading the content.

248409Re: After queue filter - avoid filtering forwarded mail with dspam

Expand Messages
  • mouss
    Jan 21, 2009
    • 0 Attachment
      Marcin Rzepecki a écrit :
      > Hello again,
      > To filter only incoming foreign mail with dspam i'm using access maps:
      > smtpd_sender_restrictions = reject_unknown_sender_domain
      > permit_mynetworks
      > permit_sasl_authenticated
      > check_sender_access hash:/usr/local/etc/postfix/sender_access
      > check_client_access pcre:/usr/local/etc/postfix/filter_default
      > My filter_default contains:
      > /./ FILTER lmtp:unix:/var/run/dspam/sock
      > (dspam is running as daemon and is reinjecting mail to Postfix using SMTP
      > at localhost:10026)
      > All is working as I want. But some of my users needs to be forwarded
      > to other machine (running postfix+dspam to) to avoid NFS mount, so I would
      > like to filter their mail only on destination machine. Filter is
      > triggered depend on client info/envelope from etc., so even when mail
      > needs to be forwarded it goes to dspam first.
      > Is there a possibility to trigger content filters _after_ expanding aliases
      > (virtual/local)?

      you can expand virtual aliases before the filter by moving the
      -o receive_override_options=no_address_mappings
      to the after-the-filter smtpd (you probably have it in the before-filter

      local aliases are expanded at delivery time. if you want your filter to
      run after delivery, then run it it from the MDA (maildrop, procmail,
      ...), not from postfix. but I wouldn't do this... instead, convert local
      aliases into virtual ones (but add the domain part...).

      > I would like to filter only mail which destination is local
      > machine and let the others to be forwarded untouched after expanding aliases.
      > I know I can call dspam as mailbox_command of course, but this solution has big
      > disadvantage - filtering can be bypassed by ~/.forward file, so it forbids users
      > to call their own LDA.

      if you want filtering per recipient, then you can do this in dspam
      (optin...). otherwise, you need multiple postfix instances (run postfix
      twice) in which case you can use transport_maps for filtering (instead
      of content_filter and FILTER).
    • Show all 5 messages in this topic