291096Re: Could you help me with Postfix + MimeDefang?
- Feb 4, 2013On 2/4/2013 4:14 AM, Mark Alan wrote:
> Hello list,mimedefang works as a milter, so that's how you must interface it
> I would like to use MimeDefang to sanitize the emails that arrive
> at one of our 3 mailing lists, i.e., to convert html->text, remove
> unsafe attachments, and remove+webserve file attachments
> larger than 500KB.
> There are few tutorials on this subject and most, like Mickey Hill's
> http://www.mickeyhill.com/mimedefang-howto , ask for the installation
> of sendmail and present a config tightly coupled with sendmail
> internals (the real sendmail, not postfix's sendmail).
> Could you please provide (or point to) a couple of working examples on
> how to setup mimedefang with postfix (would it be better done as a
> transport+filter, or as milter?) and, if possible, throw some light
> on the advantages/disadvantages of each alternative?
> Thank you,
All mimedefang configuration is done within mimedefang, not within
the host mailer. So other than the few milter interface details, it
doesn't really matter if you're using sendmail(TM) or postfix.
Configuring the postfix milter interface is very easy. Although
there are a bunch of postfix milter options, most of them have
sensible defaults and will not need to be changed.
With a typical milter listening on a local TCP port, all you need is
a postfix main.cf line something like:
smtpd_milters = inet:127.0.0.1:portnum
where portnum matches where the milter application is configured to
listen. Using a local TCP port is the easiest and simplest way to
configure a milter.
Configuring postfix for a milter listening on a unix socket is similar:
smtpd_milters = unix:/path/to/socket
Figuring out the proper path and permissions can be a little tricky,
especially if postfix is running with the chroot flag set. Using a
local socket can be a little more secure, but has no performance
Full docs are here:
the config details you will mostly be interested in:
-- Noel Jones
- << Previous post in topic Next post in topic >>