Loading ...
Sorry, an error occurred while loading the content.

291096Re: Could you help me with Postfix + MimeDefang?

Expand Messages
  • Noel Jones
    Feb 4, 2013
      On 2/4/2013 4:14 AM, Mark Alan wrote:
      > Hello list,
      > I would like to use MimeDefang to sanitize the emails that arrive
      > at one of our 3 mailing lists, i.e., to convert html->text, remove
      > unsafe attachments, and remove+webserve file attachments
      > larger than 500KB.
      > There are few tutorials on this subject and most, like Mickey Hill's
      > http://www.mickeyhill.com/mimedefang-howto , ask for the installation
      > of sendmail and present a config tightly coupled with sendmail
      > internals (the real sendmail, not postfix's sendmail).
      > Could you please provide (or point to) a couple of working examples on
      > how to setup mimedefang with postfix (would it be better done as a
      > transport+filter, or as milter?) and, if possible, throw some light
      > on the advantages/disadvantages of each alternative?
      > Thank you,
      > Mark

      mimedefang works as a milter, so that's how you must interface it
      with postfix.

      All mimedefang configuration is done within mimedefang, not within
      the host mailer. So other than the few milter interface details, it
      doesn't really matter if you're using sendmail(TM) or postfix.

      Configuring the postfix milter interface is very easy. Although
      there are a bunch of postfix milter options, most of them have
      sensible defaults and will not need to be changed.

      With a typical milter listening on a local TCP port, all you need is
      a postfix main.cf line something like:
      # main.cf
      smtpd_milters = inet:
      where portnum matches where the milter application is configured to
      listen. Using a local TCP port is the easiest and simplest way to
      configure a milter.

      Configuring postfix for a milter listening on a unix socket is similar:
      # main.cf
      smtpd_milters = unix:/path/to/socket
      Figuring out the proper path and permissions can be a little tricky,
      especially if postfix is running with the chroot flag set. Using a
      local socket can be a little more secure, but has no performance

      Full docs are here:
      the config details you will mostly be interested in:

      -- Noel Jones
    • Show all 10 messages in this topic