Loading ...
Sorry, an error occurred while loading the content.

Postfix antispam in combination with fetchmail?

Expand Messages
  • Jef Driesen
    I m working to setup an internal mailserver (postfix + dovecot) for a small home network. Unfortunately, my ISP does block incoming traffic at all ports below
    Message 1 of 16 , Apr 24 5:34 AM
    View Source
    • 0 Attachment
      I'm working to setup an internal mailserver (postfix + dovecot) for a
      small home network. Unfortunately, my ISP does block incoming traffic at
      all ports below 1024 (including smtp). So I use fetchmail to download
      email from the mailbox at my ISP.

      This setup works pretty well, and I would like to add some antispam
      filtering within postfix (and probably spamassassin too). Can I still
      use all restrictions like reject_rbl_* ? Because in my case all messages
      will come from "localhost" with fetchmail.
    • Niels Huylebroeck
      ... Hash: SHA1 ... If you re lucky your ISP does some sort of spam check already, try and read the headers. If you find anything useful to block on, use
      Message 2 of 16 , Apr 24 5:49 AM
      View Source
      • 0 Attachment
        -----BEGIN PGP SIGNED MESSAGE-----
        Hash: SHA1

        Jef Driesen wrote:
        > I'm working to setup an internal mailserver (postfix + dovecot) for a
        > small home network. Unfortunately, my ISP does block incoming traffic at
        > all ports below 1024 (including smtp). So I use fetchmail to download
        > email from the mailbox at my ISP.
        >
        > This setup works pretty well, and I would like to add some antispam
        > filtering within postfix (and probably spamassassin too). Can I still
        > use all restrictions like reject_rbl_* ? Because in my case all messages
        > will come from "localhost" with fetchmail.

        If you're lucky your ISP does some sort of spam check already, try and
        read the headers. If you find anything useful to block on, use
        header_checks (http://www.postfix.org/header_checks.5.html).

        I know I got to work this just fine (my setup takes a single mailbox
        where I can't configure SpamAssassin well enough to discard the mails)


        - --
        Vriendelijke groeten, ^ Bubbles IT
        ^ Oude Heerweg 175
        Niels Huylebroeck ^ 9160 Lokeren, Belgie
        Systeembeheerder, Programmeur ^ Tel: +32(0)9/355 13 31
        niels@... ^ Fax: +32(0)9/355 13 41

        .. Key : http://www.bubbles-it.be/pgp/niels.asc ..
        .. Fingerprint : 3885 CC0B C7A4 78CC 47DE 47AF 896A 6C40 80FA AF0F ..
        .. Keyserver : http://pgp.mit.edu Key-ID : 0x80FAAF0F ..

        A diplomat is a person who can tell you to go to hell in such a way
        that you actually look forward to the trip.
        - - Caskie Stinnett, "Out of the Red"
        -----BEGIN PGP SIGNATURE-----
        Version: GnuPG v1.4.2.2 (MingW32)
        Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

        iD8DBQFETMluiWpsQID6rw8RApQwAJ0Yy1lE9b9DYdYGW+wpFvMOeyVpJACgh7eP
        Avr5EpUnsOB6jwa0Mrv1dqQ=
        =+Kjc
        -----END PGP SIGNATURE-----
      • Jef Driesen
        ... I can activate a spamfilter from my ISP (www.telenet.be), but I have only 3 choices (discard, mark with [SPAM] in the subject or no filter at all). But I
        Message 3 of 16 , Apr 24 6:09 AM
        View Source
        • 0 Attachment
          Niels Huylebroeck wrote:
          > Jef Driesen wrote:
          >> I'm working to setup an internal mailserver (postfix + dovecot) for a
          >> small home network. Unfortunately, my ISP does block incoming traffic at
          >> all ports below 1024 (including smtp). So I use fetchmail to download
          >> email from the mailbox at my ISP.
          >>
          >> This setup works pretty well, and I would like to add some antispam
          >> filtering within postfix (and probably spamassassin too). Can I still
          >> use all restrictions like reject_rbl_* ? Because in my case all messages
          >> will come from "localhost" with fetchmail.
          >
          > If you're lucky your ISP does some sort of spam check already, try and
          > read the headers. If you find anything useful to block on, use
          > header_checks (http://www.postfix.org/header_checks.5.html).
          >
          > I know I got to work this just fine (my setup takes a single mailbox
          > where I can't configure SpamAssassin well enough to discard the mails)

          I can activate a spamfilter from my ISP (www.telenet.be), but I have
          only 3 choices (discard, mark with "[SPAM]" in the subject or no filter
          at all). But I don't like any of these options. I would like to have
          more control myself.
        • Niels Huylebroeck
          ... Hash: SHA1 ... You could just let them mark it, then check your headers and see the url I linked to to see what you can make Postfix do with the marked
          Message 4 of 16 , Apr 24 7:11 AM
          View Source
          • 0 Attachment
            -----BEGIN PGP SIGNED MESSAGE-----
            Hash: SHA1

            Jef Driesen wrote:
            > Niels Huylebroeck wrote:
            >> Jef Driesen wrote:
            >>> I'm working to setup an internal mailserver (postfix + dovecot) for a
            >>> small home network. Unfortunately, my ISP does block incoming traffic at
            >>> all ports below 1024 (including smtp). So I use fetchmail to download
            >>> email from the mailbox at my ISP.
            >>>
            >>> This setup works pretty well, and I would like to add some antispam
            >>> filtering within postfix (and probably spamassassin too). Can I still
            >>> use all restrictions like reject_rbl_* ? Because in my case all messages
            >>> will come from "localhost" with fetchmail.
            >>
            >> If you're lucky your ISP does some sort of spam check already, try and
            >> read the headers. If you find anything useful to block on, use
            >> header_checks (http://www.postfix.org/header_checks.5.html).
            >>
            >> I know I got to work this just fine (my setup takes a single mailbox
            >> where I can't configure SpamAssassin well enough to discard the mails)
            >
            > I can activate a spamfilter from my ISP (www.telenet.be), but I have
            > only 3 choices (discard, mark with "[SPAM]" in the subject or no filter
            > at all). But I don't like any of these options. I would like to have
            > more control myself.

            You could just let them mark it, then check your headers and see the url
            I linked to to see what you can make Postfix do with the marked messages.

            You could make postfix just hold it and then manually release if you want.

            Other solutions are putting in a complete spamassassin with amavisd-new
            (my personal favorite) so it does both virus-checking (and stop bank
            scams if you use clamav) and spam control.

            I'll admit it isn't the easiest task to do but if you're up for some
            learning and experimentation this would be the way to go.

            For faster solutions, header_checks is about the only one I can think of.

            - --
            Vriendelijke groeten, ^ Bubbles IT
            ^ Oude Heerweg 175
            Niels Huylebroeck ^ 9160 Lokeren, Belgie
            Systeembeheerder, Programmeur ^ Tel: +32(0)9/355 13 31
            niels@... ^ Fax: +32(0)9/355 13 41

            .. Key : http://www.bubbles-it.be/pgp/niels.asc ..
            .. Fingerprint : 3885 CC0B C7A4 78CC 47DE 47AF 896A 6C40 80FA AF0F ..
            .. Keyserver : http://pgp.mit.edu Key-ID : 0x80FAAF0F ..

            A diplomat is a person who can tell you to go to hell in such a way
            that you actually look forward to the trip.
            - - Caskie Stinnett, "Out of the Red"
            -----BEGIN PGP SIGNATURE-----
            Version: GnuPG v1.4.2.2 (MingW32)
            Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

            iD8DBQFETNyUiWpsQID6rw8RApD7AJ9BxJKIlSsu4ZWj3b71kP0ZKmWxZgCfSCEX
            ad6L9BPDzW941pMtSn6YWLE=
            =kNgO
            -----END PGP SIGNATURE-----
          • Jef Driesen
            ... My ISP only offers to mark the subject with [SPAM] . And that is very annoying with false positives. And it is also very black/white. A separate header
            Message 5 of 16 , Apr 24 7:44 AM
            View Source
            • 0 Attachment
              Niels Huylebroeck wrote:
              > Jef Driesen wrote:
              >> Niels Huylebroeck wrote:
              >>> Jef Driesen wrote:
              >>>> I'm working to setup an internal mailserver (postfix + dovecot) for a
              >>>> small home network. Unfortunately, my ISP does block incoming traffic at
              >>>> all ports below 1024 (including smtp). So I use fetchmail to download
              >>>> email from the mailbox at my ISP.
              >>>>
              >>>> This setup works pretty well, and I would like to add some antispam
              >>>> filtering within postfix (and probably spamassassin too). Can I still
              >>>> use all restrictions like reject_rbl_* ? Because in my case all messages
              >>>> will come from "localhost" with fetchmail.
              >>>
              >>> If you're lucky your ISP does some sort of spam check already, try and
              >>> read the headers. If you find anything useful to block on, use
              >>> header_checks (http://www.postfix.org/header_checks.5.html).
              >>>
              >>> I know I got to work this just fine (my setup takes a single mailbox
              >>> where I can't configure SpamAssassin well enough to discard the mails)
              >> I can activate a spamfilter from my ISP (www.telenet.be), but I have
              >> only 3 choices (discard, mark with "[SPAM]" in the subject or no filter
              >> at all). But I don't like any of these options. I would like to have
              >> more control myself.
              >
              > You could just let them mark it, then check your headers and see the url
              > I linked to to see what you can make Postfix do with the marked messages.

              My ISP only offers to mark the subject with "[SPAM]". And that is very
              annoying with false positives. And it is also very black/white. A
              separate header would be much better, but that is not an option with my ISP.

              > You could make postfix just hold it and then manually release if you want.

              What do you mean by this? Leaving the message in the queue and check it
              manually? Seems even more work then manually deleting spam from the MUA.

              > Other solutions are putting in a complete spamassassin with amavisd-new
              > (my personal favorite) so it does both virus-checking (and stop bank
              > scams if you use clamav) and spam control.
              >
              > I'll admit it isn't the easiest task to do but if you're up for some
              > learning and experimentation this would be the way to go.

              That is also what I would like to do. At the moment I'm reading all
              kinds of documentation and howtos. A little bit of experimentation does
              not hurt :-)

              > For faster solutions, header_checks is about the only one I can think of.
            • Noel Jones
              ... None of the reject_* options will work when mail arrives from localhost. Your best option is to use spamassassin to scan mail locally and either mark,
              Message 6 of 16 , Apr 24 8:25 AM
              View Source
              • 0 Attachment
                At 07:34 AM 4/24/2006, Jef Driesen wrote:
                >I'm working to setup an internal mailserver (postfix +
                >dovecot) for a small home network. Unfortunately, my ISP
                >does block incoming traffic at all ports below 1024
                >(including smtp). So I use fetchmail to download email
                >from the mailbox at my ISP.
                >
                >This setup works pretty well, and I would like to add some
                >antispam filtering within postfix (and probably
                >spamassassin too). Can I still use all restrictions like
                >reject_rbl_* ? Because in my case all messages will come
                >from "localhost" with fetchmail.

                None of the reject_* options will work when mail arrives
                from localhost.
                Your best option is to use spamassassin to scan mail
                locally and either mark, quarantine, or discard
                spam. Don't reject mail from postfix, that will cause
                backscatter.

                --
                Noel Jones
              • Niels Huylebroeck
                ... Hash: SHA1 ... I have this document I made myself describing all the steps needed to do a Postfix+Amavisd-new+Clamav setup. The thing is it s on our
                Message 7 of 16 , Apr 24 8:40 AM
                View Source
                • 0 Attachment
                  -----BEGIN PGP SIGNED MESSAGE-----
                  Hash: SHA1



                  Jef Driesen wrote:
                  > That is also what I would like to do. At the moment I'm reading all
                  > kinds of documentation and howtos. A little bit of experimentation does
                  > not hurt :-)

                  I have this document I made myself describing all the steps needed to do
                  a Postfix+Amavisd-new+Clamav setup. The thing is it's on our internal
                  wiki server and I'm pondering how I could get you a copy.

                  I lack of further inspiration, here's the zip file with the saved page.

                  If there is any trouble receiving this file please let me know as I'm
                  currently not sure cause I keep getting these I DID NOT RECEIVE YOUR
                  E-MAIL TO In-Reply-<e2iio1$hup$1@...> mails from notify@...
                  I have no idea where these came from and since my messages get shown
                  alright I refuse to answer to them.

                  - --
                  Vriendelijke groeten, ^ Bubbles IT
                  ^ Oude Heerweg 175
                  Niels Huylebroeck ^ 9160 Lokeren, Belgie
                  Systeembeheerder, Programmeur ^ Tel: +32(0)9/355 13 31
                  niels@... ^ Fax: +32(0)9/355 13 41

                  .. Key : http://www.bubbles-it.be/pgp/niels.asc ..
                  .. Fingerprint : 3885 CC0B C7A4 78CC 47DE 47AF 896A 6C40 80FA AF0F ..
                  .. Keyserver : http://pgp.mit.edu Key-ID : 0x80FAAF0F ..

                  A diplomat is a person who can tell you to go to hell in such a way
                  that you actually look forward to the trip.
                  - - Caskie Stinnett, "Out of the Red"
                  -----BEGIN PGP SIGNATURE-----
                  Version: GnuPG v1.4.2.2 (MingW32)
                  Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

                  iD8DBQFETPGHiWpsQID6rw8RAp2SAJ9cPlSD75ui/0tKTznKw5KLUqPB0wCfSp+v
                  n7OAZu4P16BD6GU6llgc1/I=
                  =Ye4L
                  -----END PGP SIGNATURE-----
                • Jef Driesen
                  ... The reason why I would like to use reject_* options is the ability to remove spam from the pop3 server. I leave the mail on the server for a few days, to
                  Message 8 of 16 , Apr 24 10:43 AM
                  View Source
                  • 0 Attachment
                    Noel Jones wrote:
                    > At 07:34 AM 4/24/2006, Jef Driesen wrote:
                    >> I'm working to setup an internal mailserver (postfix + dovecot) for a
                    >> small home network. Unfortunately, my ISP does block incoming traffic
                    >> at all ports below 1024 (including smtp). So I use fetchmail to
                    >> download email from the mailbox at my ISP.
                    >>
                    >> This setup works pretty well, and I would like to add some antispam
                    >> filtering within postfix (and probably spamassassin too). Can I still
                    >> use all restrictions like reject_rbl_* ? Because in my case all
                    >> messages will come from "localhost" with fetchmail.
                    >
                    > None of the reject_* options will work when mail arrives from localhost.
                    > Your best option is to use spamassassin to scan mail locally and either
                    > mark, quarantine, or discard spam. Don't reject mail from postfix, that
                    > will cause backscatter.

                    The reason why I would like to use reject_* options is the ability to
                    remove spam from the pop3 server. I leave the mail on the server for a
                    few days, to be able to access my email on a another PC (at work) also.
                    Fetchmail has an option to only remove rejected mail from the server
                    (option 'keep' together with 'antispam <reject_code>'). Combined with
                    'no spambounce', this should disable the backscatter.
                  • Noel Jones
                    ... When mail arrives from localhost, you re limited in choices to reject the mail. Postfix doesn t have access to the (original) client IP, hostname or helo
                    Message 9 of 16 , Apr 24 11:14 AM
                    View Source
                    • 0 Attachment
                      At 12:43 PM 4/24/2006, Jef Driesen wrote:
                      >Noel Jones wrote:
                      >>At 07:34 AM 4/24/2006, Jef Driesen wrote:
                      >>>I'm working to setup an internal mailserver (postfix +
                      >>>dovecot) for a small home network. Unfortunately, my ISP
                      >>>does block incoming traffic at all ports below 1024
                      >>>(including smtp). So I use fetchmail to download email
                      >>>from the mailbox at my ISP.
                      >>>
                      >>>This setup works pretty well, and I would like to add
                      >>>some antispam filtering within postfix (and probably
                      >>>spamassassin too). Can I still use all restrictions like
                      >>>reject_rbl_* ? Because in my case all messages will come
                      >>>from "localhost" with fetchmail.
                      >>None of the reject_* options will work when mail arrives
                      >>from localhost.
                      >>Your best option is to use spamassassin to scan mail
                      >>locally and either mark, quarantine, or discard
                      >>spam. Don't reject mail from postfix, that will cause
                      >>backscatter.
                      >
                      >The reason why I would like to use reject_* options is the
                      >ability to remove spam from the pop3 server. I leave the
                      >mail on the server for a few days, to be able to access my
                      >email on a another PC (at work) also. Fetchmail has an
                      >option to only remove rejected mail from the server
                      >(option 'keep' together with 'antispam <reject_code>').
                      >Combined with 'no spambounce', this should disable the
                      >backscatter.

                      When mail arrives from localhost, you're limited in choices
                      to reject the mail. Postfix doesn't have access to the
                      (original) client IP, hostname or helo name, so the most
                      effective anti-spam controls won't work. However, you can
                      still reject based on the sender domain, most notably
                      reject_rhsbl_sender and reject_unknown_sender_domain.
                      http://www.postfix.org/uce.html#smtpd_sender_restrictions
                      Other than that, you're limited to header_checks and
                      body_checks.

                      You might consider using a pre-queue smtpd_proxy_filter
                      that runs spamassassin, such as amavisd-new. While
                      pre-queue mode is not officially supported by amavisd-new,
                      it seems to work OK for low-volume sites and quite a few
                      folks use it this way. There may be other pre-queue
                      filters that can use spamassassin, check the
                      www.postfix.org addon software page.


                      --
                      Noel Jones
                    • Jef Driesen
                      ... After reading some documentation, I decided to go for an external content filter (spamassassin and clamav). I read I have two options, a before-queue or an
                      Message 10 of 16 , Apr 28 2:26 AM
                      View Source
                      • 0 Attachment
                        Jef Driesen wrote:
                        > I'm working to setup an internal mailserver (postfix + dovecot) for a
                        > small home network. Unfortunately, my ISP does block incoming traffic at
                        > all ports below 1024 (including smtp). So I use fetchmail to download
                        > email from the mailbox at my ISP.
                        >
                        > This setup works pretty well, and I would like to add some antispam
                        > filtering within postfix (and probably spamassassin too). Can I still
                        > use all restrictions like reject_rbl_* ? Because in my case all messages
                        > will come from "localhost" with fetchmail.

                        After reading some documentation, I decided to go for an external
                        content filter (spamassassin and clamav). I read I have two options, a
                        before-queue or an after-queue filter. Or are there other alternatives?
                        And which one is best suited for my setup (advantages/disadvantages)?

                        Maybe a little off topic here, but I also read about how sendmail does
                        content filtering using the milter interface. Based on my reading this
                        is more or less equivalent with a postfix before-queue filter? If that
                        is correct, why don't I see recommendations against this technique (like
                        for postfix) with heavy-weight filters?
                      • Simon Waters
                        ... In general it is better to filter before queuing, as it is more apparent what to do if you detect email you don t think you want. ... The SMTP transaction
                        Message 11 of 16 , Apr 28 2:42 AM
                        View Source
                        • 0 Attachment
                          On Friday 28 Apr 2006 10:26, Jef Driesen wrote:
                          >
                          > After reading some documentation, I decided to go for an external
                          > content filter (spamassassin and clamav). I read I have two options, a
                          > before-queue or an after-queue filter. Or are there other alternatives?

                          In general it is better to filter before queuing, as it is more apparent what
                          to do if you detect email you don't think you want.

                          > And which one is best suited for my setup (advantages/disadvantages)?

                          The SMTP transaction is already completed by your ISP, whatever you do is
                          already "post queue".

                          Your only polite option is to flag email as spam and file in a separate
                          folder, most email clients will do this for you these days, you don't need
                          Postfix to do that.

                          I think you are making the set up over elaborate.
                        • Jef Driesen
                          ... I understand that. But I also read before-queue is not recommended with heavy-weight filters (what is considered heavy-weight anyway?). ... I know that I
                          Message 12 of 16 , Apr 28 3:14 AM
                          View Source
                          • 0 Attachment
                            Simon Waters wrote:
                            > On Friday 28 Apr 2006 10:26, Jef Driesen wrote:
                            >> After reading some documentation, I decided to go for an external
                            >> content filter (spamassassin and clamav). I read I have two options, a
                            >> before-queue or an after-queue filter. Or are there other alternatives?
                            >
                            > In general it is better to filter before queuing, as it is more apparent what
                            > to do if you detect email you don't think you want.

                            I understand that. But I also read before-queue is not recommended with
                            heavy-weight filters (what is considered heavy-weight anyway?).

                            >> And which one is best suited for my setup (advantages/disadvantages)?
                            >
                            > The SMTP transaction is already completed by your ISP, whatever you do is
                            > already "post queue".
                            >
                            > Your only polite option is to flag email as spam and file in a separate
                            > folder, most email clients will do this for you these days, you don't need
                            > Postfix to do that.
                            >
                            > I think you are making the set up over elaborate.

                            I know that I can do the spam detection in my email client (thunderbird
                            here). That's how I do it now and it works relatively well with only one
                            PC. But I want to be able to access my mailbox from other PCs as well.
                            That's why I want to setup an internal mailserver, where I can access
                            the mailbox over imap. And then I could as well adding the spam/virus
                            detection at the server level.
                          • Simon Waters
                            ... Anything that stops you keeping up with peak demand. Typically detailed content inspection such as virus checkers, and things requiring multiple DNS
                            Message 13 of 16 , Apr 28 3:30 AM
                            View Source
                            • 0 Attachment
                              On Friday 28 Apr 2006 11:14, Jef Driesen wrote:
                              >
                              > I understand that. But I also read before-queue is not recommended with
                              > heavy-weight filters (what is considered heavy-weight anyway?).

                              Anything that stops you keeping up with peak demand.

                              Typically detailed content inspection such as virus checkers, and things
                              requiring multiple DNS lookups or access to remote network resources, like
                              the spam assassin network checks (which check many RBLs).

                              In many ways unpredicable delays (like DNS) are a bigger problem than "heavy
                              weight", as you can always buy more hardware if you really want to filter
                              before queuing (and I do!).

                              > > I think you are making the set up over elaborate.
                              >
                              > I know that I can do the spam detection in my email client (thunderbird
                              > here). That's how I do it now and it works relatively well with only one
                              > PC. But I want to be able to access my mailbox from other PCs as well.
                              > That's why I want to setup an internal mailserver, where I can access
                              > the mailbox over imap. And then I could as well adding the spam/virus
                              > detection at the server level.

                              Pipe into spamassassin via .procmailrc ? Worked reasonably well here for a
                              long time before with braved greylisting and RBLs, and took advantage of the
                              fact we are terminating the SMTP transaction.
                            • mouss
                              ... The advantage of using postfix instead is that your mail is queued quickly, so fetchmail doesn t need to keep the connection with the pop/imap server open
                              Message 14 of 16 , Apr 28 10:01 AM
                              View Source
                              • 0 Attachment
                                Simon Waters wrote:
                                >>> I think you are making the set up over elaborate.
                                >>>
                                >> I know that I can do the spam detection in my email client (thunderbird
                                >> here). That's how I do it now and it works relatively well with only one
                                >> PC. But I want to be able to access my mailbox from other PCs as well.
                                >> That's why I want to setup an internal mailserver, where I can access
                                >> the mailbox over imap. And then I could as well adding the spam/virus
                                >> detection at the server level.
                                >>
                                >
                                > Pipe into spamassassin via .procmailrc ? Worked reasonably well here for a
                                > long time before with braved greylisting and RBLs, and took advantage of the
                                > fact we are terminating the SMTP transaction.
                                >

                                The advantage of using postfix instead is that your mail is queued
                                quickly, so fetchmail doesn't need to keep the connection with the
                                pop/imap server open until mail is filtered. Now, this doesn't seem to
                                be what the OP is asking for as he apparently wants to keep a copy of
                                non-spam mail on the pop/imap server.

                                If the OP can make sure the right error is given back to fetchmail, then
                                procmail/maildrop is probably the right way. Otherwise, using an MTA (+
                                forward mail to another address to be able to read it from other places)
                                may be another solution.
                              • Jef Driesen
                                ... Do you mean calling procmail directly from fetchmail? Or with a MTA (postfix) in between?
                                Message 15 of 16 , May 1, 2006
                                View Source
                                • 0 Attachment
                                  Simon Waters wrote:
                                  >>> I think you are making the set up over elaborate.
                                  >> I know that I can do the spam detection in my email client (thunderbird
                                  >> here). That's how I do it now and it works relatively well with only one
                                  >> PC. But I want to be able to access my mailbox from other PCs as well.
                                  >> That's why I want to setup an internal mailserver, where I can access
                                  >> the mailbox over imap. And then I could as well adding the spam/virus
                                  >> detection at the server level.
                                  >
                                  > Pipe into spamassassin via .procmailrc ? Worked reasonably well here for a
                                  > long time before with braved greylisting and RBLs, and took advantage of the
                                  > fact we are terminating the SMTP transaction.

                                  Do you mean calling procmail directly from fetchmail? Or with a MTA
                                  (postfix) in between?
                                • Jef Driesen
                                  ... Leaving the non-spam on the pop server is not absolutely required, but rather a nice thing to have. Forwarding to another address has the downside that
                                  Message 16 of 16 , May 1, 2006
                                  View Source
                                  • 0 Attachment
                                    mouss wrote:
                                    > Simon Waters wrote:
                                    >>>> I think you are making the set up over elaborate.
                                    >>>>
                                    >>> I know that I can do the spam detection in my email client (thunderbird
                                    >>> here). That's how I do it now and it works relatively well with only one
                                    >>> PC. But I want to be able to access my mailbox from other PCs as well.
                                    >>> That's why I want to setup an internal mailserver, where I can access
                                    >>> the mailbox over imap. And then I could as well adding the spam/virus
                                    >>> detection at the server level.
                                    >>>
                                    >>
                                    >> Pipe into spamassassin via .procmailrc ? Worked reasonably well here
                                    >> for a long time before with braved greylisting and RBLs, and took
                                    >> advantage of the fact we are terminating the SMTP transaction.
                                    >>
                                    >
                                    > The advantage of using postfix instead is that your mail is queued
                                    > quickly, so fetchmail doesn't need to keep the connection with the
                                    > pop/imap server open until mail is filtered. Now, this doesn't seem to
                                    > be what the OP is asking for as he apparently wants to keep a copy of
                                    > non-spam mail on the pop/imap server.
                                    >
                                    > If the OP can make sure the right error is given back to fetchmail, then
                                    > procmail/maildrop is probably the right way. Otherwise, using an MTA (+
                                    > forward mail to another address to be able to read it from other places)
                                    > may be another solution.

                                    Leaving the non-spam on the pop server is not absolutely required, but
                                    rather a nice thing to have. Forwarding to another address has the
                                    downside that every (non-spam) message has to be re-send, and my upload
                                    speed/volume is rather limited by my isp.
                                  Your message has been successfully submitted and would be delivered to recipients shortly.