Loading ...
Sorry, an error occurred while loading the content.

Re: Body checks on incoming only

Expand Messages
  • Magnus Bäck
    On Wednesday, August 02, 2006 at 11:12 CEST, ... 1.2.3.4:smtp inet n - n - - smtpd 1.2.3.5:smtp inet n -
    Message 1 of 18 , Aug 2, 2006
    • 0 Attachment
      On Wednesday, August 02, 2006 at 11:12 CEST,
      Thomas Domingo Dahlmann <domingo@...> wrote:

      > I was thinking of the syntax when doing a second cleanup instance. But
      > thanks anyway.

      1.2.3.4:smtp inet n - n - - smtpd
      1.2.3.5:smtp inet n - n - - smtpd
      -o cleanup_service_name=foocleanup
      127.0.0.1:smtp inet n - n - - smtpd
      -o cleanup_service_name=foocleanup
      foocleanup unix n - n - 0 cleanup
      -o body_checks= -o header_checks=

      --
      Magnus Bäck
      magnus@...
    • Thomas Domingo Dahlmann
      ... Simple an beautiful - nothing like Postfix ;ø) Thx. /Domingo Registered Linux user number 411788 http://wiki.lnxgeek.org
      Message 2 of 18 , Aug 2, 2006
      • 0 Attachment
        On Wed, August 2, 2006 11:25, Magnus Bäck wrote:
        > On Wednesday, August 02, 2006 at 11:12 CEST,
        > Thomas Domingo Dahlmann <domingo@...> wrote:
        >
        >
        >> I was thinking of the syntax when doing a second cleanup instance. But
        >> thanks anyway.
        >
        > 1.2.3.4:smtp inet n - n - - smtpd
        > 1.2.3.5:smtp inet n - n - - smtpd
        > -o cleanup_service_name=foocleanup
        > 127.0.0.1:smtp inet n - n - - smtpd
        > -o cleanup_service_name=foocleanup
        > foocleanup unix n - n - 0 cleanup -o
        > body_checks= -o header_checks=

        Simple an beautiful - nothing like Postfix ;ø)
        Thx.


        /Domingo
        Registered Linux user number 411788
        http://wiki.lnxgeek.org


        >
        > --
        > Magnus Bäck
        > magnus@...
        >
        > !DSPAM:44d0704c187997389134864!
        >
        >
        >
      • Alex Palenschat
        ... I am trying to do this same thing and bypass the content filter as well. But the difference with my situation is that my postfix is configured as an email
        Message 3 of 18 , Aug 2, 2006
        • 0 Attachment
          > I have a How-To at
          > http://www.seaglass.com/postfix/turning_off_body_checks.html that
          > describes this second option.

          > Kyle

          I am trying to do this same thing and bypass the content filter as well.
          But the difference with my situation is that my postfix is configured as
          an email firewall/gateway. I have two interfaces, one with a public IP
          and one an internal IP. If I use inet_interfaces to only have postfix
          listen on the public IP then it can't forward mail to the internal MDAs.


          I have tried reading the docs on inet_interfaces and
          receive_override_options but don't seem to be getting it.
          If I specify:

          /etc/postfix/main.cf
          inet_interfaces = all

          and in master.cf

          <Public IP>:smtp inet n - n - - smtpd

          And

          <Internal IP>:smtp inet n - n - - smtpd
          -o content_filter=
          -o receive_override_options=no_header_body_checks

          Will I accomplish having all external email filtered but all outbound
          (mail from users) not filtered? Or will this confuse postfix and I need
          to run two separate instances?

          alex
        • Noel Jones
          ... The above sample config looks correct, and should do what you want. Postfix supports multiple smtpd listeners with different settings; that s a fairly
          Message 4 of 18 , Aug 2, 2006
          • 0 Attachment
            At 03:00 PM 8/2/2006, Alex Palenschat wrote:
            >I am trying to do this same thing and bypass the content
            >filter as well.
            >But the difference with my situation is that my postfix is
            >configured as
            >an email firewall/gateway. I have two interfaces, one with
            >a public IP
            >and one an internal IP. If I use inet_interfaces to only
            >have postfix
            >listen on the public IP then it can't forward mail to the
            >internal MDAs.
            >
            >
            >I have tried reading the docs on inet_interfaces and
            >receive_override_options but don't seem to be getting it.
            >If I specify:
            >
            >/etc/postfix/main.cf
            >inet_interfaces = all
            >
            >and in master.cf
            >
            ><Public IP>:smtp inet n - n - - smtpd
            >
            >And
            >
            ><Internal IP>:smtp inet n - n - - smtpd
            > -o content_filter=
            > -o receive_override_options=no_header_body_checks
            >
            >Will I accomplish having all external email filtered but
            >all outbound
            >(mail from users) not filtered? Or will this confuse
            >postfix and I need
            >to run two separate instances?
            >
            >alex

            The above sample config looks correct, and should do what
            you want. Postfix supports multiple smtpd listeners with
            different settings; that's a fairly common setup. You only
            need multiple postfix instances if a) you need different
            transport maps, b) the gyrations in master.cf become so
            obtuse that the administrator cannot follow it, c) you want
            to separate the logging.

            --
            Noel Jones
          • Kyle Dent
            ... One smtpd instance listens on the public interface and a second smtpd instance listens on the internal one. ... You probably don t have to specify the
            Message 5 of 18 , Aug 2, 2006
            • 0 Attachment
              Alex Palenschat wrote:
              >> I have a How-To at
              >> http://www.seaglass.com/postfix/turning_off_body_checks.html that
              >> describes this second option.
              >
              >> Kyle
              >
              > I am trying to do this same thing and bypass the content filter as well.
              > But the difference with my situation is that my postfix is configured as
              > an email firewall/gateway. I have two interfaces, one with a public IP
              > and one an internal IP. If I use inet_interfaces to only have postfix
              > listen on the public IP then it can't forward mail to the internal MDAs.

              One smtpd instance listens on the public interface and a second smtpd
              instance listens on the internal one.

              > I have tried reading the docs on inet_interfaces and
              > receive_override_options but don't seem to be getting it.
              > If I specify:
              >
              > /etc/postfix/main.cf
              > inet_interfaces = all
              >
              > and in master.cf
              >
              > <Public IP>:smtp inet n - n - - smtpd
              >
              > And
              >
              > <Internal IP>:smtp inet n - n - - smtpd
              > -o content_filter=
              > -o receive_override_options=no_header_body_checks
              >
              > Will I accomplish having all external email filtered but all outbound
              > (mail from users) not filtered? Or will this confuse postfix and I need
              > to run two separate instances?

              You probably don't have to specify the public IP address in master.cf.
              Otherwise, this should do what you want.

              Kyle
            • mouss
              ... That said, using multiple instances is cleaner, provided you find the overhead of managing multiple instances (write a script to start/stop/postqueue/...
              Message 6 of 18 , Aug 2, 2006
              • 0 Attachment
                Thomas Domingo Dahlmann wrote:
                > On Wed, August 2, 2006 11:25, Magnus Bäck wrote:
                >
                >> On Wednesday, August 02, 2006 at 11:12 CEST,
                >> Thomas Domingo Dahlmann <domingo@...> wrote:
                >>
                >>
                >>
                >>> I was thinking of the syntax when doing a second cleanup instance. But
                >>> thanks anyway.
                >>>
                >> 1.2.3.4:smtp inet n - n - - smtpd
                >> 1.2.3.5:smtp inet n - n - - smtpd
                >> -o cleanup_service_name=foocleanup
                >> 127.0.0.1:smtp inet n - n - - smtpd
                >> -o cleanup_service_name=foocleanup
                >> foocleanup unix n - n - 0 cleanup -o
                >> body_checks= -o header_checks=
                >>
                >
                > Simple an beautiful - nothing like Postfix ;ø)
                > Thx.
                >
                That said, using multiple instances is cleaner, provided you find the
                overhead of managing multiple instances (write a script to
                start/stop/postqueue/... etc) but once this is done, you'll get the
                benefits of simple configuration (no more -o in master.cf, different
                syslog names, ...).
              • mouss
                ... we use the term instance for different instances of postfix: ie when your run postfix multiple times with different config dirs and queue dirs.
                Message 7 of 18 , Aug 2, 2006
                • 0 Attachment
                  Kyle Dent wrote:
                  >> I am trying to do this same thing and bypass the content filter as well.
                  >> But the difference with my situation is that my postfix is configured as
                  >> an email firewall/gateway. I have two interfaces, one with a public IP
                  >> and one an internal IP. If I use inet_interfaces to only have postfix
                  >> listen on the public IP then it can't forward mail to the internal MDAs.
                  >
                  > One smtpd instance listens on the public interface and a second smtpd
                  > instance listens on the internal one.
                  >
                  <nitpick>
                  we use the term instance for different instances of postfix: ie when
                  your run postfix multiple times with different config dirs and queue dirs.
                  if using multiple smtpd in one master.cf, the term "multiple listeners"
                  or "multiple smtpd listeners" is used
                  </nitpick>
                Your message has been successfully submitted and would be delivered to recipients shortly.