Re: prevent archiving SPAM mails
- Le 19/07/2012 10:23, Nalinda Herath a écrit :
> In my current setup, server will not discard any mail even though they arehow do you deliver the archived mail? if it's via an LDA such as dovecot
> tagged as SPAM. all the spam mails are routed to the junk folder's of each
> user. According to our policy, we cannot discard any mail, and users are
> allowed to check whether any mail has been accidentally tagged as SPAM.
> We simply BCC the emails which are received to the server by setting
> always_bcc = <email address>
or maildrop or procmail, you can create a rule to discard mail which has
a header that says it's spam (X-Spam-Flag: YES).
if you want that in postfix, then you need to do some work.
[multiple instances of postfix]
if you accept to run multiple instances (run postfix multiple times,
with different configurations etc), then make ue a specific domain for
the archive (for exemple: archive.example.com), then use transport maps
to direct such mail to its own instance. and in this instance, use
header_checks to discard mail tagged as spam.
[in a single instance]
with a single instance, you can't use routing (transport_maps) because
transport_maps is global to an instance, and you don't want to creat a
loop. but you can create a dedicated smtpd listener.
here is an example:
1- use a different domain for mail archiving. but instead of always_bcc,
I'll recommend using recipient_bcc_maps:
recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc.pcre
then in recipient_bcc.pcre, something like
add an expression for any domain you want to archive mail for.
side benefit: you have the original recipient in the bcc address!
(this assumes you have recipient_delimiter = +).
2- In your after-the-filter smtpd (assuming you are using a filter such
as amavisd-new), add a check_recipient_access to pass such mail to a
specific smtpd (that you need to add):
and in filter_bcc.hash:
archive.example.com FILTER filter:[127.0.0.1]:10624
.archive.example.com FILTER filter:[127.0.0.1]:10624
(here, I assume you start an smtpd on 10624 for such mail, and I assume
you defined a filter named "filter". this may be the same as you use to
passe your mail to your "standard" filter).
3- for the smtpd on 10624, create a cleanup service that uses a
check_headers to do
/^X\-Spam\-Flag: YES/ DISCARD
PS. instead of discarding such spam, better deliver it to a special
account which is purged more often. this gives you a chance to
re-archive a message if someone says it was a false positive... etc.
(and it gives you the content if someone claims it is a false positive
but you don't agree. of course, reading other people's mail requires
their consent and/or support by your local policy. but you almost always
can run a script to parse the Received headers and show that the message
passed via bad networks, without ever touching the body...).
debating this is however off-topic here. I only wanted you to kknow that
this is a possibility...
> I need some workaround to prevent archiving mails tagged as spam by
> On Wed, Jul 18, 2012 at 10:22 PM, Noel Jones <njones@...> wrote:
>> On 7/18/2012 11:22 AM, Nalinda Herath wrote:
>>> Hi all,
>>> Recently I have integrated spmassassin to my existing postfix
>>> system. But now I need to tune my archiving settings in postfix to
>>> prevent from archiving mails tagged as spam.
>>> It will be really helpful If someone can help me on this. Thanks.
>> General procedure -- apply anti-spam and anti-virus before the
>> archiving procedure.
>> One way to do this is to run spamassassin in a pre-queue
>> smtpd_proxy_filter or milter so only clean mail enters postfix. Or
>> with a traditional postfix after queue content_filter, do your
>> archiving in the after-filter postfix instance.
>> If you need a more specific answer, you'll need to share full
>> details of your postfix setup, your archiving procedure, and how
>> you've integrated spamassassin.
>> -- Noel Jones