Loading ...
Sorry, an error occurred while loading the content.

Bypassing amavis

Expand Messages
  • Nikolaos Milas
    Hello, We are using amavis on top of Postfix 2.9.4, integrated as usual: main.cf: content_filter = smtp-amavis:[127.0.0.1]:10024 master.cf: smtp-amavis unix -
    Message 1 of 7 , Feb 20, 2013
    • 0 Attachment
      Hello,

      We are using amavis on top of Postfix 2.9.4, integrated as usual:

      main.cf:

      content_filter = smtp-amavis:[127.0.0.1]:10024

      master.cf:

      smtp-amavis unix - - n - 2 lmtp
      -o smtp_data_done_timeout=1200
      -o smtp_send_xforward_command=yes
      -o disable_dns_lookups=yes
      -o max_use=20


      127.0.0.1:10025 inet n - n - - smtpd
      -o content_filter=
      -o local_recipient_maps=
      -o relay_recipient_maps=
      -o smtpd_restriction_classes=
      -o smtpd_delay_reject=no
      -o smtpd_client_restrictions=permit_mynetworks,reject
      -o smtpd_helo_restrictions=
      -o smtpd_sender_restrictions=
      -o smtpd_recipient_restrictions=permit_mynetworks,reject
      -o smtpd_data_restrictions=reject_unauth_pipelining
      -o smtpd_end_of_data_restrictions=
      -o mynetworks=127.0.0.0/8
      -o smtpd_error_sleep_time=0
      -o smtpd_soft_error_limit=1001
      -o smtpd_hard_error_limit=1000
      -o smtpd_client_connection_count_limit=0
      -o smtpd_client_connection_rate_limit=0
      -o
      receive_override_options=no_header_body_checks,no_unknown_recipient_checks

      Can we bypass amavis for particular messages? For example, we want to
      whitelist a number of complete envelope sender addresses and sender
      domains. This can be done only in amavis, or we can bypass amavis
      entirely, by properly configuring Postfix? (And if yes, how?)

      Thanks,
      Nick
    • Benny Pedersen
      ... smtp vs lmtp ... see amavisd sql/ldap whitelist/blacklist or add it staticly to amavisd.conf
      Message 2 of 7 , Feb 20, 2013
      • 0 Attachment
        Nikolaos Milas skrev den 2013-02-20 12:01:
        > Hello,
        >
        > We are using amavis on top of Postfix 2.9.4, integrated as usual:
        >
        > main.cf:
        >
        > content_filter = smtp-amavis:[127.0.0.1]:10024
        >
        > master.cf:
        >
        > smtp-amavis unix - - n - 2 lmtp
        ^^^^
        > -o smtp_data_done_timeout=1200
        > -o smtp_send_xforward_command=yes

        smtp vs lmtp

        > -o disable_dns_lookups=yes
        > -o max_use=20
        >
        >
        > 127.0.0.1:10025 inet n - n - - smtpd
        > -o content_filter=
        > -o local_recipient_maps=
        > -o relay_recipient_maps=
        > -o smtpd_restriction_classes=
        > -o smtpd_delay_reject=no
        > -o smtpd_client_restrictions=permit_mynetworks,reject
        > -o smtpd_helo_restrictions=
        > -o smtpd_sender_restrictions=
        > -o smtpd_recipient_restrictions=permit_mynetworks,reject
        > -o smtpd_data_restrictions=reject_unauth_pipelining
        > -o smtpd_end_of_data_restrictions=
        > -o mynetworks=127.0.0.0/8
        > -o smtpd_error_sleep_time=0
        > -o smtpd_soft_error_limit=1001
        > -o smtpd_hard_error_limit=1000
        > -o smtpd_client_connection_count_limit=0
        > -o smtpd_client_connection_rate_limit=0
        > -o
        >
        > receive_override_options=no_header_body_checks,no_unknown_recipient_checks
        >
        > Can we bypass amavis for particular messages? For example, we want to
        > whitelist a number of complete envelope sender addresses and sender
        > domains. This can be done only in amavis, or we can bypass amavis
        > entirely, by properly configuring Postfix? (And if yes, how?)

        see amavisd sql/ldap whitelist/blacklist

        or add it staticly to amavisd.conf

        >
        > Thanks,
        > Nick
      • Nikolaos Milas
        ... Hmm, obviously this was the suggested way when I had set it up (I don t remember now details on what directions I had followed), but it seems to work fine.
        Message 3 of 7 , Feb 20, 2013
        • 0 Attachment
          On 20/2/2013 1:35 μμ, Benny Pedersen wrote:

          > smtp vs lmtp

          Hmm, obviously this was the suggested way when I had set it up (I don't
          remember now details on what directions I had followed), but it seems to
          work fine.

          Should I change it to smtp? What is the suggested way of integration?
          Pros/Cons?

          Thanks much,
          Nick
        • Benny Pedersen
          ... lmtp is fine yes, but smtp overwrides does not help on lmtp service lmtp should use lmtp overwrides, your working example runs without any overwrides as it
          Message 4 of 7 , Feb 20, 2013
          • 0 Attachment
            Nikolaos Milas skrev den 2013-02-20 13:11:
            > On 20/2/2013 1:35 μμ, Benny Pedersen wrote:
            >
            >> smtp vs lmtp
            >
            > Hmm, obviously this was the suggested way when I had set it up (I
            > don't remember now details on what directions I had followed), but it
            > seems to work fine.
            >
            > Should I change it to smtp? What is the suggested way of integration?
            > Pros/Cons?

            lmtp is fine yes, but smtp overwrides does not help on lmtp service

            lmtp should use lmtp overwrides, your working example runs without any
            overwrides as it is now

            this is dokumented in amavisd readme (postfix)
          • Nikolaos Milas
            ... I see. If it is smtp, rather than lmtp, then how would we specify overrides? Thanks, Nick
            Message 5 of 7 , Feb 20, 2013
            • 0 Attachment
              On 20/2/2013 2:16 μμ, Benny Pedersen wrote:

              > lmtp is fine yes, but smtp overwrides does not help on lmtp service
              >
              > lmtp should use lmtp overwrides, your working example runs without any
              > overwrides as it is now
              >
              > this is dokumented in amavisd readme (postfix)

              I see. If it is smtp, rather than lmtp, then how would we specify overrides?

              Thanks,
              Nick
            • Benny Pedersen
              ... -o lmtp_* for lmtp service -o smtp_* for smtp service but dont make overwrides if postconf -d | grep lmtp_ is okay :)
              Message 6 of 7 , Feb 20, 2013
              • 0 Attachment
                Nikolaos Milas skrev den 2013-02-20 13:24:
                > On 20/2/2013 2:16 μμ, Benny Pedersen wrote:
                >
                >> lmtp is fine yes, but smtp overwrides does not help on lmtp service
                >>
                >> lmtp should use lmtp overwrides, your working example runs without
                >> any overwrides as it is now
                >>
                >> this is dokumented in amavisd readme (postfix)
                >
                > I see. If it is smtp, rather than lmtp, then how would we specify
                > overrides?

                -o lmtp_* for lmtp service
                -o smtp_* for smtp service

                but dont make overwrides if postconf -d | grep lmtp_ is okay :)
              • weber@...
                Patrick B Koetter told me some days ago you can do an sender_check_access, in the sender_check_access you can forward them to a service without amavis.
                Message 7 of 7 , Feb 20, 2013
                • 0 Attachment
                  Patrick B Koetter told me some days ago
                  you can do an sender_check_access,

                  in the sender_check_access you can forward them to a service without
                  amavis.

                  sender_check_access = hash ..... noamavis_sender

                  noamavis_sender =

                  senderdomain.com FILTER smtp:servicewithoutamavis

                  create the service in master.cf

                  in the settings for the service reinject the mails on a non amavis
                  port.

                  marko

                  http://www.postfix.org/access.5.html




                  Am 2013-02-20 13:30, schrieb Benny Pedersen:
                  > Nikolaos Milas skrev den 2013-02-20 13:24:
                  >> On 20/2/2013 2:16 μμ, Benny Pedersen wrote:
                  >>
                  >>> lmtp is fine yes, but smtp overwrides does not help on lmtp service
                  >>>
                  >>> lmtp should use lmtp overwrides, your working example runs without
                  >>> any overwrides as it is now
                  >>>
                  >>> this is dokumented in amavisd readme (postfix)
                  >>
                  >> I see. If it is smtp, rather than lmtp, then how would we specify
                  >> overrides?
                  >
                  > -o lmtp_* for lmtp service
                  > -o smtp_* for smtp service
                  >
                  > but dont make overwrides if postconf -d | grep lmtp_ is okay :)
                Your message has been successfully submitted and would be delivered to recipients shortly.