Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- We are running SpamAssassin as a content filter from Postfix.
- Here's what we have in master.cf
- smtp inet n - n - - smtpd
- -o content_filter=spamchk:dummy
- spamchk unix - n n - 10 pipe
- flags=Rq user=spammonster argv=/usr/local/bin/spamchk -f ${sender} -- ${recipient}
- This is working. However, apparently the spamchk content filter is
- running _before_ Postfix rejects mail to non-existent addresses.
- Given that 95% of our inbound mail is to non-existent addresses, this
- is terribly inefficient.
- Unfortunately I have no clue how to order the PostFix processing to
- ensure that the address check comes before the content filter. (I
- naively thought this would be the "normal" ordering.)
- Here's what we've got in our Postfix config files
- master.cf
- # Services
- # ==========================================================================
- # service type private unpriv chroot wakeup maxproc command + args
- # (yes) (yes) (yes) (never) (100)
- # ==========================================================================
- smtp inet n - n - - smtpd
- -o content_filter=spamchk:dummy
- pickup fifo n - n - 1 pickup
- cleanup unix n - n - 0 cleanup
- qmgr fifo n - n - 1 qmgr
- rewrite unix - - n - - trivial-rewrite
- bounce unix - - n - 0 bounce
- defer unix - - n - 0 bounce
- trace unix - - n - 0 bounce
- verify unix - - n - 1 verify
- flush unix n - n - 0 flush
- proxymap unix - - n - - proxymap
- smtp unix - - n - - smtp
- relay unix - - n - - smtp
- showq unix n - n - - showq
- error unix - - n - - error
- local unix - n n - - local
- virtual unix - n n - - virtual
- lmtp unix - - n - - lmtp
- anvil unix - - n - 1 anvil
- #
- # Interfaces to non-Postfix software. Be sure to examine the manual
- # pages of the non-Postfix software to find out what options it wants.
- maildrop unix - n n - - pipe
- flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
- spamchk unix - n n - 10 pipe
- flags=Rq user=spammonster argv=/usr/local/bin/spamchk -f ${sender} -- ${recipient}
- ========================================================================
- main.cf
- alias_database = hash:/etc/postfix/aliases
- alias_maps = hash:/etc/postfix/aliases
- default_destination_concurrency_limit = 5
- default_process_limit = 500
- disable_vrfy_command = yes
- inet_interfaces = all
- initial_destination_concurrency = 2
- local_destination_concurrency_limit = 2
- local_recipient_maps = $virtual_alias_maps $alias_maps
- mailbox_size_limit = 0
- masquerade_domains = cfcl.com
- message_size_limit = 10240000
- mydestination = $myhostname,$mydomain
- mydomain = cfcl.com
- myhostname = g3po.cfcl.com
- mynetworks = /etc/postfix/mynetworks
- smtp_helo_name = $mydomain
- smtpd_banner = $mydomain ESMTP $mail_name
- smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access
- strict_rfc821_envelopes = yes
- unknown_local_recipient_reject_code = 550
- virtual_alias_maps = hash:/etc/postfix/virtual
- smtpd_recipient_restrictions =
- permit_mynetworks,
- permit_sasl_authenticated,
- reject_unauth_destination,
- reject_invalid_hostname,
- reject_unauth_pipelining,
- reject_non_fqdn_sender,
- reject_unknown_sender_domain,
- reject_non_fqdn_recipient,
- reject_unknown_recipient_domain,
- permit
Add Comment
Please, Sign In to add comment