Den 09.09.2024 kl. 15.14 skrev Wietse Venema via Postfix-users:
Danjel Jungersen via Postfix-users:
On 09-09-2024 13:46, chandan via Postfix-users wrote:
On 2024-09-09 10:53, Danjel Jungersen via Postfix-users wrote:
Hey!
I have set up clamav, and I think it works....
But when a mail is recieved, it is first scanned by rspamd and then
clamav. Thats all fine.
But when clamav is done, rspamd scans it again.
you are using amavis as content filter with clamav
you are probably using rspamd with clamav module as a milter
so clamav scans your mail twice.
what is the problem?
The problem is that rspamd scan the mail twice. (according to the
webinterface).
And the second scan has a higher score, and could therefore be rejected.
But at that time the mail "comes" from me, so I'm rejecting myself and I
think this will cause problems.
Or maybe I'm wrong?
If yoiu weant help, provide the information that I asked for before.
Then someone can tell you what change is needed.
I tried the solution where rspamd should handle it, but have now
reverted to the original setup.
After I reverted I'm back to my original problem...
Rspamd scans the mail again after clamav has done its job.
Wietse mentioned that my problem was that I should disable the scan
after content filter.
Still true after posting my setup?
How to do that without breaking anything?
2 x postconf output below.....
Best regards
Danjel
My setup:
postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 3.6
content_filter = smtp-amavis:[127.0.0.1]:10024
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
message_size_limit = 1024000000
milter_mail_macros = i {mail_addr} {client_addr} {client_name}
{auth_authen}
mydestination = $myhostname, mail.jungersen.dk, localhost.jungersen.dk,
, localhost
myhostname = mail.jungersen.dk
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
non_smtpd_milters = inet:127.0.0.1:11332
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_milters = inet:127.0.0.1:11332
smtpd_recipient_restrictions =
reject_unauth_destination,check_policy_service unix:private/quota-status
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = mysql:/etc/postfix/mysql-email2email.cf
smtpd_tls_auth_only = yes
smtpd_tls_cert_file =
/etc/letsencrypt/live/webmail.jungersen.dk/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/webmail.jungersen.dk/privkey.pem
smtpd_tls_security_level = may
virtual_alias_maps =
mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf
virtual_mailbox_domains =
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
postconf -Mf
smtp inet n - y - - smtpd
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o
smtpd_sender_restrictions=reject_sender_login_mismatch,permit_sasl_authenticated,reject
-o smtpd_relay_restrictions=
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
-o syslog_name=postfix/$service_name
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
postlog unix-dgram n - n - 1 postlogd
maildrop unix - n n - - pipe flags=DRXhu
user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe flags=Fqhu
user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe flags=F
user=ftn
argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe flags=Fq.
user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe flags=R
user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
${user} ${extension}
mailman unix - n n - - pipe flags=FRX
user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
${user}
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
Wietse
_______________________________________________
Postfix-users mailing list --postfix-users@postfix.org
To unsubscribe send an email topostfix-users-le...@postfix.org
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
