Hi, I have a problem that the smtpd_proxy_filter option has higher priority than a FILTER setting in an access table:
Sep 30 12:33:04 mx0 postfix/smtpd[5250]: warning: access table
cidr:/etc/postfix/maps/client_access.cidr: with smtpd_proxy_filter specified,
action FILTER is unavailable
What I need is a mechanism to re-route a mail to a different policy-bank in
amavis, if a MTA-client is found in a whitelist:
smtp inet n - - - 1 postscreen
smtpd pass - - - - 10 smtpd
-o smtp_bind_address=127.0.0.1
-o smtpd_proxy_filter=[127.0.0.1]:10024
-o smtpd_client_connection_rate_limit=5
-o smtpd_client_message_rate_limit=5
-o smtpd_client_recipient_rate_limit=30
dnsblog unix - - - - 0 dnsblog
...
In main.cf:
smtpd_recipient_restrictions =
...
check_client_access cidr:/etc/postfix/maps/client_access.cidr,
...
/etc/postfix/maps/client_access.cidr:
# Whitelisting
193.239.107.22 FILTER lmtp-amavis:[::1]:10027
amavis:
$interface_policy{'10027'} = 'WHITELIST';
$policy_bank{'WHITELIST'} = {
allow_disclaimers => 1,
bypass_spam_checks_maps => [1], # I
want to disable spam-checks for SWL and DWL
terminate_dsn_on_notify_success => 0,
};
This test here is a pre-prototype for thinking about coding a policy-service
that respects swl.spamhaus.org and dwl.spamhaus.org. Yet I do not know how to
_really_ whitelist candidates on these lists. So I took my friend Uwe's MTA for
a first test of whitelisting.
Also the question for postscreen: Does it allow negative scoring of dnsbl? So I
could use that lookup mechanism, too. At the moment I try to negative score
whitelists in policyd-weight.
This all is not so easy for me right now :-)
Best regards
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network-solutions.com
PGP.sig
Description: Signierter Teil der Nachricht
