Patrick Ben Koetter wrote:
* Chris Adams<cmad...@hiwaay.net>:
I'm configuring Postfix with SpamAssassin, using Spampd as a
before-queue filter. I put "/^X-Spam-Flag: YES/ REJECT Spam detected"
in /etc/postfix/header_checks, and that works (spam is rejected during
SMTP as desired).
However, it would be nice to _also_ keep a copy of the rejected messages
somewhere for later analysis. Either deliver them to a special local
user, hold in the queue, or whatever else is convenient. Is there an
easy way to do this?
I guess I could modify Spampd to save a copy of spam messages, but I was
hoping there might be a way to configure Postfix to do this.
If it matters, this is Postfix 2.6.6 on CentOS 6.
Postfix can't do that. amavis can do if you run it pre-queue.
Agreed, you should use amavisd-new to do this. But why would you want to
run it pre-queue?
Amavis/SA are CPU intensive. A better way, IMHO, is to use a combination
of postscreen, policyd (e.g. policyd-weight), greylisting (e.g. sqlgrey)
and have Amavis/SA only handle mail that "gets through".
See http://www.postfix.org/POSTSCREEN_README.html for multi-layer defense.
You'll block 9x% of all obvious spam without wasting CPU or bandwidth.
And you can quarantine those that get through for later analysis.
Rgds,
N.
