Hello all- New to Postfix, inexperienced in mail system setups, foolishly volunteered to tackle upgrading mail servers at work and now stuck up the creek without a paddle.
Recently setup some new mail servers running postfix and using amavis-spamassassin-clamav to do AS/AV. I've used mostly defaults, tweaked a few settings and for the most part it is working well -- a testament to people much smarter than I doing sane things for defaults. However, I've hit a snag trying to iron out a last few "glitches" in the system. In amavis, I have banned certain attachments and I warn the sender and recipient if that happens. However, for one email address in particular, I don't want to send the banned message (it doesn't end up in an inbox, but gets thrown to a script and imported into an internal web application). I'm asking on the Amavis mailing list, but assuming I can't stop that message there, I'm looking to stop it in postfix. The basic condition I'm trying to deal with is a message that has a certain subject *and* is destined for a particular address. I've been trying to wrap my head around the documentation. If I understand it, I can't use header_checks directly as those are evaluated individually, line-by-line; however, I may be able to use header_checks to call a content filter so that only a subset of messages are filtered, minimizing the impact on efficiency. So I have a couple questions: First, is this a reasonable approach or am I missing something simpler and more straightforward? While my situation only needs to cope with on address for the time-being, it is very possible that it would need to expand to encompass other addresses in this functionality in the first place. Secondly, I've heard that it is "better" to use milters (before-queue filters?) as opposed to content filters (after-queue filters?), though the reasons I've heard might not apply in this case. However, if it is the case, can I configure a milter to only run on one of postfix's listening interfaces? Since this message will only be coming from Amavis directly, it would be a waste of time to have the milter listen on the internet interface. Thanks all, Mike Ray
