On 5/9/2015 11:00 AM, Robert Chalmers wrote:
>
> I'm trying to find out if I can marry Spambayes with postfix+Dovecot
> under the VirtualHosting setup. Or even if its worth the trouble of
> doing it?
>
>
> The configuration I have uses /var/mail/vhosts/%d/%n in the
> Dovecot.conf setup, and Postfix has the $virtual_mailbox_maps files
> and so on. as in
> virtual_mailbox_domains =
> mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
>
> and virtual_mailbox_base = /var/mail/vhosts
>
> and home_mailbox=Mail/Dovecot/ (which doesn't appear to be getting
> used now anyway)
>
> In the Spambayes conf, the nearest I can get is in the spambayes'
> procmailrc file, with
>
> MAILDIR=/var/mail/vhosts/%d/%n
> SPAMBAYESDIR=/usr/local/spambayes
> DELIVER="/usr/local/dovecot/libexec/dovecot/deliver -c
> /usr/local/dovecot/etc/dovecot.conf"
>
> which at the moment does nothing !!!
>
>
> So in short - is it possible to set up Spambayes with
> postfix/dovecot, or shouldn't I worry about it, because I'm using
> postscreen anyway, and I'm pretty happy with it's ability to filter
> most spam.
You should be able to get spambayes to work in your virtual setup if
you use sieve rather than procmail. See the sieve docs or dovecot
users list for implementation details.
You might consider adding clamav-milter to postfix, and using the
add-on sanesecurity anti-spam signatures. I've found the anti-spam
sigs to be safe and effective against some of the spam that gets
through other protections.
-- Noel Jones
>
> The following actually work pretty well now, so maybe I can actually
> forget about Spambayes? I'd be interested in the thoughts of others
> on the subject?
>
> thanks
> Robert
>
> postconf -n
> =================
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> biff = no
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> daemon_directory = /usr/libexec/postfix
> data_directory = /var/lib/postfix
> debug_peer_level = 2
> debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
> xxgdb $daemon_directory/$process_name $process_id & sleep 5
> default_rbl_reply = $rbl_code Service unavailable; $rbl_class
> [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} -
> see http://$rbl_domain.
> dovecot_destination_recipient_limit = 1
> home_mailbox = Mail/Dovecot/
> html_directory = /usr/share/doc/postfix/html
> inet_interfaces = all
> inet_protocols = all
> mail_owner = _postfix
> mailbox_command = /usr/bin/procmail -a "$EXTENSION"
> mailbox_size_limit = 0
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> message_size_limit = 0
> meta_directory = /etc/postfix
> mydestination = localhost mail.$mydomain, www.$mydomain
> mynetworks_style = host
> newaliases_path = /usr/bin/newaliases
> postscreen_access_list = permit_mynetworks,
> cidr:/etc/postfix/postscreen_access.cidr
> postscreen_bare_newline_action = ignore
> postscreen_bare_newline_enable = no
> postscreen_bare_newline_ttl = 30d
> postscreen_blacklist_action = ignore
> postscreen_cache_cleanup_interval = 12h
> postscreen_cache_map = btree:$data_directory/postscreen_cache
> postscreen_cache_retention_time = 7d
> postscreen_client_connection_count_limit =
> $smtpd_client_connection_count_limit
> postscreen_command_count_limit = 20
> postscreen_command_filter =
> postscreen_command_time_limit = ${stress?10}${stress:300}s
> postscreen_disable_vrfy_command = $disable_vrfy_command
> postscreen_discard_ehlo_keyword_address_maps =
> $smtpd_discard_ehlo_keyword_address_maps
> postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords
> postscreen_dnsbl_action = enforce
> postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply
> postscreen_dnsbl_sites = zen.spamhaus.org*3 bl.mailspike.net*3
> b.barracudacentral.org*2 bl.spameatingmonkey.net bl.spamcop.net
> spamtrap.trblspam.com dnsbl.sorbs.net=127.0.0.[2;3;6;7;10]
> ix.dnsbl.manitu.net bl.blocklist.de
> list.dnswl.org=127.0.[0..255].0*-1
> list.dnswl.org=127.0.[0..255].1*-2
> list.dnswl.org=127.0.[0..255].[2..3]*-3
> iadb.isipp.com=127.0.[0..255].[0..255]*-2
> iadb.isipp.com=127.3.100.[6..200]*-2
> wl.mailspike.net=127.0.0.[17;18]*-1 wl.mailspike.net=127.0.0.[19;20]*-2
> postscreen_dnsbl_threshold = 3
> postscreen_dnsbl_ttl = 1h
> postscreen_enforce_tls = $smtpd_enforce_tls
> postscreen_expansion_filter = $smtpd_expansion_filter
> postscreen_forbidden_commands = $smtpd_forbidden_commands
> postscreen_greet_action = ignore
> postscreen_greet_banner = $smtpd_banner
> postscreen_greet_ttl = 1d
> postscreen_greet_wait = ${stress?2}${stress:6}s
> postscreen_helo_required = $smtpd_helo_required
> postscreen_non_smtp_command_action = drop
> postscreen_non_smtp_command_enable = no
> postscreen_non_smtp_command_ttl = 30d
> postscreen_pipelining_action = enforce
> postscreen_pipelining_enable = no
> postscreen_pipelining_ttl = 30d
> postscreen_post_queue_limit = $default_process_limit
> postscreen_pre_queue_limit = $default_process_limit
> postscreen_reject_footer = $smtpd_reject_footer
> postscreen_tls_security_level = $smtpd_tls_security_level
> postscreen_use_tls = $smtpd_use_tls
> postscreen_watchdog_timeout = 10s
> queue_directory = /private/var/spool/postfix
> readme_directory = /usr/share/doc/postfix
> recipient_delimiter = +
> sample_directory = /usr/share/doc/postfix/examples
> sendmail_path = /usr/sbin/sendmail
> setgid_group = _postdrop
> shlib_directory = /usr/lib/postfix
> smtp_sasl_auth_enable = no
> smtp_sasl_mechanism_filter = plain
> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> smtp_use_tls = yes
> smtpd_client_restrictions = check_client_access
> hash:/etc/postfix/access,reject_rbl_client
> bl.spamcop.net,reject_rbl_client
> sbl-xbl.spamhaus.org,reject_rbl_client
> cbl.abuseat.org,reject_rbl_client dnsbl.njabl.org,reject_rbl_client
> zen.spamhaus.org
> smtpd_helo_required = yes
> smtpd_recipient_restrictions = check_sender_access
> hash:/etc/postfix/access, check_client_access
> hash:/etc/postfix/access, permit_mynetworks,
> permit_sasl_authenticated, reject_unauth_destination,
> check_recipient_access hash:/etc/postfix/access, check_relay_domains
> smtpd_relay_restrictions = permit_mynetworks,
> permit_sasl_authenticated, defer_unauth_destination
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_path = private/auth
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_type = dovecot
> smtpd_tls_CAfile = /etc/ssl/misc/ca.pem
> smtpd_tls_auth_only = yes
> smtpd_tls_cert_file = /private/etc/ssl/certs/chalmers.com.au.crt
> smtpd_tls_ciphers = medium
> smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL
> smtpd_tls_key_file = /private/etc/ssl/private/chalmers.com.au.key
> smtpd_use_tls = yes
> soft_bounce = no
> tls_random_source = dev:/dev/urandom
> unknown_local_recipient_reject_code = 550
> virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
> virtual_gid_maps = static:5000
> virtual_mailbox_base = /var/mail/vhosts
> virtual_mailbox_domains =
> mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
> virtual_mailbox_limit = 0
> virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
> virtual_minimum_uid = 100
> virtual_transport = lmtp:unix:private/dovecot-lmtp
> virtual_uid_maps = static:5000
>
> ===================
>
> and doveconf -n
>
> ...................
> # 2.2.16: /usr/local/etc/dovecot/dovecot.conf
> # OS: Darwin 14.3.0 x86_64 hfs
> auth_mechanisms = plain login
> default_internal_user = _dovecot
> default_login_user = _dovenull
> mail_location = maildir:/var/mail/vhosts/%d/%n
> mail_max_userip_connections = 30
> mail_privileged_group = mail
> namespace inbox {
> inbox = yes
> location =
> mailbox Drafts {
> special_use = \Drafts
> }
> mailbox Junk {
> special_use = \Junk
> }
> mailbox Sent {
> special_use = \Sent
> }
> mailbox "Sent Messages" {
> special_use = \Sent
> }
> mailbox Trash {
> special_use = \Trash
> }
> prefix =
> }
> passdb {
> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
> driver = sql
> }
> passdb {
> args = %s
> driver = pam
> }
> postmaster_address = rob...@chalmers.com.au
> service auth-worker {
> user = vmail
> }
> service auth {
> executable = /usr/local/libexec/dovecot/auth
> unix_listener /var/spool/postfix/private/auth {
> group = _postfix
> mode = 0600
> user = _postfix
> }
> user = _dovecot
> }
> service imap-login {
> executable = /usr/local/libexec/dovecot/imap-login
> inet_listener imap {
> address = *
> port = 143
> }
> inet_listener imaps {
> address = *
> port = 0
> }
> process_limit = 128
> }
> service imap {
> executable = /usr/local/libexec/dovecot/imap
> process_limit = 128
> }
> service lmtp {
> unix_listener /var/spool/postfix/private/dovecot-lmtp {
> group = _postfix
> mode = 0660
> user = _postfix
> }
> unix_listener lmtp {
> group = _postfix
> mode = 0600
> user = _postfix
> }
> }
> service pop3-login {
> executable = /usr/local/libexec/dovecot/pop3-login
> inet_listener pop3 {
> address = *
> port = 110
> }
> inet_listener pop3s {
> address = *
> port = 0
> }
> process_limit = 128
> }
> service pop3 {
> executable = /usr/local/libexec/dovecot/pop3
> process_limit = 128
> }
> ssl_cert = </etc/ssl/certs/chalmers.com.au.crt
> ssl_key = </etc/ssl/private/chalmers.com.au.key
> ssl_require_crl = no
> userdb {
> args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
> driver = static
> }
> userdb {
> driver = passwd
> }
> protocol lmtp {
> mail_plugins =
> }
> protocol lda {
> postmaster_address = postmas...@chalmers.com.au
> }
> .......................................
>
>
