On 10 Feb 2021, at 5:55, Marek Kozlowski wrote:
I've read the recommended way of connecting clamav is via smtpd_milters in main.cf. But spamassassin in those tutorial is not connected that way but a master.cf entry is defined and a "-o content_filter=that_entry" for smtp service is added. If so many people do that there must be some reason for it. I'm wondering: what is the reason?
Cargo cult. It worked for someone, they wrote a web page to help others. Others used it and maybe tweaked something that made it work better or maybe they just preferred their own words or they wanted the credit for plagiarized work, and another web page goes up. Now there are 2 pages saying the same thing and they become the progenitors of more.
In addition to that, ClamAV includes a maintained Milter program. SpamAssassin comes with a bespoke client & server as well as a test script, but no Milter and no officially recommended methodology for integrating it with any particular MTA or MUA. There are at least 3 Milter programs that can be used to integrate SA with Postfix or Sendmail but there's also the traditional Postfix way of using AmavisD in a SMTP proxy mode and the oft-documented mechanism of using a content_filter service defined in master.cf.
what's the difference?
Postfix has multiple interfaces that can be used for content filtering. The details of each can be seen in these README files in the Postfix documentation: FILTER_README, BUILTIN_FILTER_README, SMTPD_PROXY_README, and MILTER_README. The high-level difference between a Milter and a content_filter service is that the Milter API operates as an advisory service callable at each SMTP phase before Postfix accepts a message, while content_filter services are handed messages after Postfix has accepted and queued them. There is no particular reason to use ClamAV via Milter and SA via content_filter. I personally prefer using SA via a Milter, because it eliminates the dilemma of what to do with suspect mail that you've already accepted but do not want to deliver normally.
-- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
