On 05.02.22 11:55, Forums wrote:
Before starting I checked configuration (main.cf & master.cf). In
main.cf I see that:
content_filter = smtp-amavis:[127.0.0.1]:10024 ==> It seems that this
filter directive override disclaimer filter directive if I put it in
master.cf.
correct. the content_filter applies to all mail received via smtpd, unless
you override it.
smtpd_milters = inet:localhost:12345
what does this do?
smtpd_client_restrictions = permit_mynetworks check_client_access
hash:${config_directory}/access/client_check_access warn_if_reject
reject_unknown_client_hostname reject_rhsbl_client dbl.spamhaus.org
smtpd_sender_restrictions = check_sender_access
hash:${config_directory}/access/rejected-recipient reject_rhsbl_sender
dbl.spamhaus.org
...you still can override the content_filter in
${config_directory}/access/client_check_access
or
${config_directory}/access/rejected-recipient
by using FILTER command there.
# postconf -Mf
smtp inet n - y - 1 postscreen
smtpd pass - - y - - smtpd
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o broken_sasl_auth_clients=yes
-o receive_override_options=no_address_mappings
-o
smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o
smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_sender_restrictions=reject_authenticated_sender_login_mismatch
-o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - y - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_local_domain=$myhostname
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_restrictions=reject_sender_login_mismatch
-o
smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
smtps and submission are usually understood as two alternative ways to
submit mail. smtps/465 uses implicit ssl while submission explicit.
You should use the same restrictions there, that's why e.g. on debian there
are directives mua_*_restrictions used by both of there
(you need to define them)
On 05.02.22 14:34, Forums wrote:
After a lot of tests I've found how to do and it works.
I put disclaimer filter directive under "submission" line in master.cf
and keep "postscreen":
smtp inet n - y - 1 postscreen
[...]
submission inet n - y - - smtpd
-o content_filter=disclaimer:
are you aware that submission only applies to mail submitted via port 587?
clients/remote servers sending mail through port 25 and ssmtp/submission clients
sending through 465 don't apply there.
Also, this means, that you will have either content filtering by amavis or
disclaimer.
Logically, I would advise you to use both, where amavis can feed the mail to
another port with disclaimer service running.
It depends on which mail you want to have disclaimer added to, but the
Subject: says "all"
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfriendly.org)
