Is there documentation available, at which smtp-state a milter is kicking
in?
I don't see a way to define at which state a milter should take action.
i would lke to make sure that
smtpd_milters = unix:/clamav/clamav-milter.ctl
will only get triggered *after *
smtpd_recipient_restrictions =
reje
Have a look here:
https://msg.wikidoc.info/index.php/Milter_operation
Milter Protocol starts when a client connects. So you have the open
connection to clamav-milter before smtpd_recipient_restrictions is
triggered. But ClamAV can't do anything before the content is
transfered. So the performance
Thank you. So it makes sense to have all smtpd_recipient_restrictions in
place, and _only if_ the client passes all checks, clamav or spamasassin is
having data available to do a check. If the client fails a check,
clamav/spamasassin have nothing to process. Did i get it correctly? :)
Stefan
Am F
On Fri, 19 Oct 2018, at 10:57, Olivier wrote:
So, rejecting spam during smtp-dialog is risky, that is why most
resolve to some sort of quarantine, and that is when amavis comes
handy.
I agree with the 1st part but that's why I ditched Amavis! If your
mail delivery setup includes anything a
yes
On 19.10.18 09:29, Stefan Bauer wrote:
> Thank you. So it makes sense to have all smtpd_recipient_restrictions in
> place, and _only if_ the client passes all checks, clamav or spamasassin
> is having data available to do a check. If the client fails a check,
> clamav/spamasassin have nothing
Mail that is aliases by alias_maps is 'forwarded' as in: written
to a new queue file and reprocessed by the local delivery agent.
It is possible that the original case is lost in this 'forwarding'
code path. I'll look into this when I have time.
Wietse
October 19 2018 3:17 AM, "Carsten Rosenberg" wrote:
> amavis-milter is just a wrapper script from milter to amavis protocol.
> As long amavis is not dead this is fine.
>
This is off-topic a bit, but amavis just got an update to 2.11.1 and the
project has been transferred to a new group for manag
On 19.10.18 05:39, Stefan Bauer wrote:
> Is it best practice to use amavis in between postfix and
> clamd/spamasassin?
It is certainly a well proven approach to use amavis as the glue that
binds Postfix, Spam- and Virus-Checkers together. Even DKIM-signing and
-verification are supported. I like
Hello mailing list,
I would like to understand the address_verify_positive_refresh_timer
parameter. The documentation states:
The time after which a successful address verification probe needs to
be refreshed. The address verification status is not updated when the
probe fails (optimistic ca
I'm building a simple pair of front MX-servers to get rid of our cisco
ironports. For spam and
virus-scanning i'd like to have spamassassin and clamav doing pre-filtering
during smtp-dialog
rejecting bad mails and forwarding good mails to internal mail-farm.
On 19.10.18 10:57, Olivier wrote:
Damian:
> Hello mailing list,
>
> I would like to understand the address_verify_positive_refresh_timer
> parameter. The documentation states:
>
> > The time after which a successful address verification probe needs to
> > be refreshed. The address verification status is not updated when the
>
Hello Wietse,
I cannot say that capslock improves my understanding of this matter. I
am interested in an explicit answer for the last two questions as your
answer still leaves room for interpretation.
what happens with mails for X between day 8 and 31? Will they be
accepted by Postfix and then
On 18 Oct 2018, at 23:39, Stefan Bauer wrote:
Dear Users,
I'm building a simple pair of front MX-servers to get rid of our cisco
ironports. For spam and virus-scanning i'd like to have spamassassin
and
clamav doing pre-filtering during smtp-dialog rejecting bad mails and
forwarding good mails
On 19 Oct 2018, at 1:15, Stefan Bauer wrote:
Seems like smtpd_milters are also used before
any other check_*_access and rbl checks/header checks etc.,
Incorrect.
All of the smtpd restriction lists (except for the rarely-used
smtpd_end_of_data_restrictions) operate before any message data is
Damian:
> Hello Wietse,
>
> I cannot say that capslock improves my understanding of this matter. I
> am interested in an explicit answer for the last two questions as your
> answer still leaves room for interpretation.
> > what happens with mails for X between day 8 and 31? Will they be
> > acc
Thank you, this is explicit enough.
Regards
Damian
Am 19.10.2018 um 17:57 schrieb Wietse Venema:
Sorry, I don't have color fonts. Again, Postfix will ignore a failed
refresh probe, From that it follows that Postfix it will keep using
the cached positive result. From that it follows that Postfi
Hi Andreas,
i really like postscreen. There are quite some nice tricks buikd in so
thanks again for pushing me in this direction.
i just bundled it now with clamav-milter so the expensive checks are only
triggered when a client survives postscreen and all my additional
sender/recipient checks and
On Fri, Oct 19, 2018, at 8:37 AM, Bill Cole wrote:
> I use MIMEDefang, not because Amavis is bad (it's not) but because I
> prefer to have *all* of my message filtering & manipulation handled in
> one place and I've been using MD longer than Postfix. Postfix is NOT a
> robust message manipula
pg...@dev-mail.net:
>
>
> On Fri, Oct 19, 2018, at 8:37 AM, Bill Cole wrote:
> > I use MIMEDefang, not because Amavis is bad (it's not) but because I
> > prefer to have *all* of my message filtering & manipulation handled in
> > one place and I've been using MD longer than Postfix. Postfix is N
On 19 Oct 2018, at 12:54, pg...@dev-mail.net wrote:
On Fri, Oct 19, 2018, at 8:37 AM, Bill Cole wrote:
I use MIMEDefang, not because Amavis is bad (it's not) but because I
prefer to have *all* of my message filtering & manipulation handled
in
one place and I've been using MD longer than Postfi
On Fri, Oct 19, 2018, at 10:31 AM, Bill Cole wrote:
> > Is there any particular significance to the complete lack of its
> > mention on:
> >
> > http://www.postfix.org/addon.html
>
> Certainly. It is very strong evidence that no one has ever bothered
> emailing Dr. Venema to ask for its in
If you’re only going to use clamAV, look into the sanesecurity unofficial
signatures to augment the default clamAV signatures. Your detection rate will
be much better. Using an additional AV may be a good idea as well, although
that’s probably a “bring money” proposition. Much cheaper than cl
22 matches
Mail list logo
