This would be "old fashioned" Postfix. I run 2.0.12, normally - but am looking at the current snapshot.
[EMAIL PROTECTED] admin]$ rpm -qa | grep -i postfix postfix-1.1.11-11
I guess I need to go look at 2.0.12 and see what it offers. I do not know what version is in rawhide. If I can ever get in ...
I compile my own - I can configure whatever elements I like into it and I sometimes find people who can give me elements that no-one else has.
Then I make rpms of what I've compiled for Red Hat using "checkinstall." Makes making rpms so easy, that it's unbelievable. You get the best of both worlds. And without rpms I've found that software housekeeping is a disaster.
Under normal conditions you can configure Postfix itself to do regexp/pcre/RBL-based rejection on header and body content. Using Amavis-d (as I am) I can't do smtp rejections, since the smtpd daemon has already given a 201 acceptance. I must either bounce or quarantine.
That is kinda what I thought. I really did not want to configure Postfix to do the filtering; I really like the job done by SA. Also, IIUC, reject essentially says nobody home, go away, whereas bounce says we are here but do not want to talk to you?
Rejecting is simply saying you don't want what's offered before you have accepted it. Bouncing is more or less the same, but then with a reason. The difference is, that if you reject it, you never have it. If you bounce it to an address that doesn't exist, you get it back again (double bounce.) That annoys me to the nth degree.
Quarantine says the mail accepted for an inbox, but it actually goes to a junk directory. It is the manual maintenance of the junk directory that is starting to be a time waste.
If you do it by hand. I've been a Unix sysadmin for years and can write shell scripts to do all that automatically. I never even have to look at the quarantine directory as a rule. I have a simple script for Amavis that mails me the most important points of what's been refused once a day, does sa-learn on spam and deletes everything older than a week.
However, the current Postfix snapshot smtpd can be configured to hang onto the client connection until Amavis-d has scanned the message. The release will probably be in a few months, according to the postfix developers. Whether this works or not in practice, we've all still to find out.
Now that would be nice. That is exactly what I have in mind. Use Amavis-d to scan with SA and maybe AV, then reject on that basis as opposed to bounce or quarantine. Have you tried out the current Postfix snapshot?
Yes, I love it. See my post to this list.
When you say "smtpd reject high-score spam," was that via the built-in Postfix test hooks or using a different method (a different MTA with SA - such as sendmail)?
I was using SA-Exim - that's specially patched Exim 4.20. Postfix 2.0 can't do that, Postfix 2.1 will be able to. The current snapshot is what is coming in 2.1, with 2.0 as a base.
Based on that experience, it might not seem worth the time to configure things to do it. On-the-other-hand, it does remove the need to review manually the quarantined mail. Valid mail gets through. Invalid mail goes back with a reject (with a potential of a small error rate of rejecting valid as invalid).
As I said, I don't bother any more. 99.5% of all spam has a fictive sender address. Rejecting it simply means that someone else gets saddled with it.
You don't have to dev-null spam with Amavis-d/SA-Exim, you can quarantine it in a dedicated directory. That's what I do.
That is how I use SA now via spamc/procmail. The downside is I have to go through the directory manually to check what is there. I was trying to find a way to not even look at the junk, but still send a reject message in case of a valid message being tagged.
You don't have to do things manually, that's the beauty of Unix/Linux. You write a script. Windows used to be like that, but now they've taken even DOS batch files away. They used to be really powerful.
Here's a script for Amavis-d quarantined spam that's been gzipped, as an example. It's the kind of thing you "just make up" and then forget it, it even removes old spam:
#!/bin/ksh
spamdir="/var/amavis/quarantine"
spamfile1="/tmp/todaysspam"
spamfile2="/tmp/spamtemp"
cd $spamdir
/usr/bin/find . -daystart -mtime -1 > $spamfile1 2>&1
for i in `cat $spamfile1`
do zcat $i > $spamfile2
/usr/local/bin/sa-learn --spam --file $spamfile2
echo "File: $i"
grep Subject: $spamfile2
grep From: $spamfile2
grep Date: $spamfile2
grep X-Spam-Status: $spamfile2
echo ""
i=i+1
done | mail -s "Postfix spam quarantined `date "+%B %e"`" root
rm $spamfile1 $spamfile2
find . -mtime +7 -exec rm {} \;Does Exim provide any benefits over Postfix?
It's like comparing 2 similar cars/automobiles from different manufacturers. You can do more or less the same with both, but they come from different mindsets. Exim 4 has things that Postfix doesn't, but costs more thinking. Then again, Postfix has vastly superior queue routines. Both are being used by everyone from home users to huge organizations.
I am pretty comfortable with Postfix.
Stick with it ;-)
How complicated is the switch from it to Exim?
Very. You have to have a reason - or just curiosity. I speak and write fluent Norwegian (4 kinds) and fluent Dutch. But I'd never have learned Dutch without having had to - I came to live here :-)
Have you had any success with the current snapshot of Postfix with regard to this issue?
Yep, see above.
> Thank you for your help.
You're welcome.
Best,
Tony
-- Tony Earnshaw
I love the music of Wagner. The only sound that pleases me more is that of a cat outside my 9th floor window, trying to cling to the glass with its claws.
http://j-walk.com/blog/docs/conference.htm http://www.billy.demon.nl Mail: [EMAIL PROTECTED]
------------------------------------------------------- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing & more. Download & eval WebKing and get a free book. www.parasoft.com/bulletproofapps _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
