Hi All,
I had Spamassassin working on another RH 7.3 and an older Postfix but
unfortunately the box went bye bye and I am setting up another one.
Postfix works great as usual but I have been trying to setup the
master.cf to filter the mail through Spamassassin and the mail is
looping .. I followed the instructions at
http://www.securitysage.com/guides/postfix_uce_sa.html
allowing for the error in home directories (/var/spamassassin not
/var/spool/spamassassin) and I created the user filter rather than
spamfilter. I added the lines and things still don't work .. also .. why
is he using sendmail rather than something else to re-inject the mail
into the queue? As you can see, I set the master.cf to content_filter
and it loops, when I remove it it works just fine .. OK .. Someone tell
me the stupid mistake I made please .. :)
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from smtp.baribault.net (unknown [127.0.0.1]) by
smtp.baribault.net (Postfix) with ESMTP id EFD5819A7D9; Fri, 8 Aug 2003
12:15:52 -0400 (EDT)
Received: (from [EMAIL PROTECTED]) by smtp.baribault.net
(8.12.8/8.12.8/Submit) id h78GFoXh014339; Fri, 8 Aug 2003 12:15:50 -0400
Received: from smtp.baribault.net (unknown [127.0.0.1]) by
smtp.baribault.net (Postfix) with ESMTP id D072F19A7DA; Fri, 8 Aug 2003
12:15:33 -0400 (EDT)
Received: (from [EMAIL PROTECTED]) by smtp.baribault.net
(8.12.8/8.12.8/Submit) id h78GFWF2014317; Fri, 8 Aug 2003 12:15:32 -0400
Received: from smtp.baribault.net (unknown [127.0.0.1]) by
smtp.baribault.net (Postfix) with ESMTP id 2C7E119A7D9; Fri, 8 Aug 2003
12:15:23 -0400 (EDT)
Received: (from [EMAIL PROTECTED]) by smtp.baribault.net
(8.12.8/8.12.8/Submit) id h78GFMhq014308; Fri, 8 Aug 2003 12:15:22 -0400
Received: from field.videotron.net (field.videotron.net
[205.151.222.108]) by smtp.baribault.net (Postfix) with ESMTP id
5D75E19A6D2 for <[EMAIL PROTECTED]>; Fri, 8 Aug 2003 12:15:13 -0400
(EDT)
I have attached my master.cf as well as the postfilter.sh.
Thanks
Gary B
#
# Postfix master process configuration file. Each line describes how
# a mailer component program should be run. The fields that make up
# each line are described below. A "-" field value requests that a
# default value be used for that field.
#
# Service: any name that is valid for the specified transport type
# (the next field). With INET transports, a service is specified as
# host:port. The host part (and colon) may be omitted. Either host
# or port may be given in symbolic form or in numeric form. Examples
# for the SMTP server: localhost:smtp receives mail via the loopback
# interface only; 10025 receives mail on port 10025.
#
# Transport type: "inet" for Internet sockets, "unix" for UNIX-domain
# sockets, "fifo" for named pipes.
#
# Private: whether or not access is restricted to the mail system.
# Default is private service. Internet (inet) sockets can't be private.
#
# Unprivileged: whether the service runs with root privileges or as
# the owner of the Postfix system (the owner name is controlled by the
# mail_owner configuration variable in the main.cf file).
#
# Chroot: whether or not the service runs chrooted to the mail queue
# directory (pathname is controlled by the queue_directory configuration
# variable in the main.cf file). Presently, all Postfix daemons can run
# chrooted, except for the pipe, virtual and local delivery daemons.
# The files in the examples/chroot-setup subdirectory describe how
# to set up a Postfix chroot environment for your type of machine.
#
# Wakeup time: automatically wake up the named service after the
# specified number of seconds. A ? at the end of the wakeup time
# field requests that wake up events be sent only to services that
# are actually being used. Specify 0 for no wakeup. Presently, only
# the pickup, queue manager and flush daemons need a wakeup timer.
#
# Max procs: the maximum number of processes that may execute this
# service simultaneously. Default is to use a globally configurable
# limit (the default_process_limit configuration parameter in main.cf).
# Specify 0 for no process count limit.
#
# Command + args: the command to be executed. The command name is
# relative to the Postfix program directory (pathname is controlled by
# the program_directory configuration variable). Adding one or more
# -v options turns on verbose logging for that service; adding a -D
# option enables symbolic debugging (see the debugger_command variable
# in the main.cf configuration file). See individual command man pages
# for specific command-line options, if any.
#
# In order to use the "uucp" message tranport below, set up entries
# in the transport table.
#
# In order to use the "cyrus" message transport below, configure it
# in main.cf as the mailbox_transport.
#
# SPECIFY ONLY PROGRAMS THAT ARE WRITTEN TO RUN AS POSTFIX DAEMONS.
# ALL DAEMONS SPECIFIED HERE MUST SPEAK A POSTFIX-INTERNAL PROTOCOL.
#
# DO NOT CHANGE THE ZERO PROCESS LIMIT FOR CLEANUP/BOUNCE/DEFER OR
# POSTFIX WILL BECOME STUCK UP UNDER HEAVY LOAD
#
# DO NOT CHANGE THE ONE PROCESS LIMIT FOR PICKUP/QMGR OR POSTFIX WILL
# DELIVER MAIL MULTIPLE TIMES.
#
# DO NOT SHARE THE POSTFIX QUEUE BETWEEN MULTIPLE POSTFIX INSTANCES.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (50)
# ==========================================================================
#smtp inet n - y - - smtpd
# -o content_filter=filter:
smtp inet n - y - - smtpd
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
pickup fifo n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
#qmgr fifo n - n 300 1 qmgr
qmgr fifo n - y 300 1 nqmgr
#tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
flush unix n - y 1000? 0 flush
smtp unix - - y - - smtp
showq unix n - y - - showq
error unix - - y - - error
local unix - n n - - local
virtual unix - n y - - virtual
lmtp unix - - y - - lmtp
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
# The Cyrus deliver program has changed incompatibly.
#
cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail.postfix
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
filter unix - n n - - pipe flags=Rq user=filter
argv=/usr/bin/postfilter.sh ${sender} ${recipient}
#!/bin/sh
# spamfilter.sh by SecuritySage (http://www.securitysage.com)
INSPECT_DIR=/var/spamassassin
SENDMAIL=/usr/sbin/sendmail
SPAMASSASSIN=/usr/bin/spamc
EX_TEMPFAIL=75
EX_UNAVAILABLE=69
cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; }
trap "rm -f in.$$; rm -f out.$$" 0 1 2 3 15
cat | $SPAMASSASSIN -f > out.$$ #|| # { echo Message content rejected; exit $EX_UNAVAILABLE; }
$SENDMAIL "$@" < out.$$
exit $?
