Mailscanner + Postfix

Fri Jul 11 15:27:22 IST 2003

Hello all...

Bit slow to reply on this one, been a bit distracted...

>I am only a new person at this but on the face of it there would appear >to be two ways that my be better at doing this but I am not at all sure if >they would work with MailScanner.

>1 is to use the 'content_filter=' directive in /etc/postfix/main.cf. I would
>guess that this is a NO but thought I would ask!!

Yes. This is is a NO ;)

The Postfix content_filter explicitly works on the basis that the 'filter' re-injects mail into Postfix using SMTP. If you really want to do this, Amavis does it, but compared to MailScanner, Amavis is... well.

>2. Would it be possible to adapt the process used for anomy as detailed >on:
>http://advosys.ca/papers/postfix-filtering.html ? .....creating a filter
>script to move the files/invoke mailscanner and define this script as a 
>new service in /etc/postfix/master.cf?

This looks to be the way that old versions of Amavis used to work, before it became a horrendous SMTP-server emulating (badly) monster.
It doesn't really differ tremendously from the content_filter method.

I'm running a solitary instance of Postfix method in production, suggested by another member of the list.

I have header_checks defined in main.cf:

header_checks = pcre:/etc/postfix/header_checks

And then, in there I have:

/^Received:.*by .*\.lshtm.ac.uk \(Postfix\)/ HOLD

As a result of this, any mail being relayed through the 
system (which results in a 'Received:' header being added),
gets 'held' which puts the mail in:

/var/spool/postfix/hold

so I have 

Incoming Queue Dir = /var/spool/postfix/hold

in MailScanner.conf.

Outgoing is as normal:

Outgoing Queue Dir = /var/spool/postfix/incoming

... and this works.

Locally generated messages (like cron reports) from the box itself
bypass this whole thing, but my box is a gateway with no local users.

I had to adopt this method because I was using address verification, and the method that employs deferring the queues doesn't work too nicely with this (the address checks get deferred). This problem is fixed in newer versions of Postfix (you can specify the 'verify' service as having a different transport), but I'm still happier only running one version of Postfix.

The main weirdness with similar methods and things like Amavis is ending up with essentially two 'chains' of activity in a log, where a message is received, and then re-injected after scanning. With the above, log analysis is now a lot more easier.

...

--------------------------------------------------------------------------------------------------->
Peter Bates, Systems Support Officer, Network Support Team.
London School of Hygiene & Tropical Medicine.
Telephone:0207-958 8353 / Fax: 0207- 636 9838 