spamhaus-XBL
Jason
pg at NEWHONEST.COM
Tue Mar 15 14:56:46 GMT 2005
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Oh that's quite a lot of information. I think I need some time to totally
understand them. Thanks a lot.
my test server is centos 4.0, which has postfix2.1.5
Jason
----- Original Message -----
From: "Frank Louwers" <frank at OPENMINDS.BE>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: Tuesday, March 15, 2005 10:43 PM
Subject: Re: spamhaus-XBL
> On Tue, Mar 15, 2005 at 10:24:06PM +0800, Jason wrote:
>> Frank,
>>
>> I'm now using sendmail, but actually considering switching to postfix. I
>> would be most appreciate if you could send me the config. Thanks.
>
> If you consider migrating to postfix, I recommend migrating to postfix
> 2.1.x. We still use 1.x on some hosts, including our main auth-smtp
> server.
>
> When reading the docs about integrating postfix 1.x and mailscanner,
> you'll notice you'll basicly need 2 postfixes: an "incomming" one that
> listens on port 25 and puts all mails in a queue, and and "outgoing" one
> that gets fed by MailScanner. The config files for the "incomming" one
> are in /etc/postfix.in, the files for the "outgoing" ones are in
> /etc/postfix.
>
> In my /etc/postfix.in/master.cf, I have:
>
> smtp inet n - n - - smtpd
>
> (norman entry, tells postfix to listen on port 25 for incomming smtp
> mails) and another entry:
>
> 587 inet n - n - - smtpd -o
> smtpd_client_restrictions=permit_sasl_authenticated,reject -o
> content_filter=authsmtpheader
>
> This tells postfix to listen on port tcp/587 as well, with following
> restrictions:
> - require sasl_authenticated users, otherwise reject the ma
> - use "authsmtpheader" as contentfilter.
>
> Authsmtpheader is defined as follows (in the same master.cf file):
>
> authsmtpheader unix - n n - - pipe
> flags=Rhu user=mailboxes argv=/usr/local/sbin/authsmtpheader.pl
> ${recipient} ${sender}
>
> This is a copy of /usr/local/sbin/authsmtpheader.pl:
>
> --- begin /usr/local/sbin/authsmtpheader.pl
>
> #!/usr/bin/perl
> use strict;
> use Mail::Audit; # Audit mails
> ## apt-get install libmail-audit-perl if you use Debian
>
>
> ################################################
>
> my $m_au = Mail::Audit->new( );
>
> # Add Header
> $m_au->put_header('X-Openminds-Authenticated-By',"tango");
>
> # We get recipient as ARGV[0]:
> my $recipient = $ARGV[0];
>
> # We get sender as ARGV[1]:
> my $sender = $ARGV[1];
>
> # Re-inject mail into postfix system. As we use /usr/sbin/sendmail, the
> "outgoing" postfix gets used.
> # This means:
> # - bypass mailscanner on local box
> # - all other mailscanners will see connections from tango, so no
> problems with clients on dynamic/blacklisted ips etc.
>
> $m_au->pipe("/usr/sbin/sendmail -i -f $sender $recipient");
>
> ## Done
> exit(0);
>
> --- end /usr/local/sbin/authsmtpheader.pl
>
> I add the extra header for trackability and to add a -20 score to all
> mails that have it...
>
> Kind Regards,
> Frank Louwers
>
> --
> Openminds bvba www.openminds.be
> Tweebruggenstraat 16 - 9000 Gent - Belgium
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list