Let postfix bypass MailScanner for specific recipients

Hugo van der Kooij hvdkooij at vanderkooij.org
Sun Jan 13 14:29:53 GMT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I have the need to bypass MailScanner for specific recipients which I
can define as regular expression. I was oping to do this much in the way
I definne custom reject messages without the need of large line in
access tables.

Un fortunatly this does not work as planned as nothing gets put on HOLD
anymore.

So this is what I did:

~ 1. in main.cf

header_checks = regexp:/etc/postfix/regexp/header-checks

#       Classifications
smtpd_restriction_classes =
~        work_MS,
~        reject_RFC,
~        reject_auto,
~        reject_auto_virus,
~        reject_domain,
~        reject_dynamic,
~        reject_infected,
~        reject_spam,
~        reject_user
work_MS = check_client_access regexp:/etc/postfix/class/work_MS
reject_RFC = check_client_access regexp:/etc/postfix/class/reject_RFC
reject_auto = check_client_access regexp:/etc/postfix/class/reject_auto
reject_auto_virus = check_client_access
regexp:/etc/postfix/class/reject_auto_virus
reject_domain = check_client_access regexp:/etc/postfix/class/reject_domain
reject_dynamic = check_client_access
regexp:/etc/postfix/class/reject_dynamic
reject_infected = check_client_access
regexp:/etc/postfix/class/reject_infected
reject_spam = check_client_access regexp:/etc/postfix/class/reject_spam
reject_user = check_client_access regexp:/etc/postfix/class/reject_user

~ 2. in class/work_MS:

/To: loopback at .*\.waakhond\.net/        OK
/./                                     HOLD

~ 3. in regexp/header-checks:

/^Received:/                           work_MS


While in the past it would point straight to HOLD in the
regexp/header-checks file

I can imagine it would be an issue with the check_client_access stuff.
But then I should be able to simplify this by using the following lines
in the regexp/header-checks:

/To: loopback at .*\.waakhond\.net/        OK
/^Received:/                            HOLD

While this put all the incoming messages one again in the hold queue it
also does this for the ones I wan to exclude.

The simple reason is that the loopback account eats email and checks
each message on a number of keys and if all of them match will log the
arrival time matched to the keys. As MailScaner will add extra delay and
~ most importantly a very flexible amount of delay the time measurements
on the messages becomes tainted.

So you may now understand why I wan tthe bypass to work selectively and
am not worried about an incidental spam message ending up there.

Any suggestions to make this actually work?

Hugo.

- --
hvdkooij at vanderkooij.org               http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc

	A: Yes.
	>Q: Are you sure?
	>>A: Because it reverses the logical flow of conversation.
	>>>Q: Why is top posting frowned upon?

Bored? Click on http://spamornot.org/ and rate those images.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHiiBeBvzDRVjxmYERAiX6AJ9BD0Blzbuo9zNLA+WtNxKLB+us4gCfcQ12
UHqx4VIKwEX+mXD8AdjYs2Q=
=cDKF
-----END PGP SIGNATURE-----


More information about the MailScanner mailing list