Thanks Erik for the suggesion. If I understand correctly, you're
suggesting this as an alternative to what Gary V said.
I'm not using sasl, so I guess that would make it a little bit easier still.
Mike
Erik Petersen wrote:
Setup port 587 for this (aka submission) in master.cf:
smtp inet n - n - - smtpd
-o content_filter=amavis:[127.0.0.1]:10024
-o receive_override_options=no_address_mappings
-o smtpd_client_restrictions=cidr:/etc/postfix/client.cidr
submission inet n - n - - smtpd
-o content_filter=
-o smtpd_etrn_restrictions=reject
-o
smtpd_client_restrictions=permit_sasl_authenticated,permit_mynetworks,reject
-o smtpd_sasl_auth_enable=yes
This way you have port 25 which does local SMTP delivery with RBL checks and
filtering (incoming) and port 587 which does no filtering but only from
clients connection with SASL or those defined as local network hosts
(outgoing). Consider 587 your relay port. This also conveniently bypasses
SMTP port blocking by residential ISPs or corporate firewalls, allowing
authorized accounts to relay from anywhere. Splitting these two type of
traffic is not a bad idea.
HTH
On 12/11/05 9:49 PM, "M. Lewis" <[EMAIL PROTECTED]> wrote:
In the last few days, someone had written in and asked how to do this. I
believe the answer was from Gary. Gary gave two options for doing this.
I chose to do the latter of his two options. But it isn't working for
some reason.
The original thread is here:
http://marc.theaimsgroup.com/?l=amavis-user&m=113415019700881&w=2
I am getting this in the maillog when I try the second method:
Dec 12 00:40:57 moe postfix/smtpd[23856]: warning: access table
hash:/etc/postfix/amavis_internal: with smtpd_proxy_filter specified,
action FILTER is unavailable
Gary's second suggestion was this:
Another way is more specific:
smtpd_recipient_restrictions =
check_client_access hash:/etc/postfix/amavis_internal
permit_mynetworks
reject_unauth_destination
contents of /etc/postfix/amavis_internal
(ip address of the internal server is listed here):
192.168.1.17 FILTER smtp-amavis:[127.0.0.1]:10026
Then in amavisd.conf:
$inet_socket_port = [10024, 10026];
$interface_policy{'10026'} = 'INTERNAL';
$policy_bank{'INTERNAL'} = { # mail originating from the internal server
bypass_spam_checks_maps => [1], # don't spam-check outgoing mail
bypass_banned_checks_maps => [1], # don't banned-check outgoing mail
final_spam_destiny => D_PASS, # insure spam passes
final_banned_destiny => D_PASS, # insure banned files pass
};
--
IBM: Idiots Being Mental
21:05:01 up 4:14, 3 users, load average: 0.09, 0.10, 0.04
Linux Registered User #241685 http://counter.li.org
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
