bo320 wrote:
> Hi all,
> For the company i do have a 1-server setup with postfix, amavis, spamassassin
> and clamav. On the server their are the mailboxes of the user (imap)
> Only sasl authenticated users can send email trough the server.
> Now i do have the problem that very often the email of the sasl users are
> beeing tagged as spam.
> i have been considering to put "permit_sasl_authenticated" in
> "smtpd_client_restrictions" to (besides in "
> smtpd_recipient_restrictions") but that blocks all the email from clients
> which aren't users, which is all the "normal" incoming email.
> For the time beeing i have been whitelisting the users in spamassassin but
> that doesn't stop sasl users beeing blocked by RBL's every now an then
> (depending on where they send their mail from).
> Does anyone have a clue how to solve this properly?
> Thanks in advance!
You can have sasl auth users come in on a different IP address
or different port. This requires they reconfigure their MUAs:
# break out smtp service to original IP
192.168.1.113:smtp inet n - n - - smtpd
#now we need the loopback interface added back in:
127.0.0.1:smtp inet n - n - - smtpd
#set up additional IP addresess for auth users, send to policy bank:
192.168.1.114:smtp inet n - n - - smtpd
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o content_filter=smtp-amavis:[127.0.0.1]:10026
Then policy bank setup in amavisd.conf:
$inet_socket_port = [10024, 10026]; # change from original
$interface_policy{'10026'} = 'AUTHENTICATED';
$policy_bank{'AUTHENTICATED'} = { # mail originating from AUTHENTICATED USERS
bypass_spam_checks_maps => [1], # don't spam-check outgoing mail
};
More examples and other ideas:
http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks-ex
See Example 3 for an example that would not require your users
to change their setup.
http://marc.theaimsgroup.com/?l=amavis-user&m=114494779227951&w=2
http://marc.theaimsgroup.com/?l=amavis-user&m=109832320011897&w=2
Gary V
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
