One of the things the I like to do is use IPTABLES on a Linux machine to redirect certain mailers (that I trust implicitly and KNOW that they can't send infected e-mails) to port 10025 on the box w/ Amavis.
This allows me to not have to worry about sender, recipient, domains, whatever... I know that the originating server is "clean" and protected, so I ship it right to the "I've already been scanned, thank you" port of my mail server. Of course, this assumes a few things: - Your machine w/ amavis is running a new-enough version of Linux to have IPTABLES (although, you could do something similar with the older kernel and IPCHAINS) - You can trust the originating server for ALL mail messages it originates - You are running Postfix as your MTA on the Amavis box, and are using 10025 as the "backside" port that doesn't do content filtering - Your secondary port of Postfix is listening on an IP Address that the originating server can reach. - You have added the originating server's IP Address to the list of hosts to relay for in the config of the secondary port. - Mark Gary V wrote: > Miles wrote: > > >> Hi Folks, >> > > >> I was just fine-tuning some of my anti-virus/spam software and realized >> that my current setup is horribly inefficient. >> > > >> My machine is used primarily for email list management. I use Sympa, >> but I believe which list manager is irrelevant. >> > > >> My setup is pretty standard: >> Linux (Debian) >> Postfix >> amavisd-new >> spamassassin >> clamAV >> > > >> And then I add Sympa to the mix. >> > > >> Every message is scanned on it's way into to the system, before being >> passed on for delivery - i.e., the messages that reach the list manager >> are already scanned. >> > > >> But... the list manager then generates lots and lots of messages from >> each original, and re-inserts all of them into the mail system via a >> basic sendmail statement (executed, of course, by Postfix). The result >> is that each of these copies is needlessly run through the scanning >> process - which is an awful waste of resources. >> > > >> There's got to be a better way. Can anybody suggest one? (Note: of >> course then I'll have to figure out how to deal with messages posted via >> Sympa's web interface.) >> > > >> Thanks much, >> > > >> Miles >> > > I think all you would need to do either disable content_filter or > override content_filter and use a policy bank for the pickup service. > http://www200.pair.com/mecham/spam/bypassing.html#11 > > Gary V > > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > AMaViS-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ > > > ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
