Tomasz wrote: > Gary V schrieb:
> (...) >>> Is this claim valid? In both cases, you have exactly the same amount of >>> mails to filter. In "pre-queue content filtering" you need to have >>> enough resources to do the filtering during the connection, it's all a >>> function of the amount of emails and the processing power of the >>> filtering server... >> >> On a powerful lightly loaded server it can work. On a heavily loaded >> server it's not practical. Using an after-queue filter allows Postfix >> to buffer messages. > Well, every configuration should be made carefully. If you have enough > processing power, then I wouldn't say "pre-queue content filtering is > the worst of all worlds". > Now, knowing all pros and cons of "pre-queue content filtering" :) - > shall we come back to our topic question, which was: "how to greylist > mails that got certain score (5-10) from amavis"? I would think amavis could only be programmed to do this if it is configured as a before-queue filter. Using amavis as a before-queue filter (while beneficial in some cases) is not recommended or supported so you should probably explore other possibilities. Selective greylisting has been discussed a few times on the Postfix list (and this one too). I personally have had good luck with a patched policyd-weight (that is also patched to use p0f). The author of policyd-weight is working on incorporating these concepts into a production version. http://www.mail-archive.com/[EMAIL PROTECTED]/msg00475.html The settings for greylisting and p0f need to be found in the file: my $GREYLIST_RESPONSE = "check_greylist"; my $P0F_ADDRESS = "127.0.0.1"; # only if p0f is used I personally also set $REJECTLEVEL to 4.5 To use it with Postfix, in main.cf: smtpd_restriction_classes = check_greylist check_greylist = check_policy_service inet:127.0.0.1:60000 # that's postgrey smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_unlisted_recipient check_client_access hash:/etc/postfix/rbl_client_exceptions check_sender_access hash:/etc/postfix/greylist_sender_exceptions check_policy_service inet:127.0.0.1:12525 # that's policyd-weight policyd-weight comes with no init script so one would have to be created or found. There are also other ways to do selective greylisting: http://lists.ee.ethz.ch/postgrey/msg01214.html http://www.arschkrebs.de/postfix/postfix_greylisting.shtml Gary V ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
