Azfar wrote:
> Can I use amavisd-new+postfix setup for outbound email filtering.
Yes of course. It's mainly a matter of authenticating the client(s) so
they are allowed to relay through your box (so they are not rejected by
the reject_unauth_destination restriction in smtpd_recipient_restrictions)
Typically include the client(s) in Postfix mynetworks:
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination
or authenticate them via SASL (which requires additional setup in
several areas):
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
Then you can think about adding a policy bank if you want these clients to
override some of the amavisd-new settings. This is often done via the
MYNETS policy bank:
@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
!192.168.1.1 192.168.1.0/24 );
$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
virus_admin_maps => ["[EMAIL PROTECTED]"], # alert of infected local hosts
spam_admin_maps => ["[EMAIL PROTECTED]"], # alert of internal spam
spam_kill_level_maps => [8.0], # slightly more permissive spam kill level
spam_dsn_cutoff_level_maps => [15],
banned_filename_maps => [
new_RE(
# block double extensions in names:
qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
# allow any name or type (except viruses) within an archive:
[ qr'^\.(Z|gz|bz2|rpm|cpio|tar|zip|rar|arc|arj|zoo)$' => 0],
# blocks MS executable file(1) types, unless allowed above:
qr'^\.(exe-ms)$',
),
],
};
If you have an Exchange server (for example) you could put that
server's IP address in mynetworks and then configure the Exchange
server to use the Postfix box as a smarthost. Just make sure your
relayhost setting in main.cf (if used at all) is not pointing to the
Exchange server, or you would cause a loop.
There are other methods, like using check_client_access:
http://www200.pair.com/mecham/spam/bypassing.html#5
Gary V
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
