On Tue, 31 Jul 2007 10:41:44 +0200 Mark Martinec <[EMAIL PROTECTED]> wrote:
> Bartek, > > > I was wondering, if there would be a way to tell amavisd not to scan > > messages that were sent by sasl authorized (logged in) users by p0f? > > This would allow to use relatively high scores on windows machines > > sending mail to our system. Right now most of us is unable to do the > > trick, as we cant say what IP numbers our customers are using, and > > penalizing their mail is not very good idea. Maybe some sort of tag > > in message header, like X-SASL-Authorized or something? > > p0f lookup is controled by $os_fingerprint_method, which is a > policy bank setting. > > The trick is to route locally-submitted mail and authenticated > mail coming from roaming users to a dedicated amavisd port which > can load its policy bank with setting that need to apply to local > and authenticated users. > > This is useful for other reasons too, not just to disable p0f. > It can be used to apply less strict checks on mail from our > users, to enable administrator virus or spam notifications > on locally submitted or authenticated mail, to apply disclaimers, > to reroute such mail to a DKIM-signing milter or smtp-proxy, > and for proper pen pals operation on roaming submissions. > > There are a couple of examples at: > http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks-ex > and > http://www.ijs.si/software/amavisd/amavisd-new-docs.html#dkim > > All you need to do extra is to disable p0f in a policy bank > like ORIGINATING: > > $policy_bank{'ORIGINATING'} = { # mail originating from our users > originating => 1, # indicates our client, introduced in amavisd-new-2.5.0 > os_fingerprint_method => undef, > ... > }; > > Mark > But how would amavisd knew that mail is originating, that is it comes from sasl authenticated user? What about case, when amavisd is separated from machine that authenticated user and received the message, to pass it to external amavisd machines? -- Bartłomiej Rutkowski <[EMAIL PROTECTED]> ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
