Otávio,
> can I have different rules for inbound and outbound traffic ?
Yes, kind of.
Mail routes can be classified into three types:
- outbound
- internal
- inbound
(there would be a fourth type: open relay, if MTA would allow it)
To distinguish among them, two pieces of information
need to be considered:
- is mail originating from inside (or from authenticated roaming users),
or is it coming from 'the wild'
(this is a property of a message as a whole);
- is recipient address (domain) local or not
(this is a per-recipient information, keep in mind
that a message may have multiple recipients);
Putting both properties together yields the following
four combinations:
- outbound = from inside + remote recip
- internal = from inside + local recip
- inbound = from outside + local recip
- open relay = from outside + remote recip
On the amavisd configuration, there are two mechanisms available,
each catering for one propery:
- policy banks:
can be selected based on some global property of a message,
such as whether it is originating from inside or not (policy
bank MYNETS), or some other property, chosen by MTA and
passed to amavisd through a choice of a TCP port number
(e.g. authenticated roaming users, sender's domain, mail size,
phase of the moon, ...);
- @*_maps lists of lookup tables (which reside _within_ policy banks)
typically take a _recipient_ address as their key.
The @local_domains_maps is one of such lookups, and its
result tells (for each recipient) whether it is local or not.
Now all that needs to be done is combine both tools, and a result could
be three distinct settings (for outbound, internal and inbound mail).
Some examples are available in:
http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks
Here is one:
@local_domains_maps = (
['mydomain.example.net', 'myotherdomain.example'],
);
$policy_bank{'MYNETS'} = {
# mail originating from @mynetworks, i.e. outbound or internal mail
originating => 1, # is true in MYNETS by default, but let's make it explicit
bypass_banned_checks_maps => [ # bypass banned check for internal mail
['mydomain.example.net', 'myotherdomain.example'],
],
bypass_spam_checks_maps => [1], # no spam checks for outbound or internal
};
which is actually the same as:
$policy_bank{'MYNETS'} = {
originating => 1,
bypass_banned_checks_maps => [ @local_domains_maps ],
bypass_spam_checks_maps => [1],
};
Mark
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
