Alex, > Hi,
> I have a relatively simple configuration, with a bunch of remote users > on an old Linux box with postfix and an older amavisd-new. I believe I > have postfix configured correctly, but no matter what I do, I can't > prevent amavisd from having spamassassin filter mail from > authenticated users from its own domain. > I believe this is the relevant "postconf -n" output: > mydestination = $myhostname, localhost.$mydomain, mail.$mydomain, > www.$mydomain, > ftp.$mydomain > myhostname = corpAdomain.com > myorigin = $mydomain > relay_domains = $mydestination, corpAdomain.com > smtpd_recipient_restrictions = > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > check_client_access hash:/etc/postfix/pop-before-smtp, > permit_mynetworks, > reject_unauth_destination, > reject_non_fqdn_hostname, > reject_unknown_sender_domain, > check_client_access hash:/etc/postfix/client_access, > check_client_access pcre:/etc/postfix/client_access.pcre, > check_recipient_access pcre:/etc/postfix/recipient_access, > check_helo_access hash:/etc/postfix/helo_access, > check_sender_access hash:/etc/postfix/sender_access, > check_recipient_access pcre:/etc/postfix/recipient_access.pcre > I've even added the whole class C network to $mynetworks and it still > passes it through spamassassin. For amavisd.conf, I have: > @bypass_virus_checks_acl = qw( mail.corpAdomain.com .mail.corpAdomain.com ); > @bypass_spam_checks_acl = qw( mail.corpAdomain.com .mail.corpAdomain.com ); > @local_domains_acl = ( "." ); # all domains > What could I be missing? Please let me know if any further information > is necessary to help troubleshoot this. If you've set "content_filter=" in main.cf then all mails passes amavisd. So you must define some exceptions... If the restriction "permit_mynetworks" is true then postfix only stops to check further restrictions - content filtering is still active. The easiest way is to bypass scanning for authenticated users is to let them submit their mails through the submission port (TCP 587) rather than through the standard SMTP port and route this messages through a different policy bank. More info: http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks-ex For examples how to bypass sasl authenticated users see: http://marc.info/?l=amavis-user&m=125302838227714&w=2 http://www200.pair.com/mecham/spam/bypassing.html#10 Daniel ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
