>> > > If you are using Postfix, the following smtpd_recipient_restrictions work > well for us. Note that you need to install policy-spf-python before you can > use the last directive.: > > smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, > reject_invalid_hostname, reject_unauth_pipelining, reject_non_fqdn_sender, > reject_unknown_sender_domain, reject_non_fqdn_recipient, reject _unknown_recipient_domain, check_policy_service unix:private/policy-spf
great stuffs I used reject_unknown_recipient_domain before. Now I do NOT use it. > policy-spf-python in Ubuntu is installed as follows: > > sudo apt-get install postfix-policyd-spf-python > > Then in your postfix master.cf you add the following: > > # ==== PYTHON SPF POLICY BELOW THIS LINE. ENABLE IF YOU WISH TO USE > policy-spf unix - n n - - spawn > user=nobody argv=/usr/bin/policyd-spf > # === PYTHON SPF POLICY ABOVE THIS LINE === > > > I'm also guessing you are using postscreen > >> >> > Here is a blocked spamas an example: >> > >> > X-Spam-Status: Yes, score=8.308 tag=-999 tag2=5.5 kill=7.5 >> >> Did you receive this mail since score = 8.3? >> >> Pls set final_spam_destiny to D_DISCARD in this way. >> >> >> $final_spam_destiny = D_DISCARD; >> >> It is worth to have below 2 lines to D_DISCARD as well. >> >> $final_virus_destiny = D_DISCARD; >> $final_banned_destiny = D_DISCARD; >> > > I would like to add that you should NEVER block your customers email. You > don't have to pass them to their mailbox necessarily but you should dump them > to a quarantine directory and release if needed. I have seen many situation > where the system has marked a message as spam or a virus for that matter even > though it was not and your customers are looking for that e-mail so you don't > want to be that guy. You accomplish that like as follows in your amavis conf > file: > > $virus_quarantine_method = 'local:virus/%m'; > $spam_quarantine_method = 'local:spam/%m'; I do not use above 2 lines. I think it is set to default since I can release quarantine mail with amavisd-release command. > $banned_files_quarantine_method = 'local:banned/%m'; I think the above is also a default setting. > $bad_header_quarantine_method = 'local:bad_header/%m'; yes, I use the above line due to this line $bad_header_quarantine_method = undef; I use below 2 lines to release mails $bad_header_quarantine_method = 'local:badh-%m'; $bad_header_quarantine_to = 'bad-header-quarantine'; anyway, having those settings OK too. good source https://www.mail-archive.com/[email protected]/msg04356.html >> > >> > score BAYES_99 4.5 # was 3.5 >> > score BAYES_999 2.0 # was 0.2 >> >> I do NOT conceder the above stuffs so much. I go with defaults. >> > > I agree with above. Keeping with defaults is usually best. You should > concentrate on doing everything else before you start messing around with the > scores. > > > > -- > > Hermes Secure Email Gateway > Hermes Secure Email Gateway combines Open Source technologies such as > Postfix, Apache SpamAssassin, ClamAV, Amavisd-new, MySQL and CipherMail under > one unified web based Web GUI for easy administration and management of your > incoming and ougoing email for your organization. Anti-spam, anti-virus and > anti-malware protection, encrypted S/MIME, encrypted PDF and SMTP TLS > support, built-in email archiving, end-user self-service web gui. > > Download the free open-source appliance at: > http://www.deeztek.com/hermes-secure-email-gateway/ > > > -- cat /etc/motd Thank you Indunil Jayasooriya http://www.theravadanet.net/ http://www.siyabas.lk/sinhala_how_to_install.html - Download Sinhala Fonts
