>integrate ASSP as a post-queue filter using amavisd-new
Don't try this! Use assp instead of amavis-new. The postfix config should
be the same in both cases. The listeners and targets in assp should be
configured according to amavis-new (the same way).
For outgoing mails, the config would be different. You'll need to
implement a second post-filter in postfix, with assp's relayPort as
target.
Thomas
Von: "Charles Marcus" <char...@cocosolutions.com>
An: "ASSP development mailing list" <assp-test@lists.sourceforge.net>
Datum: 11.06.2019 18:15
Betreff: Re: [Assp-test] Question re: ASSP as post-queue filter
Thanks Thomas,
Looks like an interesting setup. Personally I'm interested in diving into
it more, and maybe will even attempt to duplicate it (but looks like I'd
need more details before being able to attempt that).
But I discussed this with my boss, and he is firm with the decision to use
postfix with its postscreen pre-queue-filter (and its secondary anti-spam
in-queue checks providing additional reject-only filtering) as the
perimeter SMTP server. This is due to the fact that it is written in C,
and its quality, performance, robustness and stability is second to none.
Any additional anti-spam filter would have to be post-queue.
So... I'm curious... maybe this is something you could put on the roadmap?
A supported way to integrate ASSP as a post-queue filter using
amavisd-new, providing only its scoring, quarantine management and
reporting capabilities?
If this simply isn't something that interests you, I understand, but to
me, this would be the best of both worlds, because I cannot disagree with
the reasoning to use postfix as the perimeter SMTP server.
Thanks again,
Charles
On 6/6/2019, 12:37:57 PM, Thomas Eckardt <thomas.ecka...@thockar.com>
wrote:
Welcome back Charles. I missed your smart comments for a long time.
I never used assp this way. It may be possible to implement assp as a
milter or like amavis-new, but the postfix config and the assp config will
become very complex (IMHO). It may be also the case, that some assp
features will not work like expected: for example block reporting, the
email interface and resend functions. I think you'll need separate
listeners for this purposes.
I don't think that assp in front of postfix will break any postfix
function. ASSP supports X-FORWARD and is able to tell postfix everything
that is needed (connected IP and HELO).
Even MTA-STS and DANE can be implemented with ASSP, if it knows all
required certificates and SNI is right configured.
Currently I use the following "construct" for incoming mails
internet
| LDAP
-< assp >----------------------------------
| | |
L| MTA (domain based routing) ---> other domains mail server
D| |
A| amavis-new (with selfmade (unique) recursive
atomic-decompression/decomposing engine for really every content) -->
something based on peekabooAV (peekaboo-T.E.) --> cuckoo
P| | cuckoo (with Brain-IRMA - 9 virus scanners) advanced
sandbox behavior analysis
| |
-> my mail server
ASSP works like normal, decomposes recursive all attachments to its atom
files and tags the mail for amavis(cuckoo) if there is any doubt -> "hello
amavis, advanced analysis required for this email"
appliance based on ubuntu 19.3 [
amavis-new (code is not modified) - but got 50k of extensions using the
default API's + a database + a very nice web-gui for all components (incl.
quarantine) based on grafana
peekaboo-TE - the code is changed by me to get amavis and cuckoo working
on emails together, using advanced configuration options
cuckoo - full featured - unchanged based code (except the main html page
got two additional links) - full customized signatures and YARA
]
Nothing breakes this. Nothing beats this (except some 100.000$ solutions).
Only silence.
Thomas
Von: "Charles Marcus" <char...@cocosolutions.com>
An: "'ASSP development mailing list'"
<assp-test@lists.sourceforge.net>
Datum: 06.06.2019 16:26
Betreff: [Assp-test] Question re: ASSP as post-queue filter
Hello,
I used to use ASSP a long, long time ago, and really loved the way its
Spam Reports worked, but ended up having to switch for political reasons,
then years later, the boss decided to migrate to Office 365.
Now I may have the opportunity to switch us back to a self-hosted linuz
system running postfix and dovecot, but I would also like to incorporate
ASSP into the mix.
One requirement, though, is that postfix is on t he front line using its
new postscreen tech to eliminate 90+% of the bad guys with zero false
positives.
Will it be possible to incorporate ASSP as an after queue filter, maybe
using amavint-new or a milter, and still be able to take advantage of
ASSPs spam reporting capabilities?
Thanks,
Charles_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
