Thanks to your help, I think I have found where DSPAM should get called for my setup: in the postfix before-queue content filter. I found the following documentation on postfix which explains quite well how to set this up:
http://www.postfix.org/SMTPD_PROXY_README.html they also state that it should work with any content filter as long as it speaks SMTP. What do you think? I have the feeling that's exactly what we need for our similar setup. On Monday, June 9, 2014 11:38 AM, Reindl Harald <h.rei...@thelounge.net> wrote: Am 09.06.2014 11:13, schrieb ML mail: > In my understanding content filtering such as dspam should > also happen before the transport table/map is being checked > for relaying the mail to the backend mail server but then I must > be missing a parameter again for that which is not explained in > the doc/relay.txt of the dspam package. The documentation only > mentions using virtual transport which I also have configured. uhm - as said - i consider using dspam and only a heavy postfix user but until now not for mail-filter-gateways with multiple destination servers at least "transport_maps" and "virtual_transport" combined may not work as expected because whatever the first transport is wins - in my understanding dspam needs to work inside of smtpd_*_restrictions and any transport happens if a message passes all filters and restricitions however - *how* can dspam work as *pre-queue* filter in context of lmtpd? does it receive the whole message, let the connection open due scanning and if it is spam rejects it? pre-queue is important to not get a backscatter please consider asking that in detail on the postfix-uers list because there are a lot of expierienced users, i am not at the point testing this since i wait for CentOS7 and in general your goal is very similar to my plans > Below is the output of y postconf -n: > > alias_database = hash:/etc/aliases > alias_maps = hash:/etc/aliases > append_dot_mydomain = no > biff = no > config_directory = /etc/postfix > inet_interfaces = allowed > mailbox_command = procmail -a "$EXTENSION" > mailbox_size_limit = 0 > mydestination = mx.domain.tld, debian, localhost.localdomain, localhost > myhostname = debian > mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 > myorigin = /etc/mailname > readme_directory = no > recipient_delimiter = + > relayhost = > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache > smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) > smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem > smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key > smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache > smtpd_use_tls = yes > transport_maps = hash:/etc/postfix/transport > virtual_mailbox_domains = mydomain.com > virtual_mailbox_maps = pgsql:/etc/postfix/vmailbox.cf > virtual_transport = lmtp:unix:/run/dspam.sock > > On Monday, June 9, 2014 10:17 AM, Reindl Harald <h.rei...@thelounge.net> > wrote: > Am 09.06.2014 09:50, schrieb ML mail: >> I was assuming that this relay guide was a full howto, my bad. >> >> Now as pointed out by yourself and Reindl I have added a transport table to >> my postfix >> configuration in order to relay the mails to the backend server. For that >> purpose I >> have added the following configuration to postfix: >> >> transport_maps = hash:/etc/postfix/transport >> >> The content of my transport file looks like this: >> >> mydomain.com smtp:mybackendserver.domain.tld >> >> >> The problem here with this new configuration is that my postfix does not >> pass the mail >> to dspam anymore for scanning, so the mail simply goes through directly >> unscanned to >> the backend server. Am I missing something else? > > i am currently not a dspam user but considering it in exactly such a setup > and would expect it to work a *pre-queue* filter which is the only correct > way of reject spam which normally means the transports after the spamfiler > because the filter belongs in smtpd_*_restricitions somehow > > maybe the output of "postconf -n" could help to fugure out your setup > > the reason why i plan such a setup is: > > * dedicated MX as filter repalcing a Barracuda Networks appliance > * different target servers per domain solved with a transport table > * the final destinations are dbmail and so all infos already in mysql > * a simple script should maintain the local users table and transports > > my planned order: > > * postscreen / rbl scoring > * maybe greylisting > * clamav > * DNS whitelists to bypass contentfilter > * contentfilter (dspam, spamassassin...) > * transport table to deliver ham to final destiantion ------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://www.hpccsystems.com _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user ------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://www.hpccsystems.com _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user