On Wed, Oct 23, 2013 at 01:01:36PM -0000, Michiel van Es wrote: > On Wed, October 23, 2013 12:50 pm, Gilles Chehade wrote: > > On Wed, Oct 23, 2013 at 07:42:41AM -0000, Michiel van Es wrote: > >> > >> The config would be like this then right? > >> > >> listen on lo > >> listen on eth0 tls certificate mail.pragmasec.nl auth-optional hostname > >> mail.pragmasec.nl > >> listen on eth0 port 587 tls certificate mail.pragmasec.nl auth hostname > >> mail.pragmasec.nl > >> expire 7d > >> table vdomains "/usr/local/etc/vdomains" > >> table vusers "/usr/local/etc/users" > >> table aliases db:/usr/local/etc/aliases.db > >> # the works > >> listen on lo port 10025 tag CLAM > >> accept for local alias <aliases> deliver to mda "procmail -f -" > >> accept tagged CLAM from any for domain <vdomains> virtual <vusers> > >> deliver to mda "procmail -f -" > >> accept tagged CLAM for any relay > >> accept for any relay via smtp://127.0.0.1:10026 > >> > > > > If you're accepting mail from the outside, then the last should be: > > > > accept from any for any relay via smtp://127.0.0.1:10026 > > This makes a lot of sense! > Doh! >
You might want to rethink your ruleset though because this will turn you into an open relay: accept tagged CLAM for any relay accept for any relay via smtp://127.0.0.1:10026 As you wll accept any mail and pass it to clamav, then you will accept any mail from clamav and relay it. IMO you don't want to use the same rule to match incoming and outgoing mails that you're passing to clamav -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
