On Wed, Apr 08, 2015 at 11:44:04AM +0200, Joerg Jung wrote: > Hi, > Hi,
> > [...] > > I know about clamsmtp, spampd etc. which check/tag *after* queuing. But > since I prefer not to annoy my users with quarantine (web-interfaces), > ***SPAM*** subjects, spam folders, or similar things I want to ask: Is > there any chance to filter/check for spam *before* queueing with > opensmtpd? > Well, one way would be to put spampd in front of OpenSMTPD and have it process all mail before passing it to the MTA. > > Side note: It looks like some lawyers say, once it is queued > one is not allowed to delete (silently). > Yes, the goal of opensmtpd is to take all necessary steps to ensure that mails don't get lost so once in queue, it HAS to be delivered somewhere, or a mailer daemon has to be generated. > With my old milter setup (spam) mail is blocked by sendmail if > spamassassin/clamav says so and *not* queued. > Well, you could write a filter to reject the message if the body contains a header set by spamassassin/clamav and achieve the same. > I do not need to stick with spamassassin, switching to dspam, > mailscanner, rspamd, whatever would be okay, as long as I find an easy > way to scan before queueing. In fact I played with dspam as it does not > rely on additional daemons like clamsmtp and spampd and can speak LMTP > directly with opensmtpd (while also calling clamav on its own). Thus > this would really simplify the setup. But for the queueing I need > something like: > "accept from any for domain <domains> virtual <users> && no queue && > relay via lmtp://127.0.0.1:2525" > while returning the error code of LMTP session back to sender... I guess > this is not possible? > > Side question: it is not possible to relay via LMTP to local unix domain > socket instead of IP socket, right? e.g.: > ... relay via lmtp:///var/dspam/dspam.sock > only when using "deliver to lmtp" (see man smtpd.conf) > I know about opensmtpd-extras and have seen the filters, but these are > not yet enabled and ready for production, right? Writing my own filter > to check spam (similar as milter does) seems to be possible and I think > I have the C skills to handle this. But since this is a production > server I need something stable, e.g. can not rewrite the filter every n > months to adjust the needs for the (not yet enabled) unstable API. > true > I also know about spamd, but that is not really an option for now as the > server speaks v6 and STARTTLS, moreover I have legacy users which AUTH > on port 25 as well. This does not play well with spamd. > I also scan outgoing mails, as I really do not trust the users. > > Any hints and insights are welcome, maybe someone has a similar setup? > I don't ;-) -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org