Marcin Rzepecki a écrit :
> Hello,
>
> I have configured DSPAM to act as a deamon and bind it to Postfix via
> LMTP:
> # forward to dspam
> smtp inet n - n - - smtpd
> -o content_filter=lmtp:unix:/var/run/dspam/sock
> # back route from dspam
> 127.0.0.1:10026 inet n - n - - smtpd
> -o content_filter= -o smtpd_authorized_xforward_hosts=127.0.0.0/8
> -o
> receive_override_options=no_unknown_recipient_checks,no_header_body_checks
> -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o
> smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject -o
> mynetworks=127.0.0.0/8
>
> It works fine, but such configuration makes Postfix to filter all messages
> that
> are relayed to other domains too. That produces unneeded load and makes
> dspam to create new databases depend on message recipient, so it's very
> bad behavior :)
> How to make to filter only incoming mail for specific domains (e.g. from
> $my_destination) and let the other to be relayed without any checks?
>
[methdo 1]
configure dspam... for example, if using mysql as a backend, don't set
AUTO_INCREMENT in the "virtual users" table, or don't give dspam write
access to this table. dspam may complain in logs, but it's ok.
[method 2]
if you want skip filtering when mail comes from mynetworks when the user
was authenticated:
smtpd_sender_access =
check_client_access pcre:/etc/postfix/filter_msa
permit_mynetworks
permit_sasl_authenticated
check_client_access pcre:/etc/postfix/filter_default
== filter_msa:
/./ FILTER relay:[127.0.0.1]:10026
== filter_default
/./ FILTER lmtp:unix:/var/run/dspam/sock
[method 3]
if you want per recipient filtering, setup multiple instances and use
transport_maps to pass mail to the filter (no content_filter setting).
The reason this won't work with a single instance using content_filter
(or FITER) is because if mail has multiple recipients, only one filter
is selected.
