I had a user that has a 3G data dongle and we found that their messages were being discarded. SpamAssassin was identifying the sender IP as from a DUL and assigned a very high score. I realized that I had not set the content-filter to be excluded for submission users, so I went and did that in master.cf:
submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o content_filter= At this point, the user could now send mail via submission, but only to EXTERNAL users. Any mail set for local users was still getting tested by amavisd-new and thus SA, and thus getting rejected. Here is the mail.log: Nov 19 12:08:21 extranet postfix/smtpd[27677]: warning: 114.75.3.145: hostname 114.75.3.145.optusnet.com.au verification failed: Name or service not known Nov 19 12:08:21 extranet postfix/smtpd[27677]: connect from unknown[114.75.3.145] Nov 19 12:08:24 extranet postfix/smtpd[27677]: 384BF1E880EA: client=unknown[114.75.3.145], sasl_method=PLAIN, sasl_username=sen...@domain.com Nov 19 12:08:24 extranet postfix/cleanup[27681]: 384BF1E880EA: message-id=<981e4e91-c396-412f-8d55-6f93f26a3...@domain.com> Nov 19 12:08:25 extranet postfix/qmgr[15871]: 384BF1E880EA: from=<sen...@domain.com>, size=57892, nrcpt=1 (queue active) Nov 19 12:08:25 extranet postfix-local[27944]: postfix-local: from=sen...@domain.com, to=recipi...@domain.com, dirname=/var/qmail/mailnames Nov 19 12:08:25 extranet postfix-local[27944]: hook_dir = '/usr/local/psa/handlers/before-local' Nov 19 12:08:25 extranet postfix-local[27944]: recipient[3] = 'recipi...@domain.com' Nov 19 12:08:25 extranet postfix-local[27944]: handlers dir = '/usr/local/psa/handlers/before-local/recipient/recipi...@domain.com' Nov 19 01:08:26 extranet postfix/pickup[13775]: 216641E880EF: uid=110 from=<sen...@domain.com> Nov 19 12:08:26 extranet postfix/cleanup[27681]: 216641E880EF: message-id=<981e4e91-c396-412f-8d55-6f93f26a3...@domain.com> Nov 19 12:08:26 extranet postfix/pipe[27698]: 384BF1E880EA: to=<recipi...@domain.com>, relay=plesk_virtual, delay=2, delays=1.8/0/0/0.17, dsn=2.0.0, status=sent (delivered via plesk_virtual service) Nov 19 12:08:26 extranet postfix/qmgr[15871]: 384BF1E880EA: removed Nov 19 12:08:26 extranet postfix/qmgr[15871]: 216641E880EF: from=<sen...@domain.com>, size=58088, nrcpt=1 (queue active) Nov 19 12:08:29 extranet postfix/smtpd[27719]: CD6EC1E880EA: client=unknown[114.75.3.145] Nov 19 12:08:29 extranet postfix/cleanup[27681]: CD6EC1E880EA: message-id=<981e4e91-c396-412f-8d55-6f93f26a3...@domain.com> Nov 19 12:08:29 extranet postfix/smtpd[27719]: disconnect from localhost.localdomain[127.0.0.1] Nov 19 12:08:29 extranet postfix/qmgr[15871]: CD6EC1E880EA: from=<sen...@domain.com>, size=58565, nrcpt=1 (queue active) Nov 19 12:08:29 extranet amavis[26386]: (26386-02) Passed SPAMMY, [114.75.3.145] [114.75.3.145] <sen...@domain.com> -> <recipi...@office.p3.com.au>, Message-ID: <981e4e91-c396-412f-8d55-6f93f26a3...@domain.com>, mail_id: 4NBOTooBA2EW, Hits: 9.651, size: 58074, queued_as: CD6EC1E880EA, 3714 ms Nov 19 12:08:29 extranet postfix/lmtp[27712]: 216641E880EF: to=<recipi...@office.p3.com.au>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.7, delays=0.01/0/0/3.7, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=26386-02, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as CD6EC1E880EA) Nov 19 12:08:29 extranet postfix/qmgr[15871]: 216641E880EF: removed It seems that 384BF1E880EA is the message coming in via submission and it is happily accepted without being content-filtered. But then it seems to be run through processes again, obviously following different parameters than the ones I set in submission, as message CD6EC1E880EA is run through SA. Can I & how do I stop these local emails sent via submission from getting run through the content-filter? -- Here is some of my non-default config -- master.cf: amavisfeed unix - - n - 2 lmtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings -o local_header_rewrite_clients= -o smtpd_milters= -o local_recipient_maps= -o relay_recipient_maps= plesk_virtual unix - n n - - pipe flags=DORhu user=popuser:popuser argv=/usr/lib/plesk-9.0/postfix-local -f ${sender} -d ${recipient} -p /var/qmail/mailnames plesk_saslauthd unix y y y - 1 plesk_saslauthd status=5 listen=6 dbpath=/plesk/passwd.db And here is the output of postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases bounce_queue_lifetime = 18h command_directory = /usr/sbin config_directory = /etc/postfix content_filter = amavisfeed:[127.0.0.1]:10024 daemon_directory = /usr/libexec/postfix debug_peer_level = 2 debug_peer_list = 122.110.171.251 delay_warning_time = 2h html_directory = no inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maximal_queue_lifetime = 18h message_size_limit = 20480000 mydestination = $myhostname, localhost.$mydomain, localhost mynetworks = 127.0.0.0/8, 122.201.102.31/32 newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_send_xforward_command = yes smtp_tls_security_level = may smtp_use_tls = no smtpd_authorized_xforward_hosts = 127.0.0.0/8 smtpd_client_restrictions = smtpd_recipient_restrictions = permit_mynetworks, check_client_access pcre:/var/spool/postfix/plesk/no_relay.re, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, check_client_access pcre:/var/spool/postfix/plesk/non_auth.re smtpd_tls_cert_file = /etc/postfix/postfix_default.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_security_level = may smtpd_use_tls = yes soft_bounce = yes transport_maps = hash:/var/spool/postfix/plesk/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual virtual_gid_maps = static:31 virtual_mailbox_base = /var/qmail/mailnames virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains virtual_mailbox_maps = hash:/var/spool/postfix/plesk/vmailbox virtual_transport = plesk_virtual virtual_uid_maps = static:110 This is my first post, so please forgive me if I've done something wrong or stupidly. Thank you!