My current setup is this: * Mail is received by postscreen (which filters RBLs
and basic checks) * Passed to smtpd * applies content_filter which passes the
mail to amavis-new port 10024 * Amavis-new passes the mail back on 10025 *
LOCAL mail is sent to the virtual_transport (dovecot LMTP) via socket *
dovecot LMTP uses sieve to sort the mail into a Junk folder if "X-Spam-Status:
yes", among other sorting which can include other thresholds * ALIAS (possibly
remote forwarded) mail is sent out to the Internet (remote: gmail, yahoo,
hotmail, etc) or reinserted to the queue (for local domains).
postscreen is doing RBL checks which cuts down on most of the spam
significantly.No I don't want to have amavis-new reject all mail it suspects is
Spam. Obvious spam was rejected by postscreen.There are some policy reasons for
this. Some folks have different thresholds based on their dovecot preferences.
For local delivery, I have no issues. Mail is sorted out of sight and cleaned
up after a period of time.For ALIAS mapped delivery, I want to discard the
messages which have a header "X-Spam-Status: yes" silently (or maybe redirect
them to a local user where they could be deleted after the fact).
I've explored "smtp_header_checks = regexp:...", however this does not allow
DISCARD at all (recommending this to be a good additionI've explored
"header_checks = regexp:...", however this will discard local mail going to the
LDA and not just that going to the outside worldI'd be open to having them
delivered to a local mailbox as well for later releasing or purging.
As I'm certain this isn't an uncommon problem (I see much discussion about it
on the Internet but no true answers to how to solve or achieve the same
result), can anyone provide some guidance on how to implement this? Effectively
"don't alias mail if it has a header, but do allow the header for local
delivery".
Is there a way for me to create this as a header_check in a cleanup for the
post-filter content which only runs if it's an aliased delivery?Is there a way
to integrate some sort of test whether I want to evaluate the alias in this
workflow?As the alias table comes by way of SQL, I could also provide an extra
field that way if the goto isn't local, if that helps at all. I could also
hard-code a hash table of all such forwards if it helps in some way.
Any help is appreciated.
CONFIG:======virtual_transport = lmtp:unix:private/dovecot-lmtpcontent_filter =
smtp-amavis:[127.0.0.1]:10024smtp inet n - y - 1
postscreensmtpd pass - - y - -
smtpddnsblog unix - - y - 0 dnsblogtlsproxy
unix - - y - 0 tlsproxysmtp-amavis unix -
- - - 5 smtp
-o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes -o max_use=20127.0.0.1:10025 inet n
- - - - smtpd
-o content_filter= -o local_recipient_maps= -o
relay_recipient_maps= -o smtpd_restriction_classes= -o
smtpd_delay_reject=no -o
smtpd_client_restrictions=permit_mynetworks,reject -o
smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o
smtpd_recipient_restrictions=permit_mynetworks,reject -o
smtpd_data_restrictions=reject_unauth_pipelining -o
smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o
smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o
smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0 -o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters======
