Daniel, > I'd like to create rule for my amavisd-new with foillowing checks: > - if sender IP is localhost (127.0.0.1) > - if sender is apache or [EMAIL PROTECTED] (mail is sent from PHP using mail() > function) > - X-Client-IP extra header must exists else reject message > - if X-Client-IP exists, check if IP is in RBL spammers database, if is > reject otherwise pass > - check content of message (forward to spamassassin)
There are several mechanisms in Postfix, in amavisd-new and in SpamAssassin, each can take care of some of your requirements, but as a whole I don't see a simple solution to your needs. Perhaps I don't understand how your rules are supposed to be chained together (AND / OR / elseif ?) It looks you have a webmailer on 127.0.0.1 which is sending its mail with a fixed sender address, and such mail should be passed unchecked. This is best achieved by adding a dedicated instance of a smtpd service in Postfix (master.cf), which chould only accept mail from 127.0.0.1 (or just bind to a loopback interface only), have disabled content_filter and permit only certain sender addresses, rejecting the rest. This is a rather basic Postfix setup question. Your webmail should then submit its mail only to this dedicated smtpd service (either on a nonstandard TCP port or on a dedicated alias IP address, separate from other smtpd services). For a missing X-Client-IP header you could add SpamAssassin rules (e.g. add score 20 to all messages, and a score of -20 to messages that contain X-Client-IP header). The hardest part is to extract an IP address from X-Client-IP header and use it in RBL checks. I believe SA already does a decent job of finding the client IP address from Received headers, provided you configure its trusted_networks and internal_networks settings correctly. Mark ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/