rosca, > > You must not forget that a message can have more than one recipient, > > so a message could be both internal-to-internal and outbound > > at the same time. It is dangerous (and usually incorrect) > > to tack a FILTER in a check_recipient_access, because these > > rules are run multiple times (for each recipient), and only > > the last FILTER setting remains in place. So the resulting > > FILTER would depend on what was the last recipient specified > > (internal or external). > > Infact! I left out this aspect! Indeed, a policy compliant with the my aim > could be to omit virus scanning for outbound messages. In the sense that, > if a message is either internal-to-internal and outbound then the message > would be scanned as well. > > How could obtain this? > Moreover, where is a suitable place where to perform recipient checking?
As a general rule, per-recipient settings require the use of @*_maps lookups (like: a mail destination being local or not), while settings which depend on a property of a message as a whole (like a sender address, client IP address / origin of mail) are best dealt-with through policy banks, selected with a help of a MTA. So, to control virus or spam scanning based on mail destination, use @bypass_*_checks_maps and/or @*_lovers_maps. If you need to control all three possibilities, you need to combine @*_maps with a policy bank: originating recip. is local 0 0 can't happen (open relay) 0 1 inbound 1 0 outbound 1 1 internal-to-internal # a global setting, can be overridden by a policy bank, # so in this case will apply only to inbound mail # @bypass_virus_checks_maps = (); # actually is a default, just illustrating # mail originating from our users, override global settings # $policy_bank{'ORIGINATING'} = { originating => 1, bypass_virus_checks_maps => [ { '.mydomain1.org' => 0, # do not skip check for local rcpts (int-to-int) '.mydomain2.org' => 0, '.' => 1, # skip the check for everybody else (outbound) } ], }; Mark ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/