Hello. Is it correct what I stated in my email? Could someone take a look below and give me an answer to each of my question?
Regards, RS > -----Messaggio originale----- > Da: amavis-users [mailto:amavis-users- > bounces+rocco.scappatura=infracom...@amavis.org] Per conto di Scappatura > Rocco > Inviato: mercoledì 28 giugno 2017 09:34 > A: 'amavis-users@amavis.org' <amavis-users@amavis.org> > Oggetto: R: R: R: R: R: Message quarantined as SPAM > > Hello. > > I easily constructed files: > > /etc/postfix/relay_domains > /etc/postfix/mynetworks.cidr > > Then I set: > > @local_domains_acl = ( > ".$mydomain" , > read_hash('/etc/postfix/relay_domains') > ); > > @local_domains_maps = @local_domains_acl; > > In amavis log now I see a different tag ({RelayedInbound}): > > Jun 28 09:24:05 av8 amavis[21699]: (21699-15) Passed CLEAN > {RelayedInbound}, [xxx.yyy.zzz.uuu]:40882 [xxx.yyy.zzz.uuu] > <a...@example.com> -> <b...@example.org>, Queue-ID: 0C98ED61C4, > Message-ID: <8386362.10890651498634643768.JavaMail.www-data@v080>, > mail_id: 0g9XxEmqcNPj, Hits: 2.2, size: 9179, queued_as: 7DAA4D61CA, 453 > ms > > Even in case neither example.com nor example.org are local domain. > > What change made really implied? > > For @mynetworks instead, I did not still set: > > @mynetworks = @{ read_cidr('/etc/postfix/mynetworks.cidr') }; > > Because at the moment I have: > > @mynetworks = qw( 127.0.0.0/8); > > and: > > $policy_bank{'MYNETS'} = { # clients in @mynetworks > bypass_spam_checks_maps => [1], # don't spam-check internal mail > bypass_banned_checks_maps => [1], # don't banned-check internal mail > bypass_header_checks_maps => [1], # don't header-check internal mail }; > > So I fear that the change that you suggested me, avoid the SPAM scan for > ALL mail departing from my real networks.. > > Is my fear justified? > > Regards, > > RS > > > > -----Messaggio originale----- > > Da: amavis-users [mailto:amavis-users- > > bounces+rocco.scappatura=infracom...@amavis.org] Per conto di Patrick > > bounces+Ben > > Koetter > > Inviato: martedì 27 giugno 2017 15:37 > > A: amavis-users@amavis.org > > Oggetto: Re: R: R: R: R: Message quarantined as SPAM > > > > * Scappatura Rocco <rocco.scappat...@infracom.it>: > > > Hello. > > > > > > Maybe is the line: > > > > > > 50-user:$spam_quarantine_to = 'spam-quarantine'; > > > > > > that has enabled quarantine.. > > > > Quite likely this line enables quarantine. In case you want to disable it: > > > > $spam_quarantine_to = undef; > > > > > > > Moreover, I have the list of 'mynetworks' defined in a mysql DB used > > > by > > postfix, through the following query: > > > > > > select action from access where inet_aton(ip) & inet_aton(mask) = > > > inet_aton('%s') & inet_aton(mask) order by mask DESC limit 0,1; > > > > > > Similarly, I have the list of local domain defined in a mysql DB > > > used by > > postfix, through the following query: > > > > > > select domain from domain where domain='%s' and active='1'; > > > > > > How can I safely import these lists into amavis? > > > > If they change frequently, add a trigger to MySQL that dumps the > > results to tables. If they change only once in a while, create a script that > does the same. > > > > Then import the lists into amavis, using the read_* methods. For example: > > > > @local_domains_maps = ( > > ".$mydomain", > > read_hash('/etc/postfix/relay_domains') > > ); > > > > Or for networks: > > > > @mynetworks = @{ read_cidr('/etc/postfix/mynetworks.cidr') }; > > > > See the RELEASE-NOTES for more information. > > > > p@rick > > > > > > > > > > > > > > > > Regards, > > > > > > RS > > > > > > > > > > > > > -----Messaggio originale----- > > > > Da: amavis-users [mailto:amavis-users- > > > > bounces+rocco.scappatura=infracom...@amavis.org] Per conto di > > > > bounces+Patrick Ben > > > > Koetter > > > > Inviato: martedì 27 giugno 2017 15:16 > > > > A: amavis-users@amavis.org > > > > Oggetto: Re: R: R: R: Message quarantined as SPAM > > > > > > > > * Scappatura Rocco <rocco.scappat...@infracom.it>: > > > > > Hello. > > > > > > > > > > Here, all what you ask for: > > > > > > > > > > 1) @bypass_spam_checks_maps: > > > > > > > > > > 15-content_filter_mode:@bypass_spam_checks_maps = ( > > > > > \%bypass_spam_checks, \@bypass_spam_checks_acl, > > > > > \$bypass_spam_checks_re); > > > > > > > > > > @spam_tag_level_maps = > > > > > ({ > > > > > # 'y...@example.org' => 1.5, > > > > > '.' => 5.0, > > > > > }); > > > > > > > > > > @spam_tag2_level_maps = > > > > > ({ > > > > > # ' y...@example.org ' => 2.0, > > > > > '.' => 6.31, > > > > > }); > > > > > > > > > > @spam_kill_level_maps = > > > > > ({ > > > > > # ' y...@example.org ' => 2.0, > > > > > '.' => 6.31, > > > > > }); > > > > > > > > > > 2) $final_spam_destiny: > > > > > > > > > > 20-debian_defaults:$final_spam_destiny = D_DISCARD; > > > > > 50-user:$final_spam_destiny = D_DISCARD; > > > > > > > > > > 3) $spam_quarantine_method: > > > > > > > > > > 50-user:#$spam_quarantine_method = 'sql:'; > > > > > > > > > > > > You have disabled quarantine in 50-user, but it is enabled > > > > somethere else. It delivers messages to a file based quarantine, > > > > as your original LOG > > shows: > > > > > > > > Jun 22 11:45:48 av8 amavis[22610]: (22610-11) Blocked SPAM > > > > {DiscardedOpenRelay,Quarantined}, [xxx.yyy.zzz.uuu]:50412 > > > > [xxx.yyy.zzz.uuu] <a...@example.com> -> <bbb@mydomain>, > > quarantine: > > > > z/spam-zRJd9Wo5250M.gz, Queue-ID: 8647AD5DBA, Message-ID: > > > > <776AB7C587CC457C95FF35582FC9F0E1@AutoRPZ.local>, mail_id: > > > > zRJd9Wo5250M, Hits: 6.793, size: 77514, 364 ms > > > > > > > > The message has been save to $QUARANTINE/z/spam- > > zRJd9Wo5250M.gz. > > > > > > > > > > > > In order to find out why the message has a different score you > > > > need to set @local_domains_maps correctly, or amavis will not add > > > > the header to the message. > > > > > > > > Add these to 50-user, once you have setup @local_domains_maps, and > > > > amavis will document the rules SA used and how they scored: > > > > > > > > $allowed_added_header_fields{lc('X-Spam-Status')} = 1; > > > > $allowed_added_header_fields{lc('X-Spam-Report')} = 1; > > > > > > > > p@rick > > > > > > > > > > > > > > > > > > > > > > > > > > 4) $sa_local_tests_only: > > > > > > > > > > 20-debian_defaults:$sa_local_tests_only = 0; # only tests which do > > not > > > > require internet access? > > > > > 50-user:$sa_local_tests_only = 1; # only tests which do not require > > > > internet access? > > > > > > > > > > 5) $sa_tag_level_deflt: > > > > > 20-debian_defaults:$sa_tag_level_deflt = 2.0; # add spam info > > > > > headers if at, or above that level > > > > > > > > > > 6) $sa_tag2_level_deflt: > > > > > 20-debian_defaults:$sa_tag2_level_deflt = 6.31; > > > > > > > > > > @spam_tag2_level_maps = ({ > > > > > }, > > > > > \$sa_tag2_level_deflt, > > > > > ); > > > > > > > > > > 7) $sa_dsn_cutoff_level: > > > > > 20-debian_defaults:$sa_dsn_cutoff_level = 10; # spam level beyond > > > > which a DSN is not sent > > > > > > > > > > 8) $sa_crediblefrom_dsn_cutoff_level: > > > > > > > > > > NOT DEFINED > > > > > > > > > > Moreover I have set: > > > > > > > > > > @spam_lovers_maps = ({ > > > > > '.example.net' => 1, # this domain and it's subdomains > > > > > }); > > > > > > > > > > @spam_kill_level_maps = ({ > > > > > '.example.net' => 9999, > > > > > }, > > > > > \$sa_kill_level_deflt, > > > > > ); > > > > > > > > > > Regards, > > > > > > > > > > RS > > > > > > > > > > > -----Messaggio originale----- > > > > > > Da: amavis-users [mailto:amavis-users- > > > > > > bounces+rocco.scappatura=infracom...@amavis.org] Per conto di > > > > > > bounces+Patrick Ben > > > > > > Koetter > > > > > > Inviato: martedì 27 giugno 2017 14:01 > > > > > > A: amavis-users@amavis.org > > > > > > Oggetto: Re: R: R: Message quarantined as SPAM > > > > > > > > > > > > * Scappatura Rocco <rocco.scappat...@infracom.it>: > > > > > > > Thank you Patrick. > > > > > > > > > > > > > > What configuration you need, in particular? > > > > > > > > > > > > Lets start with this and LOG that shows the incident you need > > > > > > to > > > > research: > > > > > > > > > > > > @bypass_spam_checks_maps > > > > > > $final_spam_destiny > > > > > > $spam_quarantine_method > > > > > > $sa_local_tests_only > > > > > > $sa_tag_level_deflt > > > > > > $sa_tag2_level_deflt > > > > > > $sa_dsn_cutoff_level > > > > > > $sa_crediblefrom_dsn_cutoff_level > > > > > > > > > > > > p@rick > > > > > > > > > > > > > > > > > > -- > > > > > > [*] sys4 AG > > > > > > > > > > > > https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße > > > > > > 26/MG,80333 München > > > > > > > > > > > > Sitz der Gesellschaft: München, Amtsgericht München: HRB > > > > > > 199263 > > > > > > Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang > > > > > > Stief > > > > > > Aufsichtsratsvorsitzender: Florian Kirstein > > > > > > > > > > > > > > -- > > > > [*] sys4 AG > > > > > > > > https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße > > > > 26/MG,80333 München > > > > > > > > Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 > > > > Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief > > > > Aufsichtsratsvorsitzender: Florian Kirstein > > > > > > > > -- > > [*] sys4 AG > > > > https://sys4.de, +49 (89) 30 90 46 64 > > Schleißheimer Straße 26/MG,80333 München > > > > Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 > > Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief > > Aufsichtsratsvorsitzender: Florian Kirstein > >
