Hi Todd, Thanks for the tips. I'll try changing the order and add everything to recipient restrictions as noted. The following is the output from postconf -n
command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix debug_peer_level = 2 home_mailbox = .maildir/ html_directory = /usr/share/doc/postfix-2.3.7/html mailbox_size_limit = 536870000 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man mydomain = domain.com myhostname = Hostname mynetworks = 192.168.0.0/24, 192.168.1.0/24, 127.0.0.0/8 newaliases_path = /usr/bin/newaliases readme_directory = /usr/share/doc/postfix-2.3.7/readme relay_domains = domain relay_recipient_maps = hash:/etc/postfix/relay_recipients sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop show_user_unknown_table_name = no smtpd_banner = Welcome to the X Mail System smtpd_recipient_limit = 35 smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination check_recipient_access pcre:/etc/postfix/dspam_incoming permit smtpd_sender_restrictions = hash:/etc/postfix/good_domains hash:/etc/postfix/client_access hash:/etc/postfix/banned_domains reject_rbl_client zen.spamhaus.org transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 The following is the dspam trigger /./ FILTER dspam:unix:/var/run/dspam/dspam.sock And the following section from master.cf dspam unix - - n - 10 lmtp 127.0.0.1:10025 inet n - n - - smtpd -o smtpd_authorized_xforward_hosts=127.0.0.0/8 -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o receive_override_options=no_unknown_recipient_checks -----Original Message----- From: Todd S. Florman [mailto:[EMAIL PROTECTED] Sent: Friday, April 27, 2007 11:21 AM To: Andy Durant Cc: [email protected] Subject: Re: [dspam-users] Specific domains bypass dspam? Andy Durant wrote: > Hello all, > > > > I am using dspam and postfix to relay mail for exchange and so far everything > is going smoothly but for some minor issues. We have several clients in china > who mail us in Chinese only and all of them get flagged as spam.. Since my > quarantine is not delivering mail when released (another issue) I have to > manually send the email through with altered headers to reflect the correct > sender. However; the Chinese characters get converted to asci characters > like this ÔÓʼþ·¢¼þÈËÃû×Ö: pol and of course no one can read it any longer. > > > > > > Is there a way to have specific incoming domains bypass dspam' s spam > checking altogether. I had though configuring main.cf in postfix with > the dspam trigger last would allow that to happen but its not. Dspam is > still picking up and scanning everything. Relevant postfix portion below: > > > > > > > > > > smtpd_sender_restrictions = > > hash:/etc/postfix/good_domains > > hash:/etc/postfix/client_access > > hash:/etc/postfix/banned_domains > > reject_rbl_client zen.spamhaus.org > > > > smtpd_recipient_restrictions = > > permit_mynetworks > > reject_unauth_destination > > check_recipient_access pcre:/etc/postfix/dspam_incoming > > permit > > > > > > > > **Andy Durant** > Network Administrator > *Addressograph Bartizan* > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > _http:// <http://www.imprinters.com/>_www.imprinters.com > <http://www.imprinters.com/> > (519) 893-4510 x 145 > (519) 748-9843 Fax > > > Hi Andy, It would be more helpful if you would include a postconf -n and the contents of any relevent maps.... like dspam_incoming. Also be sure that you don't have dspam setup as a global filter in master.cf. One thing I have noticed is that the following is not correct syntax. You list out the map, but you don't say what to do with it...like check_sender_access. smtpd_sender_restrictions = hash:/etc/postfix/good_domains hash:/etc/postfix/client_access hash:/etc/postfix/banned_domains reject_rbl_client zen.spamhaus.org Honestly, if I were you, I would simply put all of your UCE checks into the smtpd_recipient_restrictions like the following... as postfix defaults to delaying any rejections until the rcpt to phase of the smtp transaction anyway. It's not that it really does anything different in the end, but it will keeps things a bit cleaner and more easy to understand and allow for more information to be shown in the logs. smtpd_client_restrictions = smtpd_helo_restrictions = smtpd_sender_restrictions = smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_sender_access hash:/etc/postfix/good_domains, check_sender_access hash:/etc/postfix/client_access, check_sender_access hash:/etc/postfix/banned_domains, reject_rbl_client zen.spamhaus.org, check_recipient_access pcre:/etc/postfix/dspam_incoming, permit Here is an example of what your dspam_incoming file could look like to have some domains bypassing the filters while the rest get filtered as expected. Keep in mind that pcre maps look for first match and exit with whatever result you list as the second argument in the match string. contents of dspam_incoming. /[EMAIL PROTECTED]/ OK /[EMAIL PROTECTED]/ OK /./ FILTER dspam:dspam or /./ FILTER dspam:[127.0.0.1]:10026 (depending on how you have dspam running) Hope this helps.. Todd Florman
