Had a battle with postfix myself recently. With a simple setup, the easy
way is to just use dspam as mailbox_transport or mailbox_command. I had
a situation where I needed to spam-check a mailman list, so I needed to
filter before local delivery (i.e. before alias expansion). I ended up
adding a check_recipient_access as the VERY FIRST line in
smtpd_recipient restrictions on incoming ports. My
check_recipient_access thingy will return "FILTER
dspam-filter:unix:/tmp/dspam.sock" for anything to do with my local
domain. This "tags" all incoming emails to be filtered throgh a dspam
daemon UNLESS they are rejected or DISCARDED by a rule later on in the
list of smtpd_recipient_restrictions. Putting the recipient_check first,
means that you can leave the local_recipient_maps alone, because the
FILTER action will grab the mail before it gets sent to local delivery.
That also means that alias expansion does not happen.
Now, once the mail hits dspam, dspam will hold or deliver to a second
smtp process which does not have this filter action defined. I have
dspam set up to change mode on parse, but not change user on parse.
The only drawback to this is that "postmaster" and such system adresses
will get theiry own quarantine, so I have to check a few more places for
held mail.
For completeness: I have dspam running as a server, listening on the
before mentioned socket, an I have the following in master.cf:
--stanza from master.cf:(warning, not entirely sure about this, see note
below) ---
dspam-filter unix - - n - - lmtp
-o smtp_send_xforward_command=yes
-o disable_mime_output_conversion=yes
-o dspam-filter_destination_recipient_limit=1
-- end stanza ---
I don't know if the destination_recipient_limit is actually working, no
big deal if non local users also get filtered as long as I have dspam
set with "Notifications off".
Mark Rogers wrote:
Anton Tilstra wrote:
To be sure, in main.cf, is the new domain:
1. *Not* listed in mydestination
Correct
2. Listed in relay_domains
No it is not, although it is listed in transport_maps. (I know very
little about Postfix, sorry! I am learning though!)
[In playing with the server I managed to break it so anyone who
replied to me earlier may have got a bounce - sorry! Going to be more
careful now, but if you got a bounce could you resend?]
