Re: A question about Postfix and virus scanning
Hi, You shouldn't never try to use amavisd that way. Just configure it as content filter option in main.cf or build recipient access maps invoking it with filter action and just do after queue scans. Bye! > Egoitz, > Hi > Thanks for your mail. I have used amavisd-new but unfortunately it can not > handle e-mail scanning in offline mode. > Anyway, thanks a lot. > > Kind Regards > Ali Majdzadeh Kohbanani > > 2009/11/30 > >> Hi Ali, >> >> The scenario you're describing is not a good idea because you don't know >> when you're users are going to check they're mail accounts. If you want >> a >> scalable email checking system and after queue for avoiding slow >> responses >> from you're smtpd daemons try amavisd-new. >> >> Bye!! >> >> > Hello all, >> > I do not know whether here is the right place to ask this question or >> not, >> > but I would like to know if it is a good idea to perform offline >> e-mail >> > virus scanning. By offline, I mean a scenario in which e-mail >> filtering >> > management tools (like amavisd-new) do not hand out received e-mails >> to >> > virus scanners (like clamav), instead, virus scanning is performed on >> > mailboxes as regular files on the file system. Does anyone have any >> > experiences regarding this scenario? Is at all this scenario sane or >> > applicable? >> > >> > Kind Regards >> > Ali Majdzadeh Kohbanani >> > >> >> >> >
Re: A question about Postfix and virus scanning
Egoitz, Hi Thanks for your mail. I have used amavisd-new but unfortunately it can not handle e-mail scanning in offline mode. Anyway, thanks a lot. Kind Regards Ali Majdzadeh Kohbanani 2009/11/30 > Hi Ali, > > The scenario you're describing is not a good idea because you don't know > when you're users are going to check they're mail accounts. If you want a > scalable email checking system and after queue for avoiding slow responses > from you're smtpd daemons try amavisd-new. > > Bye!! > > > Hello all, > > I do not know whether here is the right place to ask this question or > not, > > but I would like to know if it is a good idea to perform offline e-mail > > virus scanning. By offline, I mean a scenario in which e-mail filtering > > management tools (like amavisd-new) do not hand out received e-mails to > > virus scanners (like clamav), instead, virus scanning is performed on > > mailboxes as regular files on the file system. Does anyone have any > > experiences regarding this scenario? Is at all this scenario sane or > > applicable? > > > > Kind Regards > > Ali Majdzadeh Kohbanani > > > > >
Re: A question about Postfix and virus scanning
Hi Ali, The scenario you're describing is not a good idea because you don't know when you're users are going to check they're mail accounts. If you want a scalable email checking system and after queue for avoiding slow responses from you're smtpd daemons try amavisd-new. Bye!! > Hello all, > I do not know whether here is the right place to ask this question or not, > but I would like to know if it is a good idea to perform offline e-mail > virus scanning. By offline, I mean a scenario in which e-mail filtering > management tools (like amavisd-new) do not hand out received e-mails to > virus scanners (like clamav), instead, virus scanning is performed on > mailboxes as regular files on the file system. Does anyone have any > experiences regarding this scenario? Is at all this scenario sane or > applicable? > > Kind Regards > Ali Majdzadeh Kohbanani >
A question about Postfix and virus scanning
Hello all, I do not know whether here is the right place to ask this question or not, but I would like to know if it is a good idea to perform offline e-mail virus scanning. By offline, I mean a scenario in which e-mail filtering management tools (like amavisd-new) do not hand out received e-mails to virus scanners (like clamav), instead, virus scanning is performed on mailboxes as regular files on the file system. Does anyone have any experiences regarding this scenario? Is at all this scenario sane or applicable? Kind Regards Ali Majdzadeh Kohbanani
How to make the original mail show a correct addresser?
I use the mail service of google apps now, I have pointed to mydomain.com MX record to google apps, but it is too slow, so I install a POSTFIX server in my LAN. My domain is a "mydomain.com", "i...@mydomain.com/mypasswd" is my google apps account. I have already set in the /etc/postfix/main.cf =begin== myhostname = server.mydomain.com myorigin = mydomain.com relayhost = [smtp.gmail.com]:587 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd . . . =end=== set in the /etc/postfix/sasl_passwd =begin== [smtp.gmail.com]:587 i...@mydomain.com:mypasswd =end=== Now, i can use MUA send a mail with POSTFIX in my LAN, but, the "From: " of mail always i...@mydomain.com, when I use any account number in LAN. -- WEB: http://www.yuzifu.net/ MSN: yuz...@hotmail.com
Re: startssl and CA autority
On Sun, 29 Nov 2009 03:06:41 +0100, fakessh wrote: > On Sun, 29 Nov 2009 03:00:46 +0100, fakessh wrote: >> hi all >> >> hi postfix list >> >> I worked all day to develop my certificates >> with certificates free of startssl >> I properly set up my certificates as provided for postfix dovecot everything works well. thunderbird stores and accept without complaint, and he tells me even though they come from a certification authority >> >> thanks for all your feedback >> >> thanks all your >> >> thanks >> >> nb : je ne parle pas anglais
Re: Mail from cron delay
Emmett Culley: > For some months I've been noticing on multiple servers that mail > from a cron job defined in the root's crontab takes 24 hours to > get to it's destination. It finally bugged me enough to have me > take a look for the reason. This is what I found in the maillog > for each day: > > Nov 29 03:15:58 den1 postfix/pickup[8219]: B0771588D1B: uid=0 from= > Nov 29 03:15:58 den1 postfix/cleanup[7689]: B0771588D1B: > message-id=<20091129101558.b0771588...@den1.thisserver.net> > Nov 29 03:15:58 den1 postfix/qmgr[3361]: B0771588D1B: > from=, size=819, nrcpt=1 (queue active) > Nov 29 03:15:59 den1 postfix/smtp[7691]: B0771588D1B: > to=, relay=example.com[123.45.67.89]:25, delay=86457, > delays=86457/0/0.36/0.18, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as > 3586C400032) This message is queued on a DIFFERENT mail system example.com[123.45.67.89]:25, meaning it was sent via the SMTP port (port 25) to a mail system on a named example.com with IP address 123.45.67.89. Is the local machine running MacOS? Apple has made some changes such that Postfix is not running all of the time. This is a change that is specific to APPLE, and may explain why mail not picked up as soon as it is enqueued. Is the queue on a file server, and are the client and file server clocks out of sync? Looking at the Received: in your message as delivered, the clocks on those systems are all out of sync. Wietse
Mail from cron delay
For some months I've been noticing on multiple servers that mail from a cron job defined in the root's crontab takes 24 hours to get to it's destination. It finally bugged me enough to have me take a look for the reason. This is what I found in the maillog for each day: Nov 29 03:15:58 den1 postfix/pickup[8219]: B0771588D1B: uid=0 from= Nov 29 03:15:58 den1 postfix/cleanup[7689]: B0771588D1B: message-id=<20091129101558.b0771588...@den1.thisserver.net> Nov 29 03:15:58 den1 postfix/qmgr[3361]: B0771588D1B: from=, size=819, nrcpt=1 (queue active) Nov 29 03:15:59 den1 postfix/smtp[7691]: B0771588D1B: to=, relay=example.com[123.45.67.89]:25, delay=86457, delays=86457/0/0.36/0.18, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 3586C400032) Nov 29 03:15:59 den1 postfix/qmgr[3361]: B0771588D1B: removed Nov 29 04:05:59 den1 postfix/pickup[8219]: 8F5C358913E: uid=0 from= Nov 29 04:05:59 den1 postfix/cleanup[10278]: 8F5C358913E: message-id=<20091129110559.8f5c3589...@den1.thisserver.net> Nov 29 04:05:59 den1 postfix/qmgr[3361]: 8F5C358913E: from=, size=2488, nrcpt=1 (queue active) Nov 29 04:05:59 den1 postfix/cleanup[10278]: A6027589038: message-id=<20091129110559.8f5c3589...@den1.thisserver.net> Nov 29 04:05:59 den1 postfix/qmgr[3361]: A6027589038: from=, size=2626, nrcpt=1 (queue active) Nov 29 04:05:59 den1 postfix/local[10280]: 8F5C358913E: to=, orig_to=, relay=local, delay=7.5, delays=7.4/0.03/0/0.05, dsn=2.0.0, status=sent (forwarded as A6027589038) Nov 29 04:05:59 den1 postfix/qmgr[3361]: 8F5C358913E: removed Nov 29 04:06:00 den1 postfix/smtp[10286]: A6027589038: to=, orig_to=, relay=example.com[123.45.67.89]:25, delay=0.41, delays=0.04/0.01/0.21/0.16, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as F0C77400032) Nov 29 04:06:00 den1 postfix/qmgr[3361]: A6027589038: removed The first object (B0771588D1B) is the mail generated by root's crontab job (see below). The first thing I noticed is that the "delay=86417" is within a few seconds of 24 hours. There is also a "status=sent" and that it is queued. So I am assuming that it gets queued somewhere. However, running postqueue -p shows that nothing is queued. Still, that email must be stored somewhere on this server because it always get received at it's original destination 24 hour later. Note the second email that is received by Postfix, at 4:05. It also originates from cron, although it is from logwatch and not from the root's crontab. I am certain this isn't a Postfix issue. It almost certainly has to do with cron, but I can find no references to cron job mail delays when searching the web. Can someone tell me how the "delay=" value gets set? And possibly where such a delayed email might be stored while waiting for the delay time to elapse? --- email B0771588D1B -- >From - Sun Nov 29 02:16:04 2009 X-Mozilla-Status: 0001 X-Mozilla-Status2: Return-Path: Received: from murder ([unix socket]) by g1.example.com (Cyrus v2.3.7-Invoca-RPM-2.3.7-7.el5_4.3) with LMTPA; Sun, 29 Nov 2009 02:16:04 -0800 X-Sieve: CMU Sieve 2.3 Received: from localhost (localhost.localdomain [127.0.0.1]) by g1.example.com (Postfix) with ESMTP id 049AD40003C for ; Sun, 29 Nov 2009 02:16:04 -0800 (PST) X-Virus-Scanned: amavisd-new at example.com Received: from g1.example.com ([127.0.0.1]) by localhost (g1.example.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dS+5g5AAK5vQ for ; Sun, 29 Nov 2009 02:15:59 -0800 (PST) Received: from den1.thisserver.net (den1.thisserver.net [198.202.202.21]) by g1.example.com (Postfix) with ESMTP id 3586C400032 for ; Sun, 29 Nov 2009 02:15:59 -0800 (PST) Received: by den1.thisserver.net (Postfix, from userid 0) id ; Sun, 29 Nov 2009 03:15:58 -0700 (MST) From: r...@den1.thisserver.net (Cron Daemon) To: webmas...@example.com Subject: Cron /usr/lib/freefi/freefirstcron Content-Type: text/plain; charset=UTF-8 Auto-Submitted: auto-generated X-Cron-Env: X-Cron-Env: X-Cron-Env: X-Cron-Env: X-Cron-Env: X-Cron-Env: Message-Id: <20091129101558.b0771588...@den1.thisserver.net> Date: Sat, 28 Nov 2009 03:15:01 -0700 (MST) Stopping httpd: [ OK ] Starting httpd: [ OK ] Stopping squid: [ OK ] Starting squid: .[ OK ] Reseting FreeFi gateway daemon: [ OK ][ OK ] Sat Nov 28 03:16:05 MST 2009 --- Note the second "Received" (bottom up) is seen by our mail server 24 hours after Postfix received it from cron. Emmett
Re: Don't filter the users\
Jordi Espasa Clofent a écrit : >> That is easy. >> >> Have your users connect to the submission port, and let everyone >> else connnect to the smtp port. Then, specify "=o >> content_filter=whatever" >> for the smtp port and not for the submission port. > > Yes Wietse, I've considered this simple and clean option, but we're a > hosting company and the costumers are to lazy to understand and accept > an approach like this. > >> If you are taking in all mail on port 25 then you are making mail >> handling more complicated than it needs to be. > > I agree... but ¿is there no more alternatives? > there are, but using the submission port is the way to go. anyway, you can use the FILTER action in smtpd access checks. for example: smtpd_sender_restrictions = check_client_access pcre:/etc/postfix/filter_trusted.pcre permit_mynetworks permit_sals_authenticated check_client_access pcre:/etc/postfix/filter_default.pcre filter_trusted.pcre: #virus scan, but no spam filtering /./ FILTER filter:[127.0.0.1]:10586 filter_default.pcre: #virus and spam filtering... /./ FILTER filter:[127.0.0.1]:10024 > Maybe if I want all mail on port 25, I have to hack the Perl filter code > and working on this level, not in Postfix level. >
