RE: [SAtalk] SMTP gateway/filter

[Gilson, Larry]

> -----Original Message-----
> From: David B Funk
> Sent: Wednesday, November 12, 2003 2:45 AM
> To: Larry Gilson
> Cc: 'Robban'; [EMAIL PROTECTED]
> Subject: RE: [SAtalk] SMTP gateway/filter
> 
> 
> On Tue, 11 Nov 2003, Larry Gilson wrote:
> 
> > The preferred method is any way you prefer. ;)  That is really an 
> > honest answer.  Everyone has their own preferred method and 
> > a lot of times it depends on your specific situation.  Some people 
> > will pipe to a filter shell script, Procmail, maildrop, or spamc 
> > directly.  I prefer Procmail as it allows me to do more post SMTP 
> > processing with the message than the shell script or a direct pipe 
> > to spamc.  maildrop works well for some people but I honestly am
> > not familiar 
> 
> > with it.  I would like to hear from someone who has chosen 
> > maildrop rather than Procmail just to have a comparison though.
> >
> > --Larry
> >
> > > -----Original Message-----
> > > From: Robban
> > > Sent: Tuesday, November 11, 2003 2:58 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: [SAtalk] SMTP gateway/filter
> > >
> > >
> > > I'm pretty new to spamassassin and I've only done a few 
> > > spamassassin/postfix installations. My next task is to sett 
> > > up some sort of STMP gateway that filters e-mail for spam and if 
> > > approved, forwards the mail to "the real" mail server. The real  
> > > mail server will probably be an exchange server but we might 
> > > also end up with godd ol' sendmail. What would be the preferred 
> > > practice in setting up such a thing. Any ideas?
> > >
> > > //robban
> 
> Larry,
> I agree with the first part of your advice to Robban but 
> completely disagree with the Procmail part.
> 
> Robban is asking specifically for a filtering front-end to 
> some kind of back-end mail server (such as Exchange). 
> Procmail would require him to fake a delivery to each account 
> on the SA processing machine, which would mean that they 
> would have to create user accounts for every Exchange user on 
> the SA box.
> 
> I think that Robban is looking for some kind of filtering 
> "appliance" that mail flows thru as a SMTP stream and the 
> back end server handles the delivery/user part.
> 
> Something like sendmail+milter, sendmail+mailscanner, 
> postfix+spamc or postfix+MIMEDefang would be better suited to 
> this application. It can process & tag mail with out needing 
> any specific user account information.
> 
> Dave

Hi Dave,

I am running Postfix/Procmail/SA in a site-wide (relay) configuration in
front of an Exchange mail system.  Procmail can be used as a general mail
filter using the -m option and the content_filter configuration.  The
master.cf file would include the following:

# =====================================================================
# service type  private  unpriv  chroot  wakeup  maxproc  command + args
#                     (yes)  (yes)   (yes)   (never) (100)
# =====================================================================
smtp        inet  n        -       y       -       -        smtpd
    -o content_filter=spam:


spam      unix  -         n      n       -       5        pipe
  flags=Rq user=spam argv=/usr/bin/procmail -m /home/merlin/etc/spam.rc
${sender} ${recipient}

Hopefully the flags line will not wrap as it needs to be on one line.


So, the message is piped to the Procmail using the non-priveleged user
account spam (or whatever name you want).  All processing is performed under
the user spam which will also have a user_prefs and will own Bayes, AWL, etc
files.  I don't have to worry about 'spamc -u' as spamc is called from
Procmail under the spam account.

By utilizing this method, I capture both the envelope sender and recipient
addresses to be utilized by SA.  I can have
header/body/attachment/whitelist/blacklist checks external to SA.  The most
beneficial checks is the whitelist to reduce messages that need to be sent
to SA.  Almost all of the checks I used to use before SA are now turned off.
I do use Procmail to customize solutions for specific needs.  I am starting
to use it for initial Bayes training of some messeages (like requested legit
company notifications - Sears, JC Penney, Lands' End, etc.)

--Larry



-------------------------------------------------------
This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk