PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Mailweitergabe an Spamassassin - grundsätzliche Frage



AndreasMeier
09.10.05, 12:34
Hallo zusammen,

jetzt muß ich hier doch nochmal einzeln fragen:
Ich hab ein laufendes Postfix-Mailsystem, welches die Mails an Amavis zum Viren checken weitergibt.
Das klappt auch, ich erhalte im Mailheader einen neuen Eintrag von Amavis, "X-Virus-Scanned: by amavisd-new at home.int".

Jetzt tüftel ich schon ein paar Tage an der Weitergabe an Spamassassin rum und hab nun eine grundsätzliche Frage :

Übernimmt die Mailweitergabe an Spamassassin nun Amavis von Haus haus, ohne grossen Konfig-Aufwand ODER muss ich den Weitertransport über die master.cf von meinem Postfix regeln ?

Im Moment hab ich folgenden Eintrag in der main.cf erweitert:
content_filter = smtp-amavis:[127.0.01]:10024

In der master.cf steht u.a. folgendes:
smtp-amavis unis - - n - 2 - smtp
-o smtp_data_done_timeout=1800
-o disable_dns_lookups=yes
smtp inet n - n - - smtpd
localhost:10025 inet n - n - - smtp -o content_filter=

Damit klappt der Amavis/Virenscanner.

Meine amavis.conf schaut so aus (gekürzt soweit möglich):


use strict;
#
# Section I - Essential daemon and MTA settings
#
$MYHOME = '/var/spool/amavis';
$mydomain = 'home.int';
$daemon_user = 'vscan';
$daemon_group = 'vscan';
$TEMPBASE = $MYHOME; # (must be set if other config vars use is)
#$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean?
#$helpers_home = $MYHOME; # (defaults to $MYHOME)
$ENV{TMPDIR} = $TEMPBASE; # wise to set TMPDIR, but not obligatory
# MTA SETTINGS, UNCOMMENT AS APPROPRIATE,
$forward_method = 'smtp:127.0.0.1:10025'; # where to forward checked mail
$notify_method = $forward_method; # where to submit notifications
$max_servers = 2; # number of pre-forked children (default 2)
$max_requests = 10; # retire a child after that many accepts (default 10)
$child_timeout=5*60; # abort child if it does not complete each task in n sec
# (default: 8*60 seconds)
# Check also the settings of @av_scanners at the end if you want to use
# virus scanners. If not, you may want to delete the whole long assignment
# to the variable @av_scanners, which will also remove the virus checking
# code (e.g. if you only want to do spam scanning).
# Here is a QUICK WAY to completely DISABLE some sections of code
# that WE DO NOT WANT (it won't even be compiled-in).
# For more refined controls leave the following two lines commented out,
# and see further down what these two lookup lists really mean.
#
# @bypass_virus_checks_acl = qw( . ); # uncomment to DISABLE anti-virus code
# @bypass_spam_checks_acl = qw( . ); # uncomment to DISABLE anti-spam code
@local_domains_acl = qw( ".$mydomain" ); # you may want to use qw() to check all in and out <== ist neu
#
# Section II - MTA specific (defaults should be ok => hab ich auch so belassen !!!)
#
#
# Section III - Logging => hab ich auch so belassen !!!
#
#
# Section IV - Notifications/DSN, BOUNCE/REJECT/DROP/PASS destiny, quarantine
#
$final_virus_destiny = D_DISCARD; # (defaults to D_BOUNCE) <== ist neu
$final_banned_destiny = D_REJECT; # (defaults to D_BOUNCE) <== ist neu
$final_spam_destiny = D_PASS;
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
# Notify virus sender?
#$warnvirussender = 1; # (defaults to false (undef))
# Notify spam sender?
#$warnspamsender = 1; # (defaults to false (undef))
# Notify sender of banned files?
#$warnbannedsender = 1; # (defaults to false (undef))
# Notify sender of syntactically invalid header containing non-ASCII characters?
#$warnbadhsender = 1; # (defaults to false (undef))
# Notify virus (or banned files) RECIPIENT?
# (not very useful, but some policies demand it)
#$warnvirusrecip = 1; # (defaults to false (undef))
#$warnbannedrecip = 1; # (defaults to false (undef))
# Notify also non-local virus/banned recipients if $warn*recip is true?
# (including those not matching local_domains*)
#$warn_offsite = 1; # (defaults to false (undef), i.e. only notify locals)
# similar for spam
# (the default value is undef, meaning no quarantine)
#
$spam_quarantine_to = undef;
#$spam_quarantine_to = "spam-quarantine\@$mydomain";
#$spam_quarantine_to = new_RE( # per-recip multiple quarantines
# [qr'^(.*)@example\.com$'i => 'spam-${1}@example.com'],
# [qr/.*/ => 'spam-quarantine'] );
# Add X-Virus-Scanned header field to mail?
$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: undef)
# Leave empty to add no header field # (default: undef)
$X_HEADER_LINE = "by amavisd-new at $mydomain";

# a string to prepend to Subject (for local recipients only) if mail could
# not be decoded or checked entirely, e.g. due to password-protected archives
$undecipherable_subject_tag = '***UNCHECKED*** '; # undef disables it

$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone
#$remove_existing_x_scanned_headers= 1; # remove existing headers
# (defaults to false)
#$remove_existing_spam_headers = 0; # leave existing X-Spam* headers alone
$remove_existing_spam_headers = 1; # remove existing spam headers if
# spam scanning is enabled (default)
#
# Section V - Per-recipient and per-sender handling, whitelisting, etc. => alles so belassen
#
#
# Section VI - Resource limits => alles so belassen
#
#
# Section VII - External programs, virus scanners
#
# SpamAssassin settings
# $sa_local_tests_only is passed to Mail::SpamAssassin::new as a value
# of the option local_tests_only. See Mail::SpamAssassin man page.
# If set to 1, SA tests are restricted to local tests only, i.e. no tests
# that require internet access will be performed.
#
$sa_local_tests_only = 1; # (default: false)
#$sa_auto_whitelist = 1; # turn on AWL (default: false)
$sa_timeout = 30; # timeout in seconds for a call to SpamAssassin
# (default is 30 seconds, undef disables it)
$sa_mail_body_size_limit = 150*1024; # don't waste time on SA if mail is larger
# (less than 1% of spam is > 64k)
# default: undef, no limitations
# default values, can be overridden by more specific lookups, e.g. SQL
$sa_tag_level_deflt = 3.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
# at or above that level: bounce/reject/drop,
# quarantine, and adding mail address extension
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent,
# effectively turning D_BOUNCE into D_DISCARD;
# undef disables this feature and is a default;
$sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disabled)
# (only seen when spam is not to be rejected
# and recipient is in local_domains*)
$sa_spam_modifies_subj = 1; # may be a ref to a lookup table, default is true
# => Rest so belassen !!!!
#
# Section VIII - Debugging => alles so belassen
#
1; # insure a defined return



Herzlichen Dank im voraus,
Gruß
Andreas