Discussion:
postfix filter / spamassassin
(too old to reply)
uberthold
2003-10-13 15:04:04 UTC
Permalink
hello postfixers.

i am running a little mail server, postfix 2.0.14 on debian/linux, 2
domains, 30 users and i have tried recently to integrate spamassassin
into the setup, following the FILTER_README and various howtos/docs on
the www. i used the first filter setup via script and it does a fine job
filtering spam, just when someone sends in mail with 2 or more "RCPT To:
" addresses, none of the recipients gets his mail delivered, instead the
mail loops back to the sender.
this behaviour does not appear without the filter turned on and the
filter works fine with only 1 RCPT To:

the changes i made to the original setup were:
* in master.cf
smtp inet n - - - - smtpd
-o content_filter=scan:

scan unix - n n - - pipe
flags=Rq user=filter argv=/usr/local/sbin/spamfilter ${user}
${sender} ${recipient}

the script in /usr/local/sbin/spamfilter looks like this:
if [ ! -z $1 ]; then
SCUSER="-u $1"
fi
/usr/bin/spamc -f $SCUSER | /usr/sbin/sendmail -i -f $2 -- $3
exit $?

sniffing on port 25 and the logfile provide me with the information that
mail to 2 recipients doesn't reach the filter script at all, but a new
smtp connection is opened sending the mail back to the sender. and on
this occassion it passes the filter.

maybe someone here has experience with this kind of setup and can give
me a clue, what to do about it.
thanks in advance,
ub
Covington, Chris
2003-10-13 22:21:02 UTC
Permalink
Post by uberthold
hello postfixers.
=20
i am running a little mail server, postfix 2.0.14 on debian/linux, 2=20
domains, 30 users and i have tried recently to integrate spamassassin=20
into the setup, following the FILTER_README and various=20
howtos/docs on=20
the www. i used the first filter setup via script and it does=20
a fine job=20
filtering spam, just when someone sends in mail with 2 or=20
more "RCPT To:=20
" addresses, none of the recipients gets his mail delivered,=20
instead the=20
mail loops back to the sender.
this behaviour does not appear without the filter turned on and the=20
Look into using amavisd-new instead of spamc:

http://www.ijs.si/software/amavisd/

It's faster and more flexible.

Chris
Joakim Ryden
2003-10-13 22:33:39 UTC
Permalink
On Monday 13 October 2003 03:20 pm, Covington, Chris wrote:
[...]
CC> Look into using amavisd-new instead of spamc:
CC>
CC> http://www.ijs.si/software/amavisd/
CC>
CC> It's faster and more flexible.

In what ways is it faster and more flexible?

--Jo
Boring, Andrew
2003-10-13 23:00:44 UTC
Permalink
Post by Joakim Ryden
[...]
CC>
CC> http://www.ijs.si/software/amavisd/
CC>
CC> It's faster and more flexible.
In what ways is it faster and more flexible?
spamc and spamd are simply client/daemon programs to provide a more
efficient mechanism for running spamassassin on email, as opposed to running
a separate spamassassin process every time.

amavisd-new actually runs as a daemon and listens on SMTP port (or other
configurable port usually) and will bounce, reject or deliver mail, and
supports better error handling capabilities than a simple shell script (for
example, if the SMTP connection between Postfix and amavisd-new drops during
delivery, Postfix still has the message queued to try again later). Running
mail through an SMTP content_filter is also much faster than writing a temp
file to disk and then calling a filter script on the message. Look at
"Advanced Content Filtering Example" in the FILTER_README.

amavisd-new also can call in several virus scanners, etc, in conjunction
with spamassassin.

However, to answer your original question, try this from the pipe(8) man
page:

SINGLE-RECIPIENT DELIVERY
Some external commands cannot handle more than one recipient per
deliv-
ery request. Examples of such transports are pagers, fax machines,
and
so on.

To prevent Postfix from sending multiple recipients per
delivery
request, specify

[transport]_destination_recipient_limit = 1

in the Postfix main.cf file, where [transport] is the name in the
first
column of the Postfix master.cf entry for the pipe-based
delivery
transport.
Joakim Ryden
2003-10-13 23:20:59 UTC
Permalink
On Monday 13 October 2003 04:00 pm, Boring, Andrew wrote:
[...]
Post by Boring, Andrew
Post by Joakim Ryden
In what ways is it faster and more flexible?
spamc and spamd are simply client/daemon programs to provide a more
efficient mechanism for running spamassassin on email, as opposed to
running a separate spamassassin process every time.
How does it compare to the overhead of a/several LMTP/SMTP conversations every
time?
Post by Boring, Andrew
amavisd-new actually runs as a daemon and listens on SMTP port (or other
configurable port usually) and will bounce, reject or deliver mail, and
supports better error handling capabilities than a simple shell script (for
example, if the SMTP connection between Postfix and amavisd-new drops
during delivery, Postfix still has the message queued to try again later).
Running mail through an SMTP content_filter is also much faster than
writing a temp file to disk and then calling a filter script on the
message. Look at "Advanced Content Filtering Example" in the FILTER_README.
Bouncing once the e-mail has entered your system (in the case of SPAM) is
worthless.

I couldn't really say what the speed difference is in calling spamc and have
it talk to spamd as opposed to content filtering the message through SMTP/
LMTP, have amavisd run the SA tests and reinject it to Postfix. I just don't
know.
Post by Boring, Andrew
amavisd-new also can call in several virus scanners, etc, in conjunction
with spamassassin.
This is a good point but doesn't exactly make for a faster/more flexible
solution if you have no need for virus filtering.
Post by Boring, Andrew
However, to answer your original question, try this from the pipe(8) man
SINGLE-RECIPIENT DELIVERY
Some external commands cannot handle more than one recipient per
deliv-
ery request. Examples of such transports are pagers, fax machines,
and
so on.
To prevent Postfix from sending multiple recipients per
delivery
request, specify
[transport]_destination_recipient_limit = 1
in the Postfix main.cf file, where [transport] is the name in the
first
column of the Postfix master.cf entry for the pipe-based
delivery
transport.
I am certainly willing to agree that it may be faster - but I'm not gonna
swallow a statement like it's "faster and more flexible" without chewing on
it for a while. :)

--Jo
Ralf Hildebrandt
2003-10-14 05:25:16 UTC
Permalink
Post by Joakim Ryden
Bouncing once the e-mail has entered your system (in the case of SPAM) is
worthless.
Yes, thus you can use amavisd-new together with the smtpd proxy.
--
Ralf Hildebrandt ***@charite.de
my current spamtrap ***@charite.de
http://www.arschkrebs.de/postfix/ Tel. +49 (0)30-450 570-155
Why you can't find your system administrators:
Is in luser's office, trying to explain why "export VAR=xxx" from one xterm window doesn't have any effect on the other windows. "But they're all on the same Xstation -- what's the problem?" -- Michael Hartwig ***@lfs.loral.com
Joakim Ryden
2003-10-14 05:35:11 UTC
Permalink
Post by Ralf Hildebrandt
Post by Joakim Ryden
Bouncing once the e-mail has entered your system (in the case of SPAM) is
worthless.
Yes, thus you can use amavisd-new together with the smtpd proxy.
Ah, cool - is there any documentation on how to set that up anywhere (the two
together I mean)?

--Jo
Ralf Hildebrandt
2003-10-14 06:46:28 UTC
Permalink
Post by Joakim Ryden
Ah, cool - is there any documentation on how to set that up anywhere (the two
together I mean)?
I would think this is straightforward and decribed in the
SMTPD_PROXY_README
--
Ralf Hildebrandt ***@charite.de
my current spamtrap ***@charite.de
http://www.arschkrebs.de/postfix/ Tel. +49 (0)30-450 570-155
First snow, then silence.
This thousand-dollar screen dies
So beautifully.
Continue reading on narkive:
Loading...