...
Let's try the hard way to secure our mailsystems. Not as convenient as using spamd and spamc is the approach mentioned in the postfix FilterReadme. Some guys at http://www.WorldDesign.com/index.cfm/rd/mta/spampd.htm have published a spamd replacement that works as a SMTP-proxy. The advantage over spamd/spamc is that problems with either PERL, Spamassassin or it's configuration don't lead to lost mail. The SMTP-proxy is designed to reject mail in case of non-recoverable faultsefficiency (no fork/exec()ed processes or temporary files required for failsafe operation) and the ability to use before-queue content filtering.
It can easily be integrated as a "content_filter" in postfix. The knack is, that mail classified as spam is forwarded to users, where the filter of their local eMail client should detect the spam-status. Goal should be to forward spam to a special user named "spamking". This could be done by using an alias-map for all users that like their spam removed. The solution described here is for a Mail-server with a limited number of users with varying knowledge. All users are "local", meaning they get their mail via POP/IMAP from the mailserver.
...
No Format |
---|
#!/bin/sh
sa-update && /etc/init.d/spampd restart
true
|
must also restart spampd for the changes to take effect. I don't know the Ubuntu command, but on RedHat-based distributions,Wiki Markup Scott Lamb writes: "The cron script
sa-update && /sbin/service spampd restart
will do. (sa-update returns false if no updates were available.) This might cause mails in progress at the time to get a 4xx failure with "queue file write error" because spampd does not support graceful restarts. That's harmless; the remote system will retry. - Slambmust \[...\] restart spampd for the changes to take effect. \[...\] on [RedHat]-based distributions, {{sa-update && /sbin/service spampd restart}} will do. (sa-update returns false if no updates were available.) This might cause mails in progress at the time to get a 4xx failure with 'queue file write error' because spampd does not support graceful restarts. That's harmless; the remote system will retry." \\
(6) Edit /etc/postfix/master.cf. The following replaces the initial "smtp" entry:
...
Naturally, other distributions will require variations from this procedure.
Handling Large Emails
By default, spampd passes through all emails over 65536 bytes. This is set by --maxsize. Increasing this limit can cause problems on systems with very little RAM. Larger email can be blocked by postfix with the main.cf option:
No Format |
---|
message_size_limit = 65536
|
Or you can scan all larger emails via procmail after postfix with the procmail rule:
No Format |
---|
:0fw: spamassassin.lock
* > 65536
| spamassassin
:0:
* ^X-Spam-Status: Yes
spam
|