Re: integrate dspam into postfix

From: Martijn de Munnik <martijn+list.postfix_at_nospam>
Date: Wed Sep 08 2010 - 13:59:27 GMT
To: postfix-users@postfix.org

Is there a way to use virtual_tranport with virtual_alias for this case?

On Sep 3, 2010, at 1:35 AM, Martijn de Munnik wrote:

> Hi list,
>
> I'm trying to integrate dspam filtering into my postfix system. The
> way I have it now works for local users but when a user has an alias
> to an external domain the mail bounces. This server is for receiving
> mail only, so no submission is needed.
>
> ---
>
> This is the mail system at host chuck.redknot.nl.
>
> I'm sorry to have to inform you that your message could not
> be delivered to one or more recipients. It's attached below.
>
> For further assistance, please send mail to postmaster.
>
> If you do so, please include this problem report. You can
> delete your own text from the attached returned message.
>
> The mail system
>
> <martijndemunnik@chuck.redknot.nl> (expanded from
> <martijndemunnik>): unknown
> user: "martijndemunnik"
> Reporting-MTA: dns; chuck.redknot.nl
> X-Postfix-Queue-ID: 1C455D2A2
> X-Postfix-Sender: rfc822; martijn@youngguns.nl
> Arrival-Date: Thu, 2 Sep 2010 21:58:12 +0200 (CEST)
>
> Final-Recipient: rfc822; martijndemunnik@chuck.redknot.nl
> Original-Recipient: rfc822;martijndemunnik
> Action: failed
> Status: 5.1.1
> Diagnostic-Code: X-Postfix; unknown user: "martijndemunnik"
>
> ---
>
> The virtual file contains:
> justest@suezkade.nl martijndemunnik@gmail.com
>
> I'm sure this is because I pass "--user ${mailbox}" to the dspam
> command, but I'm not sure how to solve this. I want dspam to learn
> what is spam for my local user, so I guess dspam should be as close
> as possible to final delivery. There is also another problem. Dspam
> calls clamav to scan the message for viruses. When A virus is found
> dspam dies because the shell can't handle a negative error return
> code. The dspam list told me to use the server part of dspam to fix
> this and let postfix talk to dspam with lmtp. I'm not sure how to do
> this. virtual_transport doesn't seem to have any effect because I'm
> not using virtual_domains?
>
> Any ideas?
>
> Thanks,
> Martijn
>
>
> Output of postconf -n:
>
> address_verify_map = btree:${data_directory}/verify
> alias_maps = dbm:/etc/opt/redknot/postfix/aliases
> config_directory = /etc/opt/redknot/postfix
> content_filter = dspam:dpsam
> disable_vrfy_command = yes
> home_mailbox = Maildir/
> mailbox_command = /opt/redknot/libexec/dovecot/deliver -a
> "$RECIPIENT" -m "$EXTENSION" -s
> mydestination = $myhostname, localhost.$mydomain, localhost
> mydomain = chuck.redknot.nl
> myhostname = chuck.redknot.nl
> recipient_delimiter = +
> relay_domains = $mydestination, atdstramproy.nl
> smtpd_banner = $myhostname ESMTP
> smtpd_data_restrictions = reject_unauth_pipelining, permit
> smtpd_delay_reject = yes
> smtpd_helo_required = yes
> smtpd_proxy_filter = 127.0.0.1:10027
> smtpd_proxy_options = speed_adjust
> smtpd_recipient_restrictions = reject_non_fqdn_helo_hostname,
> reject_non_fqdn_sender, reject_non_fqdn_recipient,
> reject_unknown_sender_domain, reject_unknown_recipient_domain,
> reject_unauth_destination, reject_rbl_client virbl.dnsbl.bit.nl,
> check_policy_service inet:localhost:10031, check_policy_service
> inet:localhost:10030, check_policy_service inet:localhost:10029,
> permit
> smtpd_tls_cert_file = /etc/opt/redknot/ssl/chuck.redknot.nl.cer
> smtpd_tls_key_file = /etc/opt/redknot/ssl/chuck.redknot.nl.key
> smtpd_use_tls = yes
> soft_bounce = yes
> strict_rfc821_envelopes = yes
> transport_maps = dbm:/etc/opt/redknot/postfix/transport
> unknown_address_reject_code = 550
> unknown_hostname_reject_code = 550
> unknown_local_recipient_reject_code = 550
> unverified_recipient_reject_code = 550
> virtual_alias_maps = dbm:/etc/opt/redknot/postfix/virtual
>
> and my master.cf
>
> #
> # Postfix master process configuration file. For details on the
> format
> # of the file, see the master(5) manual page (command: "man 5
> master").
> #
> # Do not forget to execute "postfix reload" after editing this file.
> #
> #
> =
> =
> =
> =
> ======================================================================
> # service type private unpriv chroot wakeup maxproc command + args
> # (yes) (yes) (yes) (never) (100)
> #
> =
> =
> =
> =
> ======================================================================
> smtp inet n - n - - smtpd
> #submission inet n - n - - smtpd
> # -o smtpd_tls_security_level=encrypt
> # -o smtpd_sasl_auth_enable=yes
> # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> # -o milter_macro_daemon_name=ORIGINATING
> #smtps inet n - n - - smtpd
> # -o smtpd_tls_wrappermode=yes
> # -o smtpd_sasl_auth_enable=yes
> # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> # -o milter_macro_daemon_name=ORIGINATING
> pickup fifo n - n 60 1 pickup
> cleanup unix n - n - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> tlsmgr unix - - n 1000? 1 tlsmgr
> rewrite unix - - n - - trivial-
> rewrite
> bounce unix - - n - 0 bounce
> defer unix - - n - 0 bounce
> trace unix - - n - 0 bounce
> verify unix - - n - 1 verify
> flush unix n - n 1000? 0 flush
> proxymap unix - - n - - proxymap
> proxywrite unix - - n - 1 proxymap
> smtp unix - - n - - smtp
> # When relaying mail as backup MX, disable fallback_relay to avoid
> MX loops
> relay unix - - n - - smtp
> -o smtp_fallback_relay=
> # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> showq unix n - n - - showq
> error unix - - n - - error
> retry unix - - n - - error
> discard unix - - n - - discard
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
> scache unix - - n - 1 scache
> ### dspam content filter
> dspam unix - n n - 10 pipe
> flags=Rhqu user=dspam argv=/opt/redknot/bin/dspam --client --
> deliver=innocent,spam --user ${mailbox} --mode=tum --mail-from=$
> {sender}
> ### spf policy service
> localhost:10029 inet n n n - 0 spawn
> user=nobody argv=/usr/bin/policyd-spf
> ### mail returning from dspam
> localhost:10026 inet n - n - 10 smtpd
> -o content_filter=
> -o smtpd_proxy_filter=
> -o
> receive_override_options
> =no_unknown_recipient_checks,no_header_body_checks,no_milters
> -o smtpd_helo_restrictions=
> -o smtpd_client_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o mynetworks=127.0.0.0/8
> -o smtpd_authorized_xforward_hosts=127.0.0.0/8
> ### mail returning from dcc
> localhost:10028 inet n - n - 10 smtpd
> -o smtpd_proxy_filter=
> -o
> receive_override_options
> =no_unknown_recipient_checks,no_header_body_checks,no_milters
> -o smtpd_helo_restrictions=
> -o smtpd_client_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o mynetworks=127.0.0.0/8
> -o smtpd_authorized_xforward_hosts=127.0.0.0/8
>

This message: [ Message body ]
Next message: Frank Doege: "Re: set envelope sender = sasl authenticated user ?"
Previous message: Mikael Bak: "Re: set envelope sender = sasl authenticated user ?"
In reply to: Martijn de Munnik: "integrate dspam into postfix"
Next in thread: Martijn de Munnik: "Re: integrate dspam into postfix"
Reply: Martijn de Munnik: "Re: integrate dspam into postfix"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]