From: Dimitry Peisakhov (no email)
Date: Mon Sep 27 2004 - 21:55:10 EDT
Hello all,
I wrote to this list yesterday asking for help getting spam
filtering running with postfix and spamassassin and anomy.
I was pointed to the fact that while i had a filter transport defined in
master.cf i had nothing calling it in main.cf.
I added the line
content_filter = filter:dummy
to main.cf, and now my filter script actually intercepts the mail, but then
causes an infinite loop in the queue when it passes it back to postfix, and
eventually mail gets bounced because of too many hops.
maillog looks like this:
(Spamtest is my postfix box that sits infront of the Exchange server, and
testenv.hwe.com.au is the MX dns name of the Exchange site, but resolves to
the Postfix box since its the relay)
Sep 28 11:32:56 spamtest postfix/smtpd[24410]: connect from
webmail.swiftel.com.au[202.154.92.46]
Sep 28 11:32:56 spamtest postfix/smtpd[24410]: D2CC315F67B:
client=webmail.swiftel.com.au[202.154.92.46]
Sep 28 11:32:57 spamtest postfix/cleanup[24412]: D2CC315F67B:
message-id=<>
Sep 28 11:32:57 spamtest postfix/nqmgr[24221]: D2CC315F67B:
from=<>, size=838, nrcpt=1 (queue active)
Sep 28 11:32:57 spamtest postfix/smtpd[24410]: disconnect from
webmail.swiftel.com.au[202.154.92.46]
Sep 28 11:33:00 spamtest postfix/pickup[24220]: E272615F67C: uid=501
from=<>
Sep 28 11:33:00 spamtest postfix/cleanup[24412]: E272615F67C:
message-id=<>
Sep 28 11:33:00 spamtest postfix/pipe[24414]: D2CC315F67B:
to=<>, relay=filter, delay=4, status=sent (dummy)
Sep 28 11:33:01 spamtest postfix/nqmgr[24221]: E272615F67C:
from=<>, size=1169, nrcpt=1 (queue active)
Sep 28 11:33:03 spamtest postfix/pickup[24220]: C41D015F67B: uid=501
from=<>
Sep 28 11:33:03 spamtest postfix/cleanup[24412]: C41D015F67B:
message-id=<>
Sep 28 11:33:03 spamtest postfix/pipe[24414]: E272615F67C:
to=<>, relay=filter, delay=3, status=sent
(spamtest.hwe.com.au)
Sep 28 11:33:03 spamtest postfix/nqmgr[24221]: C41D015F67B:
from=<>, size=1324, nrcpt=1 (queue active)
Sep 28 11:33:06 spamtest postfix/pickup[24220]: DB7BF15F67C: uid=501
from=<>
Sep 28 11:33:06 spamtest postfix/cleanup[24412]: DB7BF15F67C:
message-id=<>
Sep 28 11:33:06 spamtest postfix/pipe[24414]: C41D015F67B:
to=<>, relay=filter, delay=3, status=sent
(spamtest.hwe.com.au)
And repeats the last 4 lines over and over till too many hops and then
bounces.
postconf -n output:
alias_database = hash:/etc/postfix/aliases smtpd_recipient_restrictions =
permit_mynetworks check_recipient_access
hash:/etc/postfix/recipient_access check_recipient_access
hash:/etc/postfix/filtered_domains check_sender_access
hash:/etc/postfix/sender_access reject_unknown_sender_domain
reject_unknown_recipient_domain reject_rbl_client list.dsbl.org
reject_unauth_destination
alias_maps = hash:/etc/postfix/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = filter:dummy
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain
mydomain = hwe.com.au
myhostname = spamtest.hwe.com.au
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.0.11/README_FILES
relay_domains = testenv.hwe.com.au
sample_directory = /usr/share/doc/postfix-2.0.11/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 450
here;s the line that defines the filter transport in master.cf:
filter unix - n n - - pipe
flags=Rq user=filter argv=/usr/local/anomy/filter.sh -f ${sender} --
${recipient}
and here's the actual filter.sh script:
#!/bin/sh
#
# filter.sh
#
# Simple filter to plug Anomy Sanitizer and SpamAssassin
# into the Postfix MTA
#
# From http://advosys.ca/papers/postfix-filtering.html
# Advosys Consulting Inc., Ottawa
#
# For use with:
# Postfix 20010228 or later
# Anomy Sanitizer revision 1.49 or later
# SpamAssassin 2.42 or later
#
# Note: Modify the file locations to match your particular
# server and installation of SpamAssassin.
# File locations:
# (CHANGE AS REQUIRED TO MATCH YOUR SERVER)
INSPECT_DIR=/var/spool/filter
SENDMAIL="/usr/lib/sendmail -i"
ANOMY=/usr/local/anomy
SANITIZER=/usr/local/anomy/bin/sanitizer.pl
ANOMY_CONF=/usr/local/anomy/anomy.conf
ANOMY_LOG=/var/spool/filter/anomy.log
SPAMASSASSIN=/usr/bin/spamassassin
export ANOMY
# Exit codes from <sysexits.h>
EX_TEMPFAIL=75
EX_UNAVAILABLE=69
cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; }
# Clean up when done or when aborting.
trap "rm -f out.$$" 0 1 2 3 15
cat | $SPAMASSASSIN -x | $SANITIZER \
$ANOMY_CONF 2>>$ANOMY_LOG > out.$$ || \
{ echo Message content rejected; exit $EX_UNAVAILABLE; }
$SENDMAIL "$@" < out.$$
exit $?
sorry for the long email.
any ideas guys?
thanks in advance,
Regards, Dimitry
Dimitry Peisakhov
Systems Administrator
HENRY WALKER ELTIN
02 8875 4721
|
|
|