Question regarding use of amavisd-new

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
22 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Question regarding use of amavisd-new

J Doe
Hi,

I was wondering if fellow Postfix users would still recommend using amavisd-new when integrating AV (ClamAV), and spam filtering (SpamAssasin) ?

The site I have this in mind for receives a moderate amount of e-mail per day.

This appears to be the most mentioned configuration via web searches, but I was wondering if this still held true for 2017/2018 (amavisd-new’s last release was 2016/04/26) ?

Thanks,

- J
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Noel Jones-2
On 12/12/2017 3:55 AM, J Doe wrote:

> Hi,
>
> I was wondering if fellow Postfix users would still recommend using amavisd-new when integrating AV (ClamAV), and spam filtering (SpamAssasin) ?
>
> The site I have this in mind for receives a moderate amount of e-mail per day.
>
> This appears to be the most mentioned configuration via web searches, but I was wondering if this still held true for 2017/2018 (amavisd-new’s last release was 2016/04/26) ?
>
> Thanks,
>
> - J
>


I use amavisd-new (configured as an smtpd proxy filter), and I
believe it's still widely used.  It hasn't been updated lately
because it hasn't needed anything.

Some people recommend using the milter interface with amavisd-new
rather than smtp, pick whichever you like. Performance will be similar.


  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Sven Schwedas
In reply to this post by J Doe
On 2017-12-12 10:55, J Doe wrote:
> Hi,
>
> I was wondering if fellow Postfix users would still recommend using amavisd-new when integrating AV (ClamAV), and spam filtering (SpamAssasin) ?

There's nothing wrong with Amavis. The only decent alternative I know of
is Rspamd.

> The site I have this in mind for receives a moderate amount of e-mail per day.

IMO I'd stick to amavis – while Rspamd /can/ perform better at large
scale, the documentation is awful. So stick to what you know.

--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas, Systemadministrator
[hidden email] | ☎ +43 680 301 7167
TAO Digital   | Teil der TAO Beratungs- & Management GmbH
Lendplatz 45  | FN 213999f/Klagenfurt, FB-Gericht Villach
A8020 Graz    | https://www.tao-digital.at


signature.asc (673 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

John Stoffel-2
>>>>> "Sven" == Sven Schwedas <[hidden email]> writes:

Sven> On 2017-12-12 10:55, J Doe wrote:
>> Hi,
>>
>> I was wondering if fellow Postfix users would still recommend using amavisd-new when integrating AV (ClamAV), and spam filtering (SpamAssasin) ?

Sven> There's nothing wrong with Amavis. The only decent alternative I
Sven> know of is Rspamd.

I've been using rspamd and I've finally given up on it.  It does a
decent job, but nwo I'm moving back to spamassisin.

>> The site I have this in mind for receives a moderate amount of e-mail per day.

Sven> IMO I'd stick to amavis – while Rspamd /can/ perform better at
Sven> large scale, the documentation is awful. So stick to what you
Sven> know.

This is a the biggest downside to rspam, the configuration file layout
and documentation is baroque.  Completely flexible, but so overkill
for a small site.

Now to figure out why spamassisin as a milter ain't working
properly...

Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Matus UHLAR - fantomas
In reply to this post by Sven Schwedas
>On 2017-12-12 10:55, J Doe wrote:
>> I was wondering if fellow Postfix users would still recommend using amavisd-new when integrating AV (ClamAV), and spam filtering (SpamAssasin) ?

On 12.12.17 16:12, Sven Schwedas wrote:
>There's nothing wrong with Amavis. The only decent alternative I know of
>is Rspamd.

maybe mimedefang and sagator.

>> The site I have this in mind for receives a moderate amount of e-mail per day.

>IMO I'd stick to amavis – while Rspamd /can/ perform better at large
>scale, the documentation is awful. So stick to what you know.

not that amavisd couldn't have better docs :-)

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam = (S)tupid (P)eople's (A)dvertising (M)ethod
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

J Doe

On Dec 12, 2017, at 11:12 AM, Matus UHLAR - fantomas <[hidden email]> wrote:

>>> On 2017-12-12 10:55, J Doe wrote:
>>> I was wondering if fellow Postfix users would still recommend using amavisd-new when integrating AV (ClamAV), and spam filtering (SpamAssasin) ?
>
>> On 12.12.17 16:12, Sven Schwedas wrote:
>> There's nothing wrong with Amavis. The only decent alternative I know of
>> is Rspamd.
>
> maybe mimedefang and sagator.
>
>>> The site I have this in mind for receives a moderate amount of e-mail per day.
>
>> IMO I'd stick to amavis – while Rspamd /can/ perform better at large
>> scale, the documentation is awful. So stick to what you know.
>
> not that amavisd couldn't have better docs :-)

Hi everyone,

Ok, good to know that amavisd-new is still a reasonable solution!

Thank you for mentioning rspamd.  I had only briefly checked that out (I really like that Lua is the integrated scripting language - I’ve used Lua on a number of other projects), but the fact that the documentation is lacking is a show stopper for me.  I definitely agree with the sentiment that incomplete documentation is a bug.

Thanks again for your feedback,

- J
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Benny Pedersen-2
In reply to this post by Sven Schwedas
Sven Schwedas skrev den 2017-12-12 16:12:
> On 2017-12-12 10:55, J Doe wrote:

>> I was wondering if fellow Postfix users would still recommend using
>> amavisd-new
>> when integrating AV (ClamAV), and spam filtering (SpamAssasin) ?

> There's nothing wrong with Amavis. The only decent alternative I know
> of
> is Rspamd.

https://github.com/gentoo/gentoo/tree/master/mail-filter

there is plenti of alternatives :=)

>> The site I have this in mind for receives a moderate amount of e-mail
>> per day.

> IMO I'd stick to amavis – while Rspamd /can/ perform better at large
> scale, the documentation is awful. So stick to what you know.

so stay away from alternatives ?

sorry being confussed, using clamav-milter, spampd here, pretty simple
for me
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Benny Pedersen-2
In reply to this post by John Stoffel-2
John Stoffel skrev den 2017-12-12 16:53:

> Now to figure out why spamassisin as a milter ain't working
> properly...

try rmilter, configure it for spamd, so you dont need to use spamc :=)

same auhor as rspamd maked it, rmilter is now depricated, hopefully he
wont delete it

ucl was born to users that dont know how to handle xml, where there was
plenti of buggy tools to use it

sad sad
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Maarten
I use MailScanner, I'm happy so far with it.


On 2017-12-13 10:05, Benny Pedersen wrote:

> John Stoffel skrev den 2017-12-12 16:53:
>
>> Now to figure out why spamassisin as a milter ain't working
>> properly...
>
> try rmilter, configure it for spamd, so you dont need to use spamc :=)
>
> same auhor as rspamd maked it, rmilter is now depricated, hopefully he
> wont delete it
>
> ucl was born to users that dont know how to handle xml, where there
> was plenti of buggy tools to use it
>
> sad sad
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Benny Pedersen-2
Maarten skrev den 2017-12-13 10:11:
> I use MailScanner, I'm happy so far with it.

bad solotion with postfix, since mailscanner uses queue dirs directly,
this is not supported in postfix, mailscanner is designed for sendmail
only, dont try other mta with it
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Maarten
According to  their documentation using MailScanner with postfix works
too.

https://www.mailscanner.info/postfix/

What would be the advantage to switching to something like amavisd-new?

.
On 2017-12-13 10:28, Benny Pedersen wrote:
> Maarten skrev den 2017-12-13 10:11:
>> I use MailScanner, I'm happy so far with it.
>
> bad solotion with postfix, since mailscanner uses queue dirs directly,
> this is not supported in postfix, mailscanner is designed for sendmail
> only, dont try other mta with it
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Ansgar Wiechers
On 2017-12-13 Maarten wrote:
> According to  their documentation using MailScanner with postfix works
> too.
>
> https://www.mailscanner.info/postfix/

MailScanner operates on Postfix internal structures (namely the mail
queue). Postfix does not make guarantees about these (meaning they might
be subject to change anytime without prior notice). Hence MailScanner is
not supported and not recommended with Postfix, regardless of whether it
does or doesn't work right now.

Regards
Ansgar Wiechers
--
"Abstractions save us time working, but they don't save us time
learning."
--Joel Spolsky
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Maarten
I'll have a look at amavisd-new after the new year since that seems to
be the more update one.
So with amvisd-new you can also do spam filtering, use different
scanners, filename blocking etc?


On 2017-12-13 11:02, Ansgar Wiechers wrote:

> On 2017-12-13 Maarten wrote:
>> According to  their documentation using MailScanner with postfix works
>> too.
>>
>> https://www.mailscanner.info/postfix/
>
> MailScanner operates on Postfix internal structures (namely the mail
> queue). Postfix does not make guarantees about these (meaning they
> might
> be subject to change anytime without prior notice). Hence MailScanner
> is
> not supported and not recommended with Postfix, regardless of whether
> it
> does or doesn't work right now.
>
> Regards
> Ansgar Wiechers
Reply | Threaded
Open this post in threaded view
|

Sending only local mail to another mail server

Martin Brampton
I'm running a Postfix server that receives mail for a number of domains,
and provides service for mail users via Dovecot. It's not used for
sending mail from users, another server acts as the mail relay.

Is it possible to configure my Postfix server so that locally generated
mail (e.g. from cron jobs) is sent to the other server rather than being
delivered locally? If so, how would this be achieved? (I want to achieve
a consistent path for all mail that reaches accounts).

Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Matus UHLAR - fantomas
In reply to this post by Maarten
On 13.12.17 11:13, Maarten wrote:
>I'll have a look at amavisd-new after the new year since that seems
>to be the more update one.
>So with amvisd-new you can also do spam filtering, use different
>scanners, filename blocking etc?

yes.

>On 2017-12-13 11:02, Ansgar Wiechers wrote:
>>MailScanner operates on Postfix internal structures (namely the mail
>>queue). Postfix does not make guarantees about these (meaning they
>>might
>>be subject to change anytime without prior notice). Hence
>>MailScanner is
>>not supported and not recommended with Postfix, regardless of
>>whether it
>>does or doesn't work right now.

and it's also an ugly solution. milters are way nicer.

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam is for losers who can't get business any other way.
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Bill Cole-3
In reply to this post by Maarten
On 13 Dec 2017, at 4:45 (-0500), Maarten wrote:

> According to  their documentation using MailScanner with postfix works
> too.
>
> https://www.mailscanner.info/postfix/

Yes, and there's a link at the bottom of that page to the postfix.org
add-on page which specifically warns against MailScanner.

> What would be the advantage to switching to something like
> amavisd-new?

The advantage to something that uses the SMTP Proxy interface or the
Milter interface is that you can trust that it won't be broken without
warning or documentation in a future Postfix release. Apart from the
risk that it relies on Postfix not changing queue structures and
behaviors which are explicitly unsupported and subject to change,  
MailScanner works directly with the Postfix queue in a way that Wietse
has been saying for years is already not safe. I haven't analyzed the
Postfix queue-handling code (life is too short...) but I trust his
judgment of safety in working with the Postfix queue over that of anyone
who didn't write that code. The MailScanner argument (essentially that
what they do doesn't break enough to notice) is entirely unpersuasive.

--
Bill Cole
[hidden email] or [hidden email]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
Reply | Threaded
Open this post in threaded view
|

RE: Question regarding use of amavisd-new

L.P.H. van Belle
Hai,


mailscanner runs fine here for about 5-6 years now, with postfix.
Mailscanner + postfix (postscreen) rules here :-)

But if you want a quicky to test.
https://efa-project.org/  = Mailscanner + mailwatch +... Lots of extra's.


Greetz,

Louis



> -----Oorspronkelijk bericht-----
> Van: [hidden email]
> [mailto:[hidden email]] Namens Bill Cole
> Verzonden: woensdag 13 december 2017 16:46
> Aan: Postfix users
> Onderwerp: Re: Question regarding use of amavisd-new
>
> On 13 Dec 2017, at 4:45 (-0500), Maarten wrote:
>
> > According to  their documentation using MailScanner with
> postfix works
> > too.
> >
> > https://www.mailscanner.info/postfix/
>
> Yes, and there's a link at the bottom of that page to the postfix.org
> add-on page which specifically warns against MailScanner.
>
> > What would be the advantage to switching to something like
> > amavisd-new?
>
> The advantage to something that uses the SMTP Proxy interface or the
> Milter interface is that you can trust that it won't be
> broken without
> warning or documentation in a future Postfix release. Apart from the
> risk that it relies on Postfix not changing queue structures and
> behaviors which are explicitly unsupported and subject to change,  
> MailScanner works directly with the Postfix queue in a way
> that Wietse
> has been saying for years is already not safe. I haven't analyzed the
> Postfix queue-handling code (life is too short...) but I trust his
> judgment of safety in working with the Postfix queue over
> that of anyone
> who didn't write that code. The MailScanner argument
> (essentially that
> what they do doesn't break enough to notice) is entirely unpersuasive.
>
> --
> Bill Cole
> [hidden email] or [hidden email]
> (AKA @grumpybozo and many *@billmail.scconsult.com addresses)
> Currently Seeking Steady Work: https://linkedin.com/in/billcole
>
>

Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

John Peach
On 12/13/2017 10:52 AM, L.P.H. van Belle wrote:
> Hai,
>
>
> mailscanner runs fine here for about 5-6 years now, with postfix.
> Mailscanner + postfix (postscreen) rules here :-)

You *think* it's been running fine. When the author of postfix
specifically warns against using it, it would be foolhardy to ignore him.

>
> But if you want a quicky to test.
> https://efa-project.org/  = Mailscanner + mailwatch +... Lots of extra's.
>
>
> Greetz,
>
> Louis
>
>
>
>> -----Oorspronkelijk bericht-----
>> Van: [hidden email]
>> [mailto:[hidden email]] Namens Bill Cole
>> Verzonden: woensdag 13 december 2017 16:46
>> Aan: Postfix users
>> Onderwerp: Re: Question regarding use of amavisd-new
>>
>> On 13 Dec 2017, at 4:45 (-0500), Maarten wrote:
>>
>>> According to  their documentation using MailScanner with
>> postfix works
>>> too.
>>>
>>> https://www.mailscanner.info/postfix/
>>
>> Yes, and there's a link at the bottom of that page to the postfix.org
>> add-on page which specifically warns against MailScanner.
>>
>>> What would be the advantage to switching to something like
>>> amavisd-new?
>>
>> The advantage to something that uses the SMTP Proxy interface or the
>> Milter interface is that you can trust that it won't be
>> broken without
>> warning or documentation in a future Postfix release. Apart from the
>> risk that it relies on Postfix not changing queue structures and
>> behaviors which are explicitly unsupported and subject to change,
>> MailScanner works directly with the Postfix queue in a way
>> that Wietse
>> has been saying for years is already not safe. I haven't analyzed the
>> Postfix queue-handling code (life is too short...) but I trust his
>> judgment of safety in working with the Postfix queue over
>> that of anyone
>> who didn't write that code. The MailScanner argument
>> (essentially that
>> what they do doesn't break enough to notice) is entirely unpersuasive.
>>
>> --
>> Bill Cole
>> [hidden email] or [hidden email]
>> (AKA @grumpybozo and many *@billmail.scconsult.com addresses)
>> Currently Seeking Steady Work: https://linkedin.com/in/billcole
>>
>>
>




--
John
PGP Public Key: 412934AC
Reply | Threaded
Open this post in threaded view
|

RE: Question regarding use of amavisd-new

L.P.H. van Belle
No, i know it runs fine, after about 2-3 milion emails processed, i know .. Really..
And no i did not ignore him, but i want mailscanner and i want postfix and not exim.

Did you even try it and test it? And if so, what did you encounter??
I only found 1 thing and thats fixed.
something with long queue id-s and releasing to ms exchange servers, these did not arrive.
But again thats fixed now.


Greetz,

Louis


> -----Oorspronkelijk bericht-----
> Van: [hidden email]
> [mailto:[hidden email]] Namens John Peach
> Verzonden: woensdag 13 december 2017 16:56
> Aan: L.P.H. van Belle; Postfix users
> Onderwerp: Re: Question regarding use of amavisd-new
>
> On 12/13/2017 10:52 AM, L.P.H. van Belle wrote:
> > Hai,
> >
> >
> > mailscanner runs fine here for about 5-6 years now, with postfix.
> > Mailscanner + postfix (postscreen) rules here :-)
>
> You *think* it's been running fine. When the author of postfix
> specifically warns against using it, it would be foolhardy to
> ignore him.
>
> >
> > But if you want a quicky to test.
> > https://efa-project.org/  = Mailscanner + mailwatch +...
> Lots of extra's.
> >
> >
> > Greetz,
> >
> > Louis
> >
> >
> >
> >> -----Oorspronkelijk bericht-----
> >> Van: [hidden email]
> >> [mailto:[hidden email]] Namens Bill Cole
> >> Verzonden: woensdag 13 december 2017 16:46
> >> Aan: Postfix users
> >> Onderwerp: Re: Question regarding use of amavisd-new
> >>
> >> On 13 Dec 2017, at 4:45 (-0500), Maarten wrote:
> >>
> >>> According to  their documentation using MailScanner with
> >> postfix works
> >>> too.
> >>>
> >>> https://www.mailscanner.info/postfix/
> >>
> >> Yes, and there's a link at the bottom of that page to the
> postfix.org
> >> add-on page which specifically warns against MailScanner.
> >>
> >>> What would be the advantage to switching to something like
> >>> amavisd-new?
> >>
> >> The advantage to something that uses the SMTP Proxy
> interface or the
> >> Milter interface is that you can trust that it won't be
> >> broken without
> >> warning or documentation in a future Postfix release.
> Apart from the
> >> risk that it relies on Postfix not changing queue structures and
> >> behaviors which are explicitly unsupported and subject to change,
> >> MailScanner works directly with the Postfix queue in a way
> >> that Wietse
> >> has been saying for years is already not safe. I haven't
> analyzed the
> >> Postfix queue-handling code (life is too short...) but I trust his
> >> judgment of safety in working with the Postfix queue over
> >> that of anyone
> >> who didn't write that code. The MailScanner argument
> >> (essentially that
> >> what they do doesn't break enough to notice) is entirely
> unpersuasive.
> >>
> >> --
> >> Bill Cole
> >> [hidden email] or [hidden email]
> >> (AKA @grumpybozo and many *@billmail.scconsult.com addresses)
> >> Currently Seeking Steady Work: https://linkedin.com/in/billcole
> >>
> >>
> >
>
>
>
>
> --
> John
> PGP Public Key: 412934AC
>
>

Reply | Threaded
Open this post in threaded view
|

Re: Question regarding use of amavisd-new

Bill Cole-3
On 13 Dec 2017, at 11:01 (-0500), L.P.H. van Belle wrote:

> No, i know it runs fine, after about 2-3 milion emails processed, i
> know .. Really..

My vague recollection of MailScanner's inherent risk is that it is
volume-dependent, i.e. it might never cause any problem with a million
messages over the space of a year, but with a million messages in one
day, a dozen get mangled or lost.

--
Bill Cole
[hidden email] or [hidden email]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
12