local system mail

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

local system mail

Joe Acquisto-j4
Post fix version 3.4.7. with Spamassassin.  While adding virus scanning (clamav) noticed during testing
that any mail send from the postfix host does not get processed by spamassassin.

Postfix does accept it and passes it right thorough without any indication it was passed through
spamd or clamd.

Wondering how I can fix that.  That is, cause local mail to be scanned.

Quick look at master.cf and main.cf, nothing jumped out to bite me.

joe a.

Reply | Threaded
Open this post in threaded view
|

Re: local system mail

Wietse Venema
Joe Acquisto-j4:
> Post fix version 3.4.7. with Spamassassin.  While adding virus scanning (clamav) noticed during testing
> that any mail send from the postfix host does not get processed by spamassassin.
>
> Postfix does accept it and passes it right thorough without any indication it was passed through
> spamd or clamd.
>
> Wondering how I can fix that.  That is, cause local mail to be scanned.
>
> Quick look at master.cf and main.cf, nothing jumped out to bite me.

TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail

TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html

Thank you for using Postfix.
Reply | Threaded
Open this post in threaded view
|

Re: local system mail

Bill Cole-3
In reply to this post by Joe Acquisto-j4
On 22 Feb 2021, at 17:27, Joe Acquisto-j4 wrote:

> Post fix version 3.4.7. with Spamassassin.  While adding virus
> scanning (clamav) noticed during testing
> that any mail send from the postfix host does not get processed by
> spamassassin.
>
> Postfix does accept it and passes it right thorough without any
> indication it was passed through
> spamd or clamd.

Critical issue: what mechanisms are you using to integrate SpamAssassin
and ClamAV?

> Wondering how I can fix that.  That is, cause local mail to be
> scanned.
>
> Quick look at master.cf and main.cf, nothing jumped out to bite me.

If you are using Milters, you need to set non_smtpd_milters to get
locally-submitted mail to be shown to them. If that's not the solution
in your case (i.e. you're using the SMTP proxy or content_filter
mechanisms) you need to explain your configuration.

--
Bill Cole
[hidden email] or [hidden email]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
Reply | Threaded
Open this post in threaded view
|

Re: local system mail

Joe Acquisto-j4

> On 22 Feb 2021, at 17:27, Joe Acquisto-j4 wrote:
>
>> Post fix version 3.4.7. with Spamassassin.  While adding virus
>> scanning (clamav) noticed during testing
>> that any mail send from the postfix host does not get processed by
>> spamassassin.
>>
>> Postfix does accept it and passes it right thorough without any
>> indication it was passed through
>> spamd or clamd.
>
> Critical issue: what mechanisms are you using to integrate SpamAssassin
> and ClamAV?
>
>> Wondering how I can fix that.  That is, cause local mail to be
>> scanned.
>>
>> Quick look at master.cf and main.cf, nothing jumped out to bite me.
>
> If you are using Milters, you need to set non_smtpd_milters to get
> locally-submitted mail to be shown to them. If that's not the solution
> in your case (i.e. you're using the SMTP proxy or content_filter
> mechanisms) you need to explain your configuration.
>
> --
> Bill Cole

Thanks.  Sorry for the terse post.  Figured it was such an obvious
amateur error not much was needed.

Setting non_smtpd_milters did the trick for testing the virus scanner.  I
should have guessed that on my own.

The content filter (spamassassin) is not a hot item. but the relevant lines
from master.cf are:
. . .
smtp      inet  n       -       n       -       -       smtpd -o content_filter=spamassassin

. . .
spamassassin unix -     n        n       -       -       pipe
  flags=Rq user=spamfilter argv=/usr/local/bin/spamass.sh -e /usr/sbin/sendmail -oi -f ${sender} -- ${recipient}
. . .

Hopefully that is enough.  

joe a.

Reply | Threaded
Open this post in threaded view
|

Re: local system mail

Bill Cole-3
On 22 Feb 2021, at 18:40, Joe Acquisto-j4 wrote:

>> On 22 Feb 2021, at 17:27, Joe Acquisto-j4 wrote:
>>
>>> Post fix version 3.4.7. with Spamassassin.  While adding virus
>>> scanning (clamav) noticed during testing
>>> that any mail send from the postfix host does not get processed by
>>> spamassassin.
>>>
>>> Postfix does accept it and passes it right thorough without any
>>> indication it was passed through
>>> spamd or clamd.
>>
>> Critical issue: what mechanisms are you using to integrate
>> SpamAssassin
>> and ClamAV?
>>
>>> Wondering how I can fix that.  That is, cause local mail to be
>>> scanned.
>>>
>>> Quick look at master.cf and main.cf, nothing jumped out to bite me.
>>
>> If you are using Milters, you need to set non_smtpd_milters to get
>> locally-submitted mail to be shown to them. If that's not the
>> solution
>> in your case (i.e. you're using the SMTP proxy or content_filter
>> mechanisms) you need to explain your configuration.
>>
>> --
>> Bill Cole
>
> Thanks.  Sorry for the terse post.  Figured it was such an obvious
> amateur error not much was needed.
>
> Setting non_smtpd_milters did the trick for testing the virus scanner.
>  I
> should have guessed that on my own.
>
> The content filter (spamassassin) is not a hot item. but the relevant
> lines
> from master.cf are:
> . . .
> smtp      inet  n       -       n       -       -       smtpd -o
> content_filter=spamassassin

You need an analogous configuration for the pickup service to get local
mail piped through the spamassassin service. See
http://www.postfix.org/FILTER_README.html.

--
Bill Cole
[hidden email] or [hidden email]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
Reply | Threaded
Open this post in threaded view
|

Re: local system mail

Joe Acquisto-j4
> On 22 Feb 2021, at 18:40, Joe Acquisto-j4 wrote:
>
On 22 Feb 2021, at 17:27, Joe Acquisto-j4 wrote:

>>>
>>>> Post fix version 3.4.7. with Spamassassin.  While adding virus
>>>> scanning (clamav) noticed during testing
>>>> that any mail send from the postfix host does not get processed by
>>>> spamassassin.
>>>>
>>>> Postfix does accept it and passes it right thorough without any
>>>> indication it was passed through
>>>> spamd or clamd.
>>>
>>> Critical issue: what mechanisms are you using to integrate
>>> SpamAssassin
>>> and ClamAV?
>>>
>>>> Wondering how I can fix that.  That is, cause local mail to be
>>>> scanned.
>>>>
>>>> Quick look at master.cf and main.cf, nothing jumped out to bite me.
>>>
>>> If you are using Milters, you need to set non_smtpd_milters to get
>>> locally-submitted mail to be shown to them. If that's not the
>>> solution
>>> in your case (i.e. you're using the SMTP proxy or content_filter
>>> mechanisms) you need to explain your configuration.
>>>
>>> --
>>> Bill Cole
>>
>> Thanks.  Sorry for the terse post.  Figured it was such an obvious
>> amateur error not much was needed.
>>
>> Setting non_smtpd_milters did the trick for testing the virus scanner.
>>  I
>> should have guessed that on my own.
>>
>> The content filter (spamassassin) is not a hot item. but the relevant
>> lines
>> from master.cf are:
>> . . .
>> smtp      inet  n       -       n       -       -       smtpd -o
>> content_filter=spamassassin
>
> You need an analogous configuration for the pickup service to get local
> mail piped through the spamassassin service. See
> http://www.postfix.org/FILTER_README.html.
>
> --
> Bill Cole
. . .

I did not notice that adding non_smtpd_milters also caused off
box (smtpd) mail to be scanned twice, before and after
spamassassin.  

Apparently having both smtpd_milters and non_smtpd_milters
specified in main.cf causes that.    

Initially it appeared to me that milters had to be specified main.cf.  
Delving somewhat deeper it now appears that to me milters can
alternately be specified in master.cf?   Is that correct?  

joe a




Reply | Threaded
Open this post in threaded view
|

Re: local system mail

Matus UHLAR - fantomas
On 25.02.21 12:57, Joe Acquisto-j4 wrote:

>I did not notice that adding non_smtpd_milters also caused off
>box (smtpd) mail to be scanned twice, before and after
>spamassassin.
>
>Apparently having both smtpd_milters and non_smtpd_milters
>specified in main.cf causes that.
>
>Initially it appeared to me that milters had to be specified main.cf.
>Delving somewhat deeper it now appears that to me milters can
>alternately be specified in master.cf?   Is that correct?

you can switch to spamass-milter instead of using spamassassin.
With it, you can reject high scoring spam at SMTP level.

other approach, common with amavis is to use amavis as content_filter for
mail submitted locally or on ports 465/587 (where authentication is
required) and amavis feeds mail back on alternative port where milters and
content filters are disabled.

mail received on port 25 can still be scanned via milter to allow smtp-time
rejection.

advantage of this approach is that local/authenticated clients get quick
feedback about accepted mail (scanning takes some time), while remote
clients (mail servers) can wait a while.

I usually use amavisd as content_filter by default, and amavisd-milter on port
25.

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
   One OS to rule them all, One OS to find them,
One OS to bring them all and into darkness bind them
Reply | Threaded
Open this post in threaded view
|

Re: local system mail

Jaroslaw Rafa
In reply to this post by Joe Acquisto-j4
Dnia 25.02.2021 o godz. 12:57:04 Joe Acquisto-j4 pisze:
>
> I did not notice that adding non_smtpd_milters also caused off
> box (smtpd) mail to be scanned twice, before and after
> spamassassin.  

That's a good reason to switch from running spamassassin as a post-queue
content filter to running it as a milter as well. At least that was in my
case :)
--
Regards,
   Jaroslaw Rafa
   [hidden email]
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
Reply | Threaded
Open this post in threaded view
|

Re: local system mail

Joe Acquisto-j4
In reply to this post by Joe Acquisto-j4
. . .

>
> I did not notice that adding non_smtpd_milters also caused off
> box (smtpd) mail to be scanned twice, before and after
> spamassassin.  
>
> Apparently having both smtpd_milters and non_smtpd_milters
> specified in main.cf causes that.    
>
> Initially it appeared to me that milters had to be specified main.cf.  
> Delving somewhat deeper it now appears that to me milters can
> alternately be specified in master.cf?   Is that correct?  
>
> joe a

Re-reading http://www.postfix.org/FILTER_README.html#principles

I think provides what I sought.  Thanks for the comments, more insight
is always useful.

joe a.