Both sides previous revision
Previous revision
Next revision
|
Previous revision
Next revision
Both sides next revision
|
postfix:advance [2006/08/03 12:00] a mysql proxy |
postfix:advance [2006/11/03 17:54] a addvrfy info |
* http://projects.puremagic.com/greylisting/ | * http://projects.puremagic.com/greylisting/ |
| |
| |
| ===== Address verification ===== |
| |
| address_verify_positive_expire_time (31d) |
| The time after which a successful probe expires |
| from the address verification cache. |
| |
| address_verify_positive_refresh_time (7d) |
| The time after which a successful address verifica- |
| tion probe needs to be refreshed. |
| |
| address_verify_negative_cache (yes) |
| Enable caching of failed address verification probe |
| results. |
| |
| address_verify_negative_expire_time (3d) |
| The time after which a failed probe expires from |
| the address verification cache. |
| |
| address_verify_negative_refresh_time (3h) |
| The time after which a failed address verification |
| probe needs to be refreshed. |
| |
==== MySQL Proxy ==== | ==== MySQL Proxy ==== |
virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf | virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf |
virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf | virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf |
| |
| |
===== More RBL lists and stuff ===== | ===== More RBL lists and stuff ===== |
| |
>> reject_rbl_client relays.ordb.org, | reject_rbl_client relays.ordb.org, |
>> reject_rbl_client relays.visi.com, | reject_rbl_client relays.visi.com, |
>> reject_rbl_client sbl-xbl.spamhaus.com, | reject_rbl_client sbl-xbl.spamhaus.com, |
>> reject_rbl_client sbl.spamhaus.com, | reject_rbl_client sbl.spamhaus.com, |
>> reject_rbl_client xbl.spamhaus.com, | reject_rbl_client xbl.spamhaus.com, |
>> reject_rbl_client hil.habeas.com, | reject_rbl_client hil.habeas.com, |
>> reject_rbl_client bl.spamcop.net, | reject_rbl_client bl.spamcop.net, |
>> reject_rbl_client list.dsbl.org, | reject_rbl_client list.dsbl.org, |
>> reject_rbl_client combined.njabl.org, | reject_rbl_client combined.njabl.org, |
>> reject_rbl_client opm.blitzed.org, | reject_rbl_client opm.blitzed.org, |
>> reject_rbl_client dnsbl.sorbs.net, | reject_rbl_client dnsbl.sorbs.net, |
>> reject_rbl_client dul.dnsbl.sorbs.net, | reject_rbl_client dul.dnsbl.sorbs.net, |
>> reject_rbl_client cn-kr.blackholes.us, | reject_rbl_client cn-kr.blackholes.us, |
>> reject_rbl_client singapore.blackholes.us, | reject_rbl_client singapore.blackholes.us, |
>> reject_rbl_client malaysia.blackholes.us, | reject_rbl_client malaysia.blackholes.us, |
>> reject_rbl_client nigeria.blackholes.us, | reject_rbl_client nigeria.blackholes.us, |
>> reject_rbl_client cbl.abuseat.org, | reject_rbl_client cbl.abuseat.org, |
>> reject_rbl_client combined.njabl.org, | reject_rbl_client combined.njabl.org, |
>> reject_rbl_client dnsbl.ahbl.org, | reject_rbl_client dnsbl.ahbl.org, |
>> reject_rbl_client dynablock.njabl.org, | reject_rbl_client dynablock.njabl.org, |
>> reject_rbl_client l0.spews.dnsbl.sorbs.net, | reject_rbl_client l0.spews.dnsbl.sorbs.net, |
>> reject_rbl_sender relays.ordb.org, | reject_rbl_sender relays.ordb.org, |
>> reject_rbl_sender relays.visi.com, | reject_rbl_sender relays.visi.com, |
>> reject_rbl_sender sbl-xbl.spamhaus.com, | reject_rbl_sender sbl-xbl.spamhaus.com, |
>> reject_rbl_sender sbl.spamhaus.com, | reject_rbl_sender sbl.spamhaus.com, |
>> reject_rbl_sender xbl.spamhaus.com, | reject_rbl_sender xbl.spamhaus.com, |
>> reject_rbl_sender hil.habeas.com, | reject_rbl_sender hil.habeas.com, |
>> reject_rbl_sender bl.spamcop.net, | reject_rbl_sender bl.spamcop.net, |
>> reject_rbl_sender list.dsbl.org, | reject_rbl_sender list.dsbl.org, |
>> reject_rbl_sender combined.njabl.org, | reject_rbl_sender combined.njabl.org, |
>> reject_rbl_sender opm.blitzed.org, | reject_rbl_sender opm.blitzed.org, |
>> reject_rbl_sender dnsbl.sorbs.net, | reject_rbl_sender dnsbl.sorbs.net, |
>> reject_rbl_sender dul.dnsbl.sorbs.net, | reject_rbl_sender dul.dnsbl.sorbs.net, |
>> reject_rbl_sender cn-kr.blackholes.us, | reject_rbl_sender cn-kr.blackholes.us, |
>> reject_rbl_sender singapore.blackholes.us, | reject_rbl_sender singapore.blackholes.us, |
>> reject_rbl_sender malaysia.blackholes.us, | reject_rbl_sender malaysia.blackholes.us, |
>> reject_rbl_sender nigeria.blackholes.us, | reject_rbl_sender nigeria.blackholes.us, |
>> reject_rbl_sender cbl.abuseat.org, | reject_rbl_sender cbl.abuseat.org, |
>> reject_rbl_sender combined.njabl.org, | reject_rbl_sender combined.njabl.org, |
>> reject_rbl_sender dnsbl.ahbl.org, | reject_rbl_sender dnsbl.ahbl.org, |
>> reject_rbl_sender dynablock.njabl.org, | reject_rbl_sender dynablock.njabl.org, |
>> reject_rbl_sender l0.spews.dnsbl.sorbs.net, | reject_rbl_sender l0.spews.dnsbl.sorbs.net, |
>> reject_rhsbl_sender dsn.rfc-ignorant.org, | reject_rhsbl_sender dsn.rfc-ignorant.org, |
>> reject_rhsbl_client blackhole.securitysage.com, | reject_rhsbl_client blackhole.securitysage.com, |
>> reject_rhsbl_sender blackhole.securitysage.com, | reject_rhsbl_sender blackhole.securitysage.com, |
| |
==== signature ==== | ==== signature ==== |
If you haven't set it up, try this: | If you haven't set it up, try this: |
(postfix: master.cf you can set up different ip addresses, aliases, and | |
send 'local' email to one of them: | (postfix: master.cf you can set up different ip addresses, aliases, and send 'local' email to one of them: |
| |
In this case, the default is to filter. | In this case, the default is to filter. |
But, if coming in through 127.0.0.1 (already filtered, amavis->postfix | But, if coming in through 127.0.0.1 (already filtered, amavis->postfix and back) no filter. |
and back) no filter. | |
| |
smtp inet n - n - - smtpd | smtp inet n - n - - smtpd -o content_filter=dfilt: |
-o content_filter=dfilt: | |
127.0.0.1:smtp inet n - n - - smtpd | 127.0.0.1:smtp inet n - n - - smtpd |
| dfilt unix - n n - - pipe flags=Rq user=filter |
dfilt unix - n n - - pipe | argv=/usr/local/etc/postfix/disclaimer -f ${sender} -- ${recipient} |
flags=Rq user=filter argv=/usr/local/etc/postfix/disclaimer -f | |
${sender} -- ${recipient} | |
| |
---/usr/local/etc/postfix/disclaimer is: | ---/usr/local/etc/postfix/disclaimer is: |
# Localize these. | |
INSPECT_DIR=/var/spool/filter | |
SENDMAIL=/usr/sbin/sendmail | |
| |
# Exit codes from <sysexits.h> | # Localize these. |
EX_TEMPFAIL=75 | INSPECT_DIR=/var/spool/filter |
EX_UNAVAILABLE=69 | SENDMAIL=/usr/sbin/sendmail |
| |
# Clean up when done or when aborting. | # Exit codes from <sysexits.h> |
trap "rm -f in.$$" 0 1 2 3 15 | EX_TEMPFAIL=75 |
| EX_UNAVAILABLE=69 |
| |
# Start processing. | # Clean up when done or when aborting. |
cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit | trap "rm -f in.$$" 0 1 2 3 15 |
$EX_TEMPFAIL; } | |
| # Start processing. |
| cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit |
| $EX_TEMPFAIL; } |
| |
cat >in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; } | cat >in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; } |
| |
/usr/local/bin/altermime --input=in.$$ --htmltoo \ | /usr/local/bin/altermime --input=in.$$ --htmltoo \ |
--disclaimer=/var/amavis/etc/disclaimer.txt \ | --disclaimer=/var/amavis/etc/disclaimer.txt \ |
--xheader="X-Confidential-Material: Please visit | --xheader="X-Confidential-Material: Please visit http://www.secnap.com" || \ |
http://www.secnap.com" || \ | { echo Message content rejected; exit $EX_UNAVAILABLE; } |
{ echo Message content rejected; exit | |
$EX_UNAVAILABLE; } | |
| |
$SENDMAIL "$@" <in.$$ | $SENDMAIL "$@" <in.$$ |
| |
exit $? | exit $? |
| |
//TODO// | //TODO// |
| |
| |