Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
postfix:advance [2006/05/28 17:47] a created |
postfix:advance [2009/05/25 00:35] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Postfix advance lavel ====== | ====== Postfix advance lavel ====== | ||
+ | |||
+ | //see also article:// | ||
===== Getting rid off spam/virus mails ===== | ===== Getting rid off spam/virus mails ===== | ||
Line 6: | Line 8: | ||
* http:// | * http:// | ||
- | //TODO// | + | ===== Different Postfix Access Policy Delegation ===== |
+ | |||
+ | How to use different [[http://www.postfix.org/SMTPD_POLICY_README.html|Access Policy Delegation]] with postfix. This it opens the possibility to use diffrent [[http:// | ||
+ | |||
+ | Create aliases for groups of access restrictions in ''/ | ||
+ | |||
+ | smtpd_restriction_classes = policy1, | ||
+ | policy2, | ||
+ | policy1 = check_policy_service inet: | ||
+ | policy2 = check_policy_service inet: | ||
+ | |||
+ | Create “''/ | ||
+ | |||
+ | # echo “127.0.0.1 policy1″ > / | ||
+ | # echo “127.0.0.2 policy1″ >> / | ||
+ | # echo “0.0.0.0/ | ||
+ | |||
+ | Add “'' | ||
+ | |||
+ | In this scenario you can have different access policies based on the client ip. It is also possible to base it on client reverse dns with help of pcre maps and recipient/ | ||
+ | |||
+ | ===== Address verification ===== | ||
+ | |||
+ | * **'' | ||
+ | * **'' | ||
+ | * **'' | ||
+ | * **'' | ||
+ | * **'' | ||
+ | |||
+ | ==== MySQL Proxy ==== | ||
+ | |||
+ | Performance and reliability under high load will be much improved if you use the Postfix proxymap service with your MySQL interface. This allows MySQL query connections to be shared among Postfix smtpd processes; without it, you will need much higher-end database hardware as Postfix will need to spawn a number of SQL connections for every smtpd or cleanup process. This problem typically only shows up under high load, just when you least want to see it. | ||
+ | |||
+ | To access MySQL via proxymap, change the MySQL maps lines above to read (example): | ||
+ | |||
+ | virtual_alias_maps = proxy: | ||
+ | virtual_mailbox_domains = proxy: | ||
+ | virtual_mailbox_maps = proxy: | ||
+ | |||
+ | ===== More RBL lists and stuff ===== | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | ==== signature ==== | ||
+ | If you haven' | ||
+ | |||
+ | | ||
+ | |||
+ | In this case, the default is to filter. | ||
+ | But, if coming in through 127.0.0.1 (already filtered, amavis-> | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | ''/ | ||
+ | ---- | ||
+ | |||
+ | < | ||
+ | < | ||
+ | # Localize these. | ||
+ | INSPECT_DIR=/ | ||
+ | SENDMAIL=/ | ||
+ | |||
+ | # Exit codes from < | ||
+ | EX_TEMPFAIL=75 | ||
+ | EX_UNAVAILABLE=69 | ||
+ | |||
+ | # Clean up when done or when aborting. | ||
+ | trap "rm -f in.$$" 0 1 2 3 15 | ||
+ | |||
+ | # Start processing. | ||
+ | cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit | ||
+ | $EX_TEMPFAIL; | ||
+ | |||
+ | cat >in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; | ||
+ | |||
+ | / | ||
+ | | ||
+ | | ||
+ | { echo Message content rejected; exit $EX_UNAVAILABLE; | ||
+ | |||
+ | $SENDMAIL " | ||
+ | |||
+ | exit $? | ||
+ | </ | ||
+ | </ | ||
+ | ---- | ||