LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Postfix and Spamassassin - only scan incoming mail (https://www.linuxquestions.org/questions/linux-server-73/postfix-and-spamassassin-only-scan-incoming-mail-700161/)

senator 01-27-2009 05:29 AM
Postfix and Spamassassin - only scan incoming mail
 
Hey all, this is my first post here, I hope you can help me!
So basically, my problem is this:
I have a mail server, (well, actually a server that does it all: DNS, mail, apache, etc) and i've noticed that spamassassin scans all email (incoming, outgoing - even from our own users). Now, this really isn't a problem, the CPU usage is rather low, but it's been bothering me ever since. So, the solution I came up with was to tell postfix to "content filter" only mail coming through eth0 - the external interface; mail coming from the local network and localhost (for mail sent from squirrelmail) won't be sent to spamd for checking.

Well, this works... in some cases, but it's really not a viable solution since:

a) a lot of our users have notebooks and have wireless connections, so they connect to the server on the public IP
b) even if they are connected to the local network, their smtp server in the mail client is the mail subdomain itself, so the connection, again, will be established through the external interface. I'd have to set every mail client in the company with the internal IP of the mail server... so it would be a real drag.

The solution I think would work best, would be to somehow tell postfix to only send spamassassin mail which isn't sent by one of our users (the mail users being actual linux accounts). Does anybody have a clue how on earth could I accomplish this?

auximini 01-27-2009 10:22 PM
Man that is a good question.

The easiest thing to do would be to whitelist your domain in SpamAssassin. Not a very good idea since that will allow spam through with forged To: headers.

The next thing I thought of was if you were to make everyone use SMTPAUTH. Unfortunately that would require you to make changes on all clients. That's probably a lot of work for you.

The SMTPAUTH idea brought me to this:

http://www.nabble.com/Bypass-content...d19354164.html

There are a lot of good ideas there and you might find one that works. The FILTER directive they are talking about is explained here:

http://www.postfix.org/FILTER_README.html

See the very last section titled "FILTER actions in access or header/body tables". You might be able to filter by IP or header.

I hope that helps. I'm very interested if you find a solution to this.


All times are GMT -5. The time now is 09:30 PM.