LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 01-27-2009, 05:29 AM   #1
senator
LQ Newbie
 
Registered: Jan 2009
Location: Romania, Galati
Distribution: Fedora 10, Slackware 11
Posts: 6

Rep: Reputation: 0
Postfix and Spamassassin - only scan incoming mail


Hey all, this is my first post here, I hope you can help me!
So basically, my problem is this:
I have a mail server, (well, actually a server that does it all: DNS, mail, apache, etc) and i've noticed that spamassassin scans all email (incoming, outgoing - even from our own users). Now, this really isn't a problem, the CPU usage is rather low, but it's been bothering me ever since. So, the solution I came up with was to tell postfix to "content filter" only mail coming through eth0 - the external interface; mail coming from the local network and localhost (for mail sent from squirrelmail) won't be sent to spamd for checking.

Well, this works... in some cases, but it's really not a viable solution since:

a) a lot of our users have notebooks and have wireless connections, so they connect to the server on the public IP
b) even if they are connected to the local network, their smtp server in the mail client is the mail subdomain itself, so the connection, again, will be established through the external interface. I'd have to set every mail client in the company with the internal IP of the mail server... so it would be a real drag.

The solution I think would work best, would be to somehow tell postfix to only send spamassassin mail which isn't sent by one of our users (the mail users being actual linux accounts). Does anybody have a clue how on earth could I accomplish this?
 
Old 01-27-2009, 10:22 PM   #2
auximini
Member
 
Registered: Dec 2003
Location: Calgary, AB
Distribution: Any!
Posts: 146

Rep: Reputation: 18
Man that is a good question.

The easiest thing to do would be to whitelist your domain in SpamAssassin. Not a very good idea since that will allow spam through with forged To: headers.

The next thing I thought of was if you were to make everyone use SMTPAUTH. Unfortunately that would require you to make changes on all clients. That's probably a lot of work for you.

The SMTPAUTH idea brought me to this:

http://www.nabble.com/Bypass-content...d19354164.html

There are a lot of good ideas there and you might find one that works. The FILTER directive they are talking about is explained here:

http://www.postfix.org/FILTER_README.html

See the very last section titled "FILTER actions in access or header/body tables". You might be able to filter by IP or header.

I hope that helps. I'm very interested if you find a solution to this.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hot scan incoming pop mail f-prot? ginda Linux - Security 3 03-29-2005 12:57 AM
How to make bitdefender antivirus auto scan incoming mail ginda Linux - Software 1 03-15-2005 10:42 AM
Spamassassin and Postfix: Filter only incoming mails? Fonk Linux - Software 0 10-07-2004 12:43 PM
postfix incoming mail problem punker22 Linux - Networking 1 07-17-2004 12:45 AM
Postfix mail server not accepting incoming mail from the external interface rexmundi Linux - Networking 7 12-22-2003 03:41 PM


All times are GMT -5. The time now is 07:14 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration