Link to home
Start Free TrialLog in
Avatar of j79
j79

asked on

Postfix+Spamassassin Disable outgoing check


Hello,

is it possible to disable checking for outgoing messages in postfix/spamassassin because of it's blocking many mails which my clients are writing/sending via outlook?
It's achieving nearly 6 of 5.0 required points and after I'm using smtp-auth on this server it is better for me to disable this checking.

j79
Avatar of Karl Heinz Kremer
Karl Heinz Kremer
Flag of United States of America image

How are you starting spamassassin from postfix? I'm also have psotvix/spamassassin on my machine, but here spamassassin is started from Procmail, so it only gets run for incomming mails.
Avatar of j79
j79

ASKER


I'm starting it via postfix in master.cf:

smtp      inet  n       -       n       -       -       smtpd  
   -o content_filter=postfixfilter:


postfixfilter unix -    n       n       -       -       pipe
 flags=Rq user=filter argv=/usr/local/filter/postfixfilter -f ${sender} -- ${recipient}

Are you running Procmail as well on your server?
Avatar of j79

ASKER


Procmail is available but it's not running with any command now.
Instead my postfixfilter-script is looking like:

#!/bin/sh

SENDMAIL=/usr/sbin/sendmail
SPAMASSASSIN=/usr/bin/spamc

EX_TEMPFAIL=75
EX_UNAVAILABLE=69

cat | $SPAMASSASSIN -f > out.$$ #|| # { echo Message content rejected; exit $EX_UNAVAILABLE; }

grep "^X-Spam-Status: Yes" out.$$ > /dev/null 2>&1

if [ $? -ne 0 ]
then
  $SENDMAIL "$@" < out.$$
fi


This is what I have in my /etc/procmailrc:

# SpamAssassin sample procmailrc
#
# Pipe the mail through spamassassin (replace 'spamassassin' with 'spamc'
# if you use the spamc/spamd combination)
#
# The condition line ensures that only messages smaller than 250 kB
# (250 * 1024 = 256000 bytes) are processed by SpamAssassin. Most spam
# isn't bigger than a few k and working with big messages can bring
# SpamAssassin to its knees.
#
# The lock file ensures that only 1 spamassassin invocation happens
# at 1 time, to keep the load down.
#
:0fw: spamassassin.lock
* < 256000
| spamassassin

# Work around procmail bug: any output on stderr will cause the "F" in "From"
# to be dropped.  This will re-add it.
:0
* ^^rom[ ]
{
  LOG="*** Dropped F off From_ header! Fixing up. "

  :0 fhw
  | sed -e '1s/^/F/'
}



This only marks spam and does not remove it. In my home directory's .procmailrc I have these rules:

# Mails with a score of 15 or higher are almost certainly spam (with 0.05%
# false positives according to rules/STATISTICS.txt). Let's put them in a
# different mbox. (This one is optional.)
:0:
* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*
Mail/SPAM.almost-certainly-spam

# All mail tagged as spam (eg. with a score higher than the set threshold)
# is moved to "probably-spam".
:0:
* ^X-Spam-Status: Yes
Mail/SPAM.probably-spam
# Mails with a score of 15 or higher are almost certainly spam (with 0.05%
# false positives according to rules/STATISTICS.txt). Let's put them in a
# different mbox. (This one is optional.)
:0:
* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*
Mail/SPAM.almost-certainly-spam

# All mail tagged as spam (eg. with a score higher than the set threshold)
# is moved to "probably-spam".
:0:
* ^X-Spam-Status: Yes
Mail/SPAM.probably-spam


You can remove the spam right in the /etc/procmailrc by redirecting it to /dev/null

:0:
* ^X-Spam-Status: Yes
/dev/null



Avatar of j79

ASKER


OK, another question.
Can I add my postfixfilter-script into the procmailrc? Is procmailrc accepting "/bin/sh" scripts?
I would like to let everything as it is.. only disable checking the outgoing mails.

j79
No, you have to use valid procmail syntax for anything in the procmailrc file.
If I understand your script correctly, you are sending the received email via sendmail if it does not contain spam. If you do receive spam, the mail is not fowarded. YOu may have a small problem: It does not look like you are ever deleting the temporary files out.$$

My if you use the redirection to /dev/null that I mentioned in my last comment, you should have exactly the same behavior: No need to create user level .procmailrc files.

Give it a try.
Avatar of j79

ASKER


Let me think... is it correct if I give this to my procmailrc

:0 fw
| /usr/local/filter/postfixfilter

and let my postfixfilter (see copy above) not being started by postfix in master.cf ?
Procmail could start spamassassin by the script and my outgoing messages wouldn't be checked, or?


j79

This could work, but you probably should not start the filter as "filter" (the "f" flag). A filter is something that creates output and Procmail would then use the output and further process it. Because your filter is already sending the mail, you don't want to continue to process anything that the postfixfilter would create (potentially error messages). BUT: You need to make sure that anything that's already filtered will not processed by the filter again! If you don't do anything, the mail will be queued to sendmail in your postfixfilter, and will be received by Postfix again, and will be handed of to Procmail again.

I would not do this however. This will create more overhead, and potentially a mail loop. Just use the redirection to /dev/null for Spam. This much more efficient, and does not create any potential problems.
Avatar of j79

ASKER


I remember now why I didn't use procmail for this issue.
Procmail is checking only spam delivered to a mailbox and not to forwarding addresses.
So I would need to check the user mailbox for spam, to check forwarded addresses for spam but not outgoing messages.

j79

ASKER CERTIFIED SOLUTION
Avatar of Karl Heinz Kremer
Karl Heinz Kremer
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of j79

ASKER


Good idea... I have now to make a script to autmatically add my domains into whitelist but it's not so bad.

Thank you
j79